Privacy Transformation - Issue 37
PRIVACY
GAA tells clubs to stop using WhatsApp due to GDPR concerns
Laois County Board has told clubs to stop using the messaging service WhatsApp due to General Data Protection Regulation (GDPR) concerns around those included in team groups.
Croatian Presidency tempers expectations on ePrivacy progress
The Croatian Presidency of the Council of the European Union is just the latest EU presidency to try to tackle the ePrivacy Regulation. Finland, Romania, Austria and Bulgaria were among the countries that could not figure out ePrivacy during their presidencies, and now it's Croatia's turn at the plate.
Britain could lose access to EU data after series of scandals
Exchange of key security information at risk after Dutch concerns over data protection.
Facebook updates its data privacy controls for users worldwide
Facebook is extending the Off-Facebook Activity tool so all users can take control of data gathered from third-party sites and apps.
NY Times Privacy Project - You Are Now Remotely Controlled
"We celebrated the new digital services as free, but now we see that the surveillance capitalists behind those services regard us as the free commodity. We thought that we search Google, but now we understand that Google searches us. We assumed that we use social media to connect, but we learned that connection is how social media uses us...."
Shoshana Zuboff, author of “The Age of Surveillance Capitalism" explores the exploitation of the human experience in the latest installment of the New York Times' Privacy Project series.
Facebook ‘looking into’ link between Irish website and firm that breached privacy laws
Gript’s arrangement with Cambridge-Analytica-linked business is under scrutiny.
More reporting on this here.
ICO publishes Code of Practice to protect children’s privacy online
The Information Commissioner’s Office has published its final Age Appropriate Design Code – a set of 15 standards that online services should meet to protect children’s privacy.
VIDEO - How Tech Firms Manipulate the Big Decisions we Make
How the web has been stolen from us by a handful of players who harvest our data. Why the Tech Titans are about to get hit by massive legal headwinds.
SECURITY & TECH
Securing Personal Data: a risk-based approach
To mark Data Protection Day 2020 on 28 January, the EU Agency for Cybersecurity launches an online platform to assist in the security of personal data processing.
Ring Doorbell App Packed with Third-Party Trackers
Ring isn't just a product that allows users to surveil their neighbors. The company also uses it to surveil its customers.An investigation by EFF of the Ring doorbell app for Android found it to be packed with third-party trackers sending out a plethora of customer personal data.
DATA BREACH
Data breach: Why it’s time to adopt a risk-based approach to cybersecurity
The recent high-profile ransomware attack on foreign currency exchange specialist Travelex highlights the devastating results of a targeted cyber-attack.
Betting companies given access to UK gov't information on millions of children
Reports suggest a government database was misused for age verification purposes.
ENFORCEMENT
Facebook to Pay $550M to Settle Class Action Case Over Facial Recognition
The settlement in a case over the social network’s Tag Suggestions feature is the latest financial blow the company has taken over its handling of user privacy.
GUIDANCE
Irish DPC - Opinions - Everyone’s got one, but does data protection law apply to them?
We are the national independent authority responsible for upholding the fundamental right of the individual in the EU to have their personal data protected.
ICO - Statement on data protection and Brexit implementation – what you need to do
The UK will leave the European Union on 31 January and enter a Brexit transition period. During this period, which runs until the end of December 2020, it will be business as usual for data protection.
RESOURCES
GDPR Survey 2020 - Mazars - Ireland
71% of companies say that they reported a personal data breach to the Data Protection Commission (DPC), or another supervisory authority, last year, while only 8% believe they are ‘fully compliant’ with the General Data Protection Regulation (GDPR).