Privacy Transformation - Issue 95
PRIVACY
Surveillance Concerns Could Hold Up European-U.S. Data Agreement for Years
EU Justice Commissioner, Didier Reynders, has warned that negotiations with the U.S. over a new data-transfer agreement could take years rather than months.
EDPB Statement on the ePrivacy Regulation
The EDPB has strongly rejected the notion of encryption "backdoors" for police or national security, in its statement on the draft ePrivacy Regulation:
"End-to-end encryption, from the sender to the recipient, is also the only way to ensure full protection of data in transit. Any possible attempt to weaken encryption, even for purposes such as national security would completely devoid those protection mechanisms due to their possible unlawful use."
EDPB adopts ePrivacy statement, joint opinion with EDPS on Data Governance Act
The European Data Protection Board adopted a statement on the draft ePrivacy Regulation during its 46th plenary session. The EDPB and EDPS also adopted a joint opinion on the proposed Data Governance Act.
SECURITY & TECH
UK NCSC Weekly Threat Report
The NCSC's weekly threat report is drawn from recent open source reporting.
NotifyMe, a new app to relaunch social events
NotifyMe is a new Swiss app that alerts people who attended an event where there was a risk of COVID-19 infection. It uses a protocol developed primarily at EPFL by some the same contributors to the development the DP3T protocol, which is privacy-focused protocol used as the basis for the SwissCovid app.
Google Is Taking Away the Cookies and Plans to FLoC Us All Instead
Google recently announced what looks like a major improvement in digital privacy. But it's mostly more of the same: Ads targeted based on our online activity.
Microsoft hack: White House warns of 'active threat' of email attack
The tech giant says a state-sponsored group operating out of China is breaching email servers.
Swiss Digital identity scheme shot down by voters over data privacy concerns
A clear majority of voters in Switzerland have rejected a law governing a proposed electronic identity system.
Clubhouse's Security and Privacy Lag Behind Its Explosive Growth
The platform has promised to do better after a string of incidents. But the hardest part might be managing user expectations.
DATA BREACH
Personal information of Fastway customers compromised in cyber attack
Fastway Couriers has confirmed that customers’ personal information has been compromised in a cyber-attack. However, the company said that no financial data was compromised in the data breach.
A statement said that one of the company's IT systems "has been subject of a cyber-attack, the consequence of which has been that client data, including customers’ personal information, has been compromised."
ENFORCEMENT
UK ICO fines firms for sending more than 2.7 million spam text messages during the pandemic
Two separate companies that sent nuisance text messages during the Covid-19 pandemic have been fined a total of £330,000 by the Information Commissioner’s Office. Messages from one of the firms prompted a record 10,000 complaints.
More on the latest GDPR enforcement news can be found on:
GUIDANCE
UK ICO: Supporting UK democracy through data protection with new political campaigning guidance
In a year where the challenges of the pandemic have prompted digital innovation in so many aspects of our lives, it is no surprise that campaigning for the upcoming elections in England, Scotland and Wales will be a little different.
EDPS Opinion on the Proposal for Amendment of the Europol Regulation
EDPS Opinion 4/2021 on the Proposal for Amendment of the Europol Regulation.
RESOURCES
ENISA Report: Remote ID Proofing
This report provides an overview of the most common methods for identity proofing with some examples received by stakeholders, presents the current legal / regulatory landscape and supporting standards at the international and EU level and provides the status quo in the European Countries of their remote identity proofing laws, regulations and practices.
The Artificial Intelligence Index Report
This year we significantly expanded the amount of data available in the report, worked with a broader set of external organizations to calibrate our data, and deepened our connections with Stanford HAI.
CONTRIBUTE
Have an interesting article, book, video, podcast or other data protection or privacy resource that you would like to share with fellow privacy practitioners? Feel free to drop me a note.