10 things we learnt from PrivSec Global

All the talking points and takeaways from this week’s global live stream experience. This week, many of the world’s leading privacy, data protection and cyber security professionals turned on and tuned in to our PrivSec Global virtual event The event, organised by PrivSec Report publisher GRC World Forums, featured four whole days of keynote sessions, […]

Improving outcomes for children through ethical data use

Alex Hutchison explains the work of The Data for Children Collaborative with UNICEF, a partnership between UNICEF, The Scottish Government and the University of Edinburgh’s Data Driven Innovation Programme, and how it uses data and data science to improve the lives of children around the world.  The Data for Children Collaborative with UNICEF was established just a year […]

French food retail giant Carrefour fined €3m for GDPR breaches

The French multinational retailer Carrefour has been fined €3m for multiple data protection failings. Data protection agency CNIL has fined two companies of the Carrefour Group for breaches of GDPR in several areas, including the obligation to inform individuals, use of cookies, limiting the retention of data, the obligation to facilitate the exercise of rights […]

UK businesses face aggregate costs of up to 1.6 billion if no adequacy decision post-Brexit transition period, report finds

The cost to UK businesses of not receiving an adequacy decision from the European Commission could total between £1 billion and £1.6 billion, according to a new report by think tank New Economics Foundation and UCL European Institute. The report, compiled from interviews with 60 EU and UK legal professionals, data protection officers, business representatives […]

All at (Priva) Sea? Brexit and Data Protection

PrivSec Report looks at some of the issues facing data protection professionals impacted by Brexit as the end to the transition period draws near.  June 2016’s UK referendum on EU membership ushered in stormy waters between the UK and Europe. Four years on, and the UK is approaching the end of the transition period – […]

German court slashes ‘unreasonably high’ GDPR fine by 90%

A €9.55m fine for a telecommunications service provider for breaching GDPR has been reduced to just €900,000 by a German appeals court. 1&1 Telecom GmbH was handed the original fine last December by the Federal Commissioner for Data Protection and Freedom of Information (BfDI) after it emerged that people calling the company’s customer service hotline […]

EDPB issues draft guidance on supplemental measures for data transfers following Schrems II

The European Data Protection Board (EDPB) has recommended measures to supplement personal data transfer tools to ensure compliance with EU standards when transferring data to non-EU “third countries”. Following the Schrems II ruling, which struck down the Privacy Shield between the US and EU in July, many controllers have been relying on Standard Contractual Clauses […]

Legal action brought against ICO over alleged Adtech GDPR breaches

UK privacy campaigners The Open Rights Group (ORG) yesterday announced their intention to bring legal action against the UK data protection regulator. The ORG claims that the Information Commissioner’s Office (ICO) has failed to stop unlawful practices by the digital advertising technology, or Adtech industry. ORG Executive Director Jim Killock and Dr Michael Veale, a […]

EU finance ministers call for GDPR clarity as they back greater info-sharing to tackle money laundering

EU finance ministers are calling for clarity on data protection rules as they seek to harmonise anti money laundering regulations across Europe. The European Union’s ECOFIN council yesterday backed plans to establish a single rule-book and centralised supervision of anti-money laundering and terrorist financing. As part of the reform plan, ministers want the European Commission […]