ICO clarifies GDPR Subject Access Request time limit pause in updated guidance

The Information Commissioner’s Office in the UK has updated its guidance on the right to access, including clarifying the circumstances in which the one-month time limit clock can be paused. The new version of the guidance has been published following a consultation that began last December. The guidance makes it clear that an organisation in […]

ICO probes complaints following allegations Wagamama used Covid-19 track and trace data to survey customers

Wagamama customers in the UK have allegedly been sent a survey after sharing contact details for Covid-19 contact tracing, The Times reports. The Information Commissioner’s Office (ICO) is now making enquiries after receiving a number of complaints about the restaurant chain. UK regulations state that hospitality venues including restaurants must ask at least one member […]

Trust, privacy and combatting crime: the tech behind Singapore’s facial verification ID scheme

Singapore is to become the first government in the world to grant citizens access to services online using facial verification and UK-based provider iProov has won the contract. PrivSec Report speaks to the firm’s founder Andrew Bud about the technology and issues of privacy, anti-money laundering, security and trust.   One of the most notable […]

Bharti Airtel blames controversial privacy policy wording on a ‘clerical error’

Indian telecommunications company Bharti Airtel says a clerical error led to a discrepancy in its privacy policy, which stated the company shared personal information including genetic data with third parties. Subscribers of the service took to social media to post screenshots of the contentious privacy policy, which included a generic statement under ‘collection of personal […]

Half of large companies to adopt privacy-enhancing computation by 2025, Gartner predicts

Half of large organisations will implement privacy-enhancing computation for processing data in untrusted environments within five years, Gartner has predicted. The global research firm this week released its Top Strategic Technology Trends for 2021 report in which it identifies the key emerging technologies in the year ahead and beyond. Gartner believes that the maturing of […]

Identifying, verifying and authenticating customers in banking – what are the options?

PrivSec Report looks at some of the identification and verification technologies currently being used to ensure privacy and security in an increasingly complex banking landscape while ensuring user experience remains positive.   In the modern world we are more connected than ever before. We can shop, socialise and conduct business in a myriad of different […]

Facebook’s lead European regulator investigates Instagram’s processing of children’s data

UPDATE 20/10/20: This article was updated to include a comment from Facebook. Ireland’s Data Protection Commission (DPC) has launched two statutory inquiries into the processing of children’s data on Facebook-owned social media platform, Instagram. In the first, the DPC will look at Facebook’s reliance on certain legal bases for processing children’s personal data on Instagram, whether […]

IAB Europe warns of ‘chilling effect’ on open-source compliance solutions if GDPR breach interpretation upheld

Digital advertising association IAB Europe has hit out at a preliminary report by the Belgian Data Protection Authority finding that its ad tracking consent framework does not comply with GDPR. The widely-adopted Transparency and Consent Framework (TCF) is designed to help publishers tell visitors where data is being collected and how they intend to use […]

British Airways fined £20m over data breach affecting more than 400,000 customers

The Information Commissioner’s Office (ICO) has fined British Airways (BA) £20m for failing to protect the personal and financial details of more than 400,000 of its customers. An ICO investigation found the airline was processing a significant amount of personal data without adequate security measures in place. This failure broke data protection law and, subsequently, BA […]