Privacy Transformation - Issue 64

PRIVACY

The demise of Privacy Shield may be the end of US-Europe data transfers

The demise of Privacy Shield may be the end of US-Europe data transfers

Increasing restrictions on data worldwide are prompting companies to rethink how they do business.

Why a Data Breach at a Genealogy Site Has Privacy Experts Worried

Why a Data Breach at a Genealogy Site Has Privacy Experts Worried

Nearly two-thirds of GEDmatch’s users opt out of helping law enforcement. For a brief window this month, that didn’t matter.

In related news, the Blackstone Group is set to acquire Ancestry.com.

Privacy advocates sound alarm as thousands of Chinese facial recognition cameras head for Belgrade

Privacy advocates sound alarm as thousands of Chinese facial recognition cameras head for Belgrade

Hundreds of facial recognition cameras, supplied by Huawei, are currently deployed in Serbia’s capital Belgrade, and thousands more are on their way, as part of an initiative police officials have said will make the capital safer.

Credit Scoring: Negative credit rating generated without data

Credit Scoring: Negative credit rating generated without data

NOYB files complaint against CRIF. "Pulling a name from a hat is fairer than these credit scores".

SECURITY & TECH

UK National Trust joins victims of Blackbaud hack

UK National Trust joins victims of Blackbaud hack

The charity says a database containing details of its volunteers and fundraisers has been affected.

TikTok to open $500m data centre in Ireland

TikTok to open $500m data centre in Ireland

The firm says the move represents its "long-term commitment to Europe".

Twitter reveals how Bitcoin scammers hijacked celebrities' accounts

Twitter reveals how Bitcoin scammers hijacked celebrities' accounts

Twitter has revealed how accounts belonging to celebrities including Barack Obama, Jeff Bezos and Kim Kardashian were hijacked by Bitcoin scammers two weeks ago.

DATA BREACH

What’s New in the 2020 Cost of a Data Breach Report?

What’s New in the 2020 Cost of a Data Breach Report?

Now in its 15th year, the annual Cost of a Data Breach Report, with research by the Ponemon Institute and published by IBM Security, continues to provide a detailed view of the financial impacts security incidents can have on organizations, with historical data revealing trends in data breach causes and consequences.

ENFORCEMENT

British Airways banking on drastic reduction of record GDPR fine

British Airways banking on drastic reduction of record GDPR fine

British Airways has hinted that it will qualify for a nearly 90 percent reduction of its original GDPR fine (U.S. $230 million) and end up paying just $26 million.

National Credit Register (BKR) fined for personal data access charges

National Credit Register (BKR) fined for personal data access charges

The National Credit Register (BKR) in the Netherlands can no longer charge people who wish to access the personal data it holds on them. The BKR had created too many obstacles for people wishing to access their data. Under privacy legislation, this is not permitted. As a result, the Dutch Data Protection Authority (Dutch DPA) issued the BKR with a €830,000 fine.

DANISH SUPERVISORY AUTHORITY

147,000 EUR for Non-compliance with general data processing principles [more info]

FRENCH SUPERVISORY AUTHORITY

250,000 EUR sanction has been issued by CNIL to an online shoe retailer for breaches of data protection principles [more info]

ROMANIAN SUPERVISORY AUTHORITY

2,000 EUR for insufficient fulfilment of data subjects rights [more info]

2,000 EUR for insufficient technical and organisational measures to ensure information security [more info]

5,000 EUR for insufficient technical and organisational measures to ensure information security [more info]

More on the latest GDPR enforcement news can be found on:

enforcementtracker.com

GUIDANCE

IAPP: DPA and government guidance on ‘Schrems II’

IAPP: DPA and government guidance on ‘Schrems II’

This IAPP Resource Center page collects together DPA and government guidance on 'Schrems II' as it comes out.

RESOURCES

Deloitte: Cookie Benchmark Study

How are organisations navigating their way towards cookie compliance in this changing legal environment? The European regulators are focusing on cookies: the rules under the ePrivacy Directive are being updated to be incorporated in its successor, the ePrivacy Regulation.