Privacy Transformation - Issue 56
PRIVACY
Next government needs to create a national public genome project
Tomorrow is an important deadline. It’s the final day for Irish people who have donated brain tissue samples (or a donor’s family, if the individual is deceased) to decide whether to allow their DNA be used in ways not originally consented to when the sample was given.
EU Council Presidency Releases Progress Report on Draft ePrivacy Regulation
On June 3, 2020, the Presidency of the Council of the European Union published a progress report on the current Draft ePrivacy Regulation.
Opinion: How to operationalise privacy by design
Privacy professionals generally understand, at least conceptually, what it means to implement privacy by design. If further guidance is needed, we can look t...
EDPB: Thirty-first Plenary session
During its 31st plenary session, the EDPB decided to establish a taskforce to coordinate potential actions and to acquire a more comprehensive overview of TikTok’s processing and practices across the EU, and adopted a letter with regard to the use of Clearview AI by law enforcement authorities. In addition, the EDPB adopted a response to the ENISA advisory group and a letter in response to an Open Letter from NOYB.
SECURITY & TECH
IBM abandons 'biased' facial recognition tech
But some question whether the gesture is largely symbolic, as it's not a major product for the firm. This news comes as Amazon has announced a one-year moratorium on police use of its facial recognition technology.
IoT Security Is a Mess. Privacy 'Nutrition' Labels Could Help
Just like with foods that display health information the package, researchers are exploring a tool that details how connected devices manage data.
DATA BREACH
Babylon Health admits GP app suffered a data breach
The video call app allowed some patients to see recordings of others' sessions with medics.
ENFORCEMENT
Spanish DPA issues fines worth 169K euros
Spain's data protection authority, the Agencia Española de Protección de Datos, announced four fines, including three EU General Data Protection Regulation penalties, totaling 169,000 euros.
More on the latest GDPR enforcement notices can be found on:
RESOURCES
Sharing is caring: technical cooperation across CSIRTs, LE and the judiciary
In an effort to estimate the degree of maturity of the technical cooperation across national and governmental CSIRTs, law enforcement agencies (LEAs) and the judiciary when it comes down to cybercrime investigation, ENISA has prepared a report that focuses on the tools of these communities to cooperate among themselves and counter cybercrime.
CNIL: GDPR Guide for Developers
The Developer's Guide to GDPR provides a first approach to the main principles of GDPR and the different points of attention to consider when developing and deploying applications that respect the privacy of users.
CNIL: 2019 Activity Report
France's data protection authority has released its 2019 activity report. [Only available in French]
Report: EU-U.S. Privacy Shield, Brexit and the Future of Transatlantic Data Flows
This report analyses the issues raised by EU-U.S. commercial data flows, including the future status of the Privacy Shield framework and standard contractual clauses (SCCs).