British MPs warn UK-Japan trade deal has “profound implications for privacy” in open letter to the government

A group of cross-party MPs say the UK-Japan trade deal has “profound implications for privacy and for international trade” and urges the government to provide more information before the Agreement is assented on or before December 7. In an open letter to Liz Truss, secretary of state for the Department of International Trade, the MPs […]

Thousands set to attend four-day PrivSec Global 2020 virtual event

Thousands will attend the PrivSec Global 2020 virtual event over the next four days. The event offers exclusive four days of content from data protection, privacy and security leaders from across the globe, bringing together 10,000 professionals. PrivSec Global will deliver inspiring keynote speakers and explore new technologies and platforms. It will feature discussions about […]

French food retail giant Carrefour fined €3m for GDPR breaches

The French multinational retailer Carrefour has been fined €3m for multiple data protection failings. Data protection agency CNIL has fined two companies of the Carrefour Group for breaches of GDPR in several areas, including the obligation to inform individuals, use of cookies, limiting the retention of data, the obligation to facilitate the exercise of rights […]

European Commission proposes new rules on data governance

The European Commission has published proposals for new rules on data governance in a bid to enable easier data-sharing between sectors and member states. Under the plan, published yesterday, “neutral and transparent” data intermediaries would be used to organise data sharing and pooling of data to increase trust. This would represent an alternative model to […]

UK businesses face aggregate costs of up to 1.6 billion if no adequacy decision post-Brexit transition period, report finds

The cost to UK businesses of not receiving an adequacy decision from the European Commission could total between £1 billion and £1.6 billion, according to a new report by think tank New Economics Foundation and UCL European Institute. The report, compiled from interviews with 60 EU and UK legal professionals, data protection officers, business representatives […]

Manchester United network suffers “sophisticated” internal cyber attack

On Friday, Manchester United announced that a “sophisticated operation by organised cyber criminals” had occurred. An investigation is underway, but the club said they did not believe that any personal data belonging to employees or customers had been accessed. Impacted systems were immediately shut down to contain the attack. Most of the club’s digital operations […]

Trump fires CISA Director over statement on US election security

The Director of the Cybersecurity and Infrastructure Security Agency (CISA) was fired by Donald Trump yesterday because he authorised a statement saying that the election was “the most secure in American history.” President Trump announced the sacking in two tweets. He said: “The recent statement by Chris Krebs on the security of the 2020 Election […]

German court slashes ‘unreasonably high’ GDPR fine by 90%

A €9.55m fine for a telecommunications service provider for breaching GDPR has been reduced to just €900,000 by a German appeals court. 1&1 Telecom GmbH was handed the original fine last December by the Federal Commissioner for Data Protection and Freedom of Information (BfDI) after it emerged that people calling the company’s customer service hotline […]

EDPB issues draft guidance on supplemental measures for data transfers following Schrems II

The European Data Protection Board (EDPB) has recommended measures to supplement personal data transfer tools to ensure compliance with EU standards when transferring data to non-EU “third countries”. Following the Schrems II ruling, which struck down the Privacy Shield between the US and EU in July, many controllers have been relying on Standard Contractual Clauses […]