Privacy Transformation - Issue 30
PRIVACY
Ireland National Children's Hospital Chooses Hikvision End-to-End With Facial Recognition
The world's most expensive hospital project ever has chosen Hikvision but privacy experts and an Irish politician raised serious concerns.
How do I protect my online privacy from 'surveillance capitalism'?
Chris wants to better protect his privacy. What can he easily do besides de-Googling his online life?...
Chinese residents worry about rise of facial recognition
A study by a Beijing-based body indicates many are worried about their biometric data being hacked.
Talend Report Showcases Low GDPR Compliance Rates for Data Subject Access Requests
Talend’s new survey shows that less than half of all companies and public sector organizations were able to respond to a Data Subject Access Request within the time period stipulated by GDPR.
Therrien calls for rights-based privacy laws in annual report
Privacy Commissioner of Canada Daniel Therrien believes the country is having a crisis of trust. Canadians want to safely enjoy the benefits of technology; however, privacy laws in their current iteration do not go far enough to protect citizens’ rights, according to the commissioner.
SECURITY & TECH
Human insight remains essential to beat the bias of algorithms
When it comes to bias and artificial intelligence, there is a common belief that algorithms are only as good as the numbers plugged into them. But the focus on algorithmic bias being concentrated entirely on data has meant we have ignored two aspects of this problem: the deep limitations of existing algorithms and, more importantly, the role of human problem solvers.
Google Maps reveals updates aimed at boosting data privacy
The mapping service is introducing new tools to its iOS and Android apps.
ENFORCEMENT
Data Commissioner issues enforcement notice in respect of public services card
The Data Protection Commissioner (DPC) has served the Department of Employment Affairs and Social Protection with an enforcement notice regarding the stated illegality of the public services card.
Insufficient authentication procedure - €9,550,000 Fine
The Controller is company offering telecommunication services. A caller could obtain extensive information on personal customer data from the company's customer service department simply by entering a customer's name and date of birth. [Source in German]
Lack of appointment of data protection officer - €10,000 Fine
Despite repeated requests of the BfDI the company (an internet provider) did not comply with its legal obligation under Article 37 GDPR to appoint a data protection officer. [Source in German]
GUIDANCE
Guidelines 5/2019 on the criteria of the Right to be Forgotten in the search engines cases under the GDPR
Guidelines 5/2019 on the criteria of the Right to be Forgotten in the search engines cases under the GDPR (part 1).
RESOURCES
Behind the One-Way Mirror: A Deep Dive Into the Technology of Corporate Surveillance
It's time to shed light on the technical methods and business practices behind third-party tracking. For journalists, policy makers, and concerned consumers, this paper will demystify the fundamentals of third-party tracking, explain the scope of the problem, and suggest ways for users and legislation to fight back against the status quo.
Privacy Papers 2019
A collection of the winners of the 2019 Privacy Papers for Policymakers (PPPM) awards.
On Location, Time, and Membership: Studying How Aggregate Location Data Can Harm Users’ Privacy
The increasing availability of location and mobility data enables a number of applications, e.g., enhanced navigation services and parking, context-based recommendations, or waiting time predictions at restaurants, which have great potential to improve the quality of life in modern cities. However, the large-scale collection of location data also raises privacy concerns, as mobility patterns may reveal sensitive attributes about users.