Privacy Transformation - Issue 45
PRIVACY
Data privacy erosions could leave a dangerous legacy
When an image circulated on Twitter last week showing colour-coded data from more than a million smart thermometers plotted to a map of the United States, it created a sensation. Areas with fever-level readings from the thermometers, highlighted in orange and red, stood out against cooler colours for normal temperatures. Fever zones closely matched many known coronavirus clusters. Except, dramatically, in one place: Florida... [read more]
Privacy in a time of corona
The current unfolding catastrophe has the rights to privacy and data protection under siege (or in lockdown, if you prefer) because, of course, all problems in the world would be solved if only we could ditch those constraints on the use of others people’s personal data.
A Closer Look at Location Data: Privacy and Pandemics
In light of COVID-19, there is heightened global interest in harnessing location data held by major tech companies to track individuals affected by the virus, better understand the effectiveness of social distancing, or send alerts to individuals who might be affected based on their previous proximity to known cases.
SECURITY & TECH
Working from home risks online security and privacy – how to stay protected
Remote working can be a blessing. More time with family, less commuting, and meetings from the comfort of your living room. But as millions across the world switch to working from home due to the COVID-19 pandemic, they may be putting the security and privacy of themselves, their families and their employers at risk.
Also relavant is this weeks resource from the DPC on Protecting Personal Data When Working Remotely.
DATA BREACH
There is a Serious Lack of Corporate Responsibility During Breach Disclosures
Security specialist Troy Hunt speaks about the difficulties often encountered in responsibly disclosing breaches to the companies whose customers they affect.
ENFORCEMENT
Norweigan DPA - Store fined after CCTV footage is circulated
A Norweigan store has been fined €34,800 after the store manager circulated CCTV footage after recording the video on their phone.
Croatian DPA - Bank fined for refusing Data Subject Access Request
A bank refused to fulfill data subject access requests to credit documentation relating to loan repayments and other activities. Despite the DPA ordering the bank to facilitate these requests, they failed to comply. The fine has yet to be determined, but is expected to be severe, given the banks lack of cooperation.
More on the latest GDPR enforcement notices can be found on:
GUIDANCE
DPC - Covid 19 and Subject Access Requests
Do the timelines for responding to GDPR data subject requests still apply where an organisation is temporarily closed or capacity to handle requests is curtailed because of COVID-19?
DPC: Protecting Personal Data When Working Remotely
Measures to control and prevent the spread of COVID-19 will involve more people working remotely than usual. These are some tips to keep personal data safe when working away from the office.
RESOURCES
Privacy International - Tracking the Global Response to COVID-19
Privacy International have launched an initiative to monitor the various technical and operational measures taken around the world to repsond to COVID-19.
ENISA - Launch cybersecurity platform: get involved and educate yourself
The new whitepaper on “Cybersecurity Skills Development in the EU” focuses on the state of the cybersecurity education system and the difficulty in attracting more students to cybersecurity studies. It looks at how we can increase the number of graduates with relevant cybersecurity knowledge and skills.