Data stolen from an environmental regulator in Scotland in a cyberattack has now been published online. The Scottish Environment Protection Agency (SEPA) earlier this month revealed at least 4,000 files containing 1.2GB were stolen in an ongoing ransomware attack that began on Christmas Eve. SEPA said yesterday that data accessed through the attack has now […]
Author: Carl Brown
GDPR fines increase 19% year-on-year as regulators ‘test limits of powers’
Daily breaches of the General Data Protection Regulation (GDPR) increased 19% in the last 12 months compared to the previous year, according to research. International law firm DLA Piper said there were 331 breaches in the 12 months from 28 January 2020, compared to 278 a day the previous year. Ross McKean, chair of DLA […]
Biden names cybersecurity and privacy chiefs
US President Joe Biden’s choices as secretary of the Department of Homeland Security (DHS) and director of national intelligence (DNI) say they will make bolstering the country’s cybersecurity a priority. Nominees Alejandro Mayorkas (DHS) and Avril Haines (DNI) highlighted the need to secure the government against cyber threats following discovery of the Russian hack of […]
PrivSec Job Focus: Heidi Mäkelä, senior legal counsel, Telia Finland
In this week’s Q&A, Heidi Mäkelä describes the importance of understanding the relationship between customer experience and privacy What is your full job title? I am a senior legal counsel specialized in privacy and confidentiality of communication (and CIPP/E) working in Telia Finland, a Telecommunications, Media and ICT company in Finland and part of Telia […]
App developer settles facial recognition deception case with FTC
Everalbum has reached an agreement with the US Federal Trade Commission (FTC) following allegations it deceived consumers about the use of facial recognition technology by its Ever cloud photo storage app and retention of photos and videos of users who had deactivated their accounts. Ever was shut down last August. As part of the proposed […]
WhatsApp delays privacy policy changes following Facebook data-sharing concern
WhatsApp has announced a three-month delay to changes to its privacy policy following concerns over mandatory data-sharing with parent company Facebook. The messaging platform had previously announced that from 8 February users would need to agree to some of their data being shared with Facebook if they wish to continue using the service. This included […]
4,000 files feared stolen in cyber attack on Scottish regulator
An environmental regulator in Scotland has confirmed that at least 4,000 files have been accessed and likely stolen by criminals in an ongoing cyberattack on its systems. The Scottish Environment Protection Agency (SEPA) said 1.2GB of data was stolen, including information not publicly available. SEPA also said this week that it believed the attack, which […]
PrivSec Job Focus: Paul Lanois, Director, Fieldfisher
In our latest reader-submitted Q&A, Paul Lanois talks about the ever-evolving nature of privacy What is your full job title? My full job title is Director, Technology, Outsourcing and Privacy, at Fieldfisher (a European law firm) in their Silicon Valley (USA) office. Which industry do you work in? My practice covers information governance, data protection, privacy, cybersecurity […]
German retailer vows to fight €10.4million GDPR fine for video-monitoring employees
An online electronics retailer fined for GDPR breaches over its use of video cameras in the workplace has branded its $10.4m fine “unlawful” and vowed to fight it. Notebooksbilliger.de AG (NBB) was issued with the fine last month by the State Commissioner for Data Protection (LfD) Lower Saxony. LfD said the company had video-monitored its […]
Tik Tok changes privacy settings for teenage users
Video-sharing platform Tik Tok has announced changes aimed at improving privacy and safety for teens. The social networking site said yesterday that it is changing the default setting for all registered accounts belonging to 13 to 15 year olds to “private”. This means only someone who the user approves can view the videos. Eric Han, […]