US law enforcement body, the FBI, says it has seen a spike in unemployment insurance claims using stolen personally identifiable information (PII). Methods utilised by criminals include online purchase of stolen PIIs, previous data breaches, computer intrusions, cold-calling victims in impersonation scams, phishing, physical theft of data, and from public websites and social media accounts. […]
Tech giants halt cooperation with Hong Kong authorities
Microsoft, Google, Facebook, Twitter and other major technology companies say they have suspended processing requests for user data from Hong Kong authorities after China’s new national security law come into force late June. Provisions include police having more power to demand information or compel companies to take down information from the internet, as well as […]
Schrems vs Facebook: keynote speaker confirmed for Last Thursday in Privacy
Austrian privacy activist Max Schrems has been confirmed as a keynote speaker at the next Last Thursday in Privacy virtual event on 30 July, only two weeks after a verdict is expected in his case against Facebook. Schrems, founder of privacy enforcement platform None of Your Business, has been one of the world’s leading opponents […]
ICO publishes contact-tracing guidance
The UK’s data protection body, the ICO, has issued privacy protection advice to businesses re-opening as the Covid-19 lockdown eases in the four nations. With pubs, restaurants and hotels having to collect customers’ contact details, concerns have been raised about the information being used other than for tracing people, when required, to suppress the spread […]
Italian DPA fines bank for data breach
Garante, Italy’s data protection authority (DPA), has ordered a bank to pay €600,000 ($675,000) for “abusive access” to personal data of more than 700,000 customers. The breach was carried out by some employees of an external commercial partner of the bank and involved information such as contact details, profession, level of study and identification document […]
Facebook fixes data-sharing flaw
Social media platform Facebook says it has overcome a bug which allowed third-party app developers to receive user data longer than promised. The company discovered that in some instances apps continued to receive data when the app had not been used for 90 days, a data-gathering limit announced in 2018, vice-president of platform partnerships Konstantinos […]
British regulators join forces to ensure good online services
The Information Commissioner’s Office (ICO), communications’ regulator Ofcom and the anti- trust watchdog, Competition and Markets Authority, have established a forum to make sure online services work well for consumers and businesses in the UK. “With the unique challenges posed by digital markets and services, and an evolving landscape as the EU transition arrangements end […]
Woolworths pays $1m for spamming
Australian supermarket chain Woolworths has paid a A$1,003,800 (US$700,000) penalty and agreed to court-enforceable undertakings with the Australian Communications and Media Authority (ACMA). The communications’ regulator found the Woolworths Group had committed more than 5m breaches of the Spam Act (2003) by sending marketing emails to consumers after they had unsubscribed. The emails were sent […]
MIDDLE EAST FOCUS: PRIVSEC BRIEFING ON DIFC DATA PROTECTION LAW
Purpose: Understand the changes in Dubai data protection law, how it compares to GDPR and its wider impact on the MEASA region. Key points DIFC updated its Data Protection Law 1 June 2020 The Data Protection Regulations increase privacy compliance requirements for businesses registered in the DIFC and expands data subjects’ rights It provides a […]
Pints and privacy – easing lockdown in UK hospitality industry
Boris Johnson recently announced the largest easing of lockdown measures since restrictions came into place on March 23rd. This Saturday, English hospitality venues such as bars, pubs and restaurants will be allowed to reopen as long as they maintain social distancing rules. Under new guidelines, businesses may have to collect personal details in case customers […]
Danish DPA refers municipality to police for GDPR violation
Denmark’s data protection authority Datatilsynet is reporting the municipality of Lejre to the police for failing to provide an appropriate level of computer security. After the council reported a breach of personal data, Datatilsynet says it became aware the municipality’s children and young people department included information of a particularly sensitive and protective nature of […]