Privacy Transformation - Issue 37

PRIVACY

GAA tells clubs to stop using WhatsApp due to GDPR concerns

GAA tells clubs to stop using WhatsApp due to GDPR concerns

Laois County Board has told clubs to stop using the messaging service WhatsApp due to General Data Protection Regulation (GDPR) concerns around those included in team groups.

Croatian Presidency tempers expectations on ePrivacy progress

Croatian Presidency tempers expectations on ePrivacy progress

The Croatian Presidency of the Council of the European Union is just the latest EU presidency to try to tackle the ePrivacy Regulation. Finland, Romania, Austria and Bulgaria were among the countries that could not figure out ePrivacy during their presidencies, and now it's Croatia's turn at the plate.

Britain could lose access to EU data after series of scandals

Exchange of key security information at risk after Dutch concerns over data protection.

Facebook updates its data privacy controls for users worldwide

Facebook updates its data privacy controls for users worldwide

Facebook is extending the Off-Facebook Activity tool so all users can take control of data gathered from third-party sites and apps.

NY Times Privacy Project - You Are Now Remotely Controlled

NY Times Privacy Project - You Are Now Remotely Controlled

"We celebrated the new digital services as free, but now we see that the surveillance capitalists behind those services regard us as the free commodity. We thought that we search Google, but now we understand that Google searches us. We assumed that we use social media to connect, but we learned that connection is how social media uses us...."

Shoshana Zuboff, author of “The Age of Surveillance Capitalism" explores the exploitation of the human experience in the latest installment of the New York Times' Privacy Project series.

Facebook ‘looking into’ link between Irish website and firm that breached privacy laws

Gript’s arrangement with Cambridge-Analytica-linked business is under scrutiny.

More reporting on this here.

ICO publishes Code of Practice to protect children’s privacy online

ICO publishes Code of Practice to protect children’s privacy online

The Information Commissioner’s Office has published its final Age Appropriate Design Code – a set of 15 standards that online services should meet to protect children’s privacy.

VIDEO - How Tech Firms Manipulate the Big Decisions we Make

VIDEO - How Tech Firms Manipulate the Big Decisions we Make

How the web has been stolen from us by a handful of players who harvest our data. Why the Tech Titans are about to get hit by massive legal headwinds.

SECURITY & TECH

Securing Personal Data: a risk-based approach

Securing Personal Data: a risk-based approach

To mark Data Protection Day 2020 on 28 January, the EU Agency for Cybersecurity launches an online platform to assist in the security of personal data processing.

Ring Doorbell App Packed with Third-Party Trackers

Ring Doorbell App Packed with Third-Party Trackers

Ring isn't just a product that allows users to surveil their neighbors. The company also uses it to surveil its customers.An investigation by EFF of the Ring doorbell app for Android found it to be packed with third-party trackers sending out a plethora of customer personal data.

DATA BREACH

Data breach: Why it’s time to adopt a risk-based approach to cybersecurity

Data breach: Why it’s time to adopt a risk-based approach to cybersecurity

The recent high-profile ransomware attack on foreign currency exchange specialist Travelex highlights the devastating results of a targeted cyber-attack.

Betting companies given access to UK gov't information on millions of children

Betting companies given access to UK gov't information on millions of children

Reports suggest a government database was misused for age verification purposes.

ENFORCEMENT

Facebook to Pay $550M to Settle Class Action Case Over Facial Recognition

Facebook to Pay $550M to Settle Class Action Case Over Facial Recognition

The settlement in a case over the social network’s Tag Suggestions feature is the latest financial blow the company has taken over its handling of user privacy.

GUIDANCE

Irish DPC - Opinions - Everyone’s got one, but does data protection law apply to them?

Irish DPC - Opinions - Everyone’s got one, but does data protection law apply to them?

We are the national independent authority responsible for upholding the fundamental right of the individual in the EU to have their personal data protected.

ICO - Statement on data protection and Brexit implementation – what you need to do

The UK will leave the European Union on 31 January and enter a Brexit transition period. During this period, which runs until the end of December 2020, it will be business as usual for data protection.

RESOURCES

GDPR Survey 2020 - Mazars - Ireland

71% of companies say that they reported a personal data breach to the Data Protection Commission (DPC), or another supervisory authority, last year, while only 8% believe they are ‘fully compliant’ with the General Data Protection Regulation (GDPR).