An environmental regulator in Scotland has confirmed that at least 4,000 files have been accessed and likely stolen by criminals in an ongoing cyberattack on its systems. The Scottish Environment Protection Agency (SEPA) said 1.2GB of data was stolen, including information not publicly available. SEPA also said this week that it believed the attack, which […]
PrivSec Job Focus: Paul Lanois, Director, Fieldfisher
In our latest reader-submitted Q&A, Paul Lanois talks about the ever-evolving nature of privacy What is your full job title? My full job title is Director, Technology, Outsourcing and Privacy, at Fieldfisher (a European law firm) in their Silicon Valley (USA) office. Which industry do you work in? My practice covers information governance, data protection, privacy, cybersecurity […]
German retailer vows to fight €10.4million GDPR fine for video-monitoring employees
An online electronics retailer fined for GDPR breaches over its use of video cameras in the workplace has branded its $10.4m fine “unlawful” and vowed to fight it. Notebooksbilliger.de AG (NBB) was issued with the fine last month by the State Commissioner for Data Protection (LfD) Lower Saxony. LfD said the company had video-monitored its […]
Tik Tok changes privacy settings for teenage users
Video-sharing platform Tik Tok has announced changes aimed at improving privacy and safety for teens. The social networking site said yesterday that it is changing the default setting for all registered accounts belonging to 13 to 15 year olds to “private”. This means only someone who the user approves can view the videos. Eric Han, […]
BA facing potential ‘£800m’ lawsuit over data breach
British Airways (BA) is potentially facing the largest privacy class-action lawsuit in UK history over its mass customer data breach that affected 400,000 people, according to a law firm involved. More than 16,000 people are now understood to have joined a case seeking compensation from the airline over the 2018 incident. PGMBM, the law firm […]
Whitepaper: Legally sound consent management- everything you need to know
Classification, checklists and practical tips for the correct approach to cookies and other web technologies. Consent in everyday life consists mainly of a “yes or no” question. In contrast, the General Data Protection Regulation (GDPR) adopts a far more multi-layered term for consent and links strict requirements to valid consent. A simple situation which becomes […]
Five Eyes network warns ePrivacy directive change will make online child abuse easier
The intelligence-sharing network Five Eyes has reportedly warned that changes to the European Union’s ePrivacy directive will hamper efforts to combat online child abuse. An amendment to the European Electronic Communications Code, which came into force on December 21, extends the scope of privacy rules to ‘Over-the-top’ applications, including instant messaging services such as Facebook […]
New Zealand reserve bank hit by cyberattack
The Reserve Bank of New Zealand has been hit by a cyberattack which may have compromised commercially and personally sensitive information. The bank in a statement earlier today said it was responding “with urgency” after a third-party file sharing service it uses to share information with external stakeholders was hit. It is working to confirm […]
UK competition watchdog opens probe into Google privacy changes
Google’s ‘Privacy Sandbox’ plan to remove third party cookies from its Chrome browser is being probed by a regulator in the United Kingdom over concerns it would be anticompetitive. The tech giant’s proposals, which have yet to be finalised, would see third party cookies disabled on its Chrome and Chromium browsers. These cookies currently help […]
When is a government database actually safe?
How can data still be protected even when a government can’t access the servers that hold it? Taavi Kotka makes the case for “Data Embassies” as a backup for governments to use in times of emergency. Both prior to and now thanks to Covid-19, we see governments rushing to digitalise their bureaucracies, both internally and […]
Data stolen in cyber attack on London local authority ‘has been published’
Criminals responsible for a cyber attack on Hackney Council’s IT systems have now published some of the stolen data, according to the London borough. The council yesterday provided an update on the investigation into the October attack, which caused widespread disruption to public services. In a statement, it said some of the stolen data has […]