Home » Privacy & Data Protection

Privacy & Data Protection

EU-US Privacy Shield Works but Implementation Can Be Improved

The European Commission yesterday confirmed that the EU-US Privacy Shield survives as a method for international data transfers. In its First Annual Review, the Commission states that the arrangement provides an adequate level of protection. The US authorities have put in place the necessary structures and procedures to ensure the correct functioning of the Privacy Shield, such as new redress ... Read More »

Bisnode Consumer Intelligence Transforms Management of Consumer Data

Bisnode introduces Bisnode Consumer Intelligence in the Nordic countries, a new product making managing consumer data easier, more secure and less resource intensive. Marketing and CRM departments often manage large amounts of consumer data requiring aligned and updated information across platforms in order to create seamleass customer experiences and achieve compliance to regulatory frameworks, such as the new General Data ... Read More »

Equifax Announces Cybersecurity Firm Has Concluded Forensic Investigation Of Cybersecurity Incident

Potentially impacted U.S. consumers increased by 2.5 million Equifax Inc. (EFX) (NYSE: EFX) announced today that the cybersecurity firm Mandiant has completed the forensic portion of its investigation of the cybersecurity incident disclosed on September 7 to finalize the consumers potentially impacted. “I was advised Sunday that the analysis of the number of consumers potentially impacted by the cybersecurity incident has been ... Read More »

Identity in India: Are We Entering an Era of Public Databases of Personal Data

One of the changes that we expect to see in the coming years, is the creation of more public repositories of personal data.   By personal, I mean data like Name, Date of Birth, Address, Bank Account Number, Aadhaar Number, Health records, Education records, Employment information, DNA data, credit history, biometrics, iris scans, among other things: i.e. data pertaining to the ... Read More »

Data Protection and Breach Notification Legislation Strengthens Across the Asia-Pacific Region

The shifting landscape in cybersecurity and data protection regulations across the region is a very hot topic.  Asia as a region has lagged behind Europe, in particular, in terms of the development of updated data protection laws. The last few years have seen a real rapid pace of development in this area. We’ve actually had a number of jurisdictions — ... Read More »

India’s Supreme Court Rules that Privacy is a Fundamental Right for Citizens

India’s universal identification program — Aadhaar — suffered a setback today after the country’s Supreme Court voted unanimously in favor of individual privacy. Given the prevalence of data in today’s digital age, and the trend towards ‘smart living’ based on data, the ruling has the potential to be hugely impactful in India both now and in the future. The landmark ... Read More »

Equifax Data Breach Update: A Category 5 Data Breach

Latest Equifax commentary: “Last Thursday evening we announced a cybersecurity breach potentially impacting 143 million U.S. consumers. It was a painful announcement because of the concern and frustration this incident has created for so many consumers. We apologize to everyone affected. This is the most humbling moment in our 118-year history. Equifax Security first discovered the intrusion on July 29. Understandably, ... Read More »

General Data Protection Regulations (GDPR): Ten Myths Debunked

On May 25, 2018, the European Union’s (EU) General Data Protection Regulation (GDPR) will take effect throughout all European Union member states. GDPR is a new regulation by which the European Commission intends to strengthen and unify data protection for individuals whose data is managed by organisations within the EU and for EU resident data worldwide. In short, every country ... Read More »

UK Data Protection and Privacy Update

Mike Bradford, BIIA’s contributing editor on the subject of data protection and privacy has published his latest newsletter which he is sharing with our UK members. Data Protection Bill: The UK Government has committed to updating data protection laws through a new Data Protection Bill which will fully incorporate the General data Protection Regulation (GDPR) and bring it into UK law, ... Read More »

UK Data Protection and Privacy Update

Mike Bradford, BIIA’s contributing editor on the subject of data protection and privacy has published his latest newsletter which he is sharing with our UK members. August Headlines Information Commissioner’s Office Annual Report Data breach commentary Legitimate interest guidance Updated subject access policy Direct Marketing Association GDPR guidance GDPR in the press Warning to workers about sharing personal information Recent ... Read More »

Report Predicts Banks to Get €4.7bn Fines In First 3 years Under GDPR

A new report is “conservatively” forecasting that European finance organisations are about to shell out €4.7 billion in first three years after the GDPR (General Data Protection Regulations) comes into power thanks to data breaches which they don’t currently have to declare.  Consult Hyperion, which commissioned AllClear ID to carry out the research said in a press release, “this forecast is ... Read More »

Experian Data Breach Resolution and Ponemon Institute Find Organizations Are Not Ready for Global Security Risks and Regulations

Only 9 percent of companies are prepared for the Global Data Protection Regulation* (GDPR) half don’t know where to begin Experian Data Breach Resolution and Ponemon Institute released an industry study revealing that while companies generally are aware of and intimidated by global privacy and data security regulations, they fail to properly understand and address necessary organizational changes to comply. ... Read More »

UK Privacy and Data Protection Update

Mike Bradford of Regulatory Strategies UK is a regular contributor on the subjects of privacy and data protection.  Here is his latest update on UK data protection policy and recent data breaches: UK Data Protection Policy Declaration In the Queen’s Speech, the government made clear its intention to ‘ensure that the United Kingdom retains its world-class regime protecting personal data’ ... Read More »

Reckless Minds: Google’s DeepMind Trial Failed to Comply With Data Protection Laws

A year-long investigation found that patients were not adequately informed that medical data would be used as part of a trial of Streams, a mobile app designed to help with the real-time detection of acute kidney injury (AKI). The Royal Free London NHS Foundation Trust gave Google’s DeepMind artificial intelligence program data on 1.6 million patients without proper consent, the ... Read More »

Microsoft Makes Changes to its DP Compliance as a Result of Regulatory Action in France

Microsoft has made changes to how it processes personal data as a direct response to a formal notice in July 2016 by France’s Data Protection Authority, the CNIL. At the time, the regulator said that the company had excessive data collection practices, was tracking users’ web-browsing without their consent, and had insufficient procedures to guarantee the security and confidentiality of ... Read More »