Free tools and resources for Data Protection Officers!

Latest bits on privacy and cybersecurity #2

This is latest collection of most interesting articles, reports and publications on privacy, data protection and cyber-security.

The criminal cyberservices market 2018

This study analyzed in detail the market for cybercriminal services and tried to assess whether cybercriminals need a wide range of specialized knowledge, or whether everything can be outsourced to the shadow market: hackers of websites and servers, malware developers and distributors, botnet owners, and other practitioners.

https://www.ptsecurity.com/upload/corporate/ww-en/analytics/Darkweb-2018-eng.pdf

GDPR National Legislation Survey, 4.0

This is an 4th update of Maker McKenzy’s survey that provides an overview of the current legislative activities in terms of national data protection laws supplementing the GDPR in the 28 EU Member States.

https://tmt.bakermckenzie.com/-/media/minisites/tmt/files/2018/08/gdpr_national_legislation_survey_4_aug2018.pdf

Future-proofi ng privacy: A guide to complying with the EU Data Protection Regulation

Hogan Lovells have updated their guide “Future-proofing privacy,” which aims to be a useful starting point for organisations seeking to understand the GDPR and comply with it. Twenty-four authors from 10 European Hogan Lovells offices have contributed their knowledge, efforts, and advice to compile a unique resource of practical guidance. We have identified the key issues and explained why they matter. Crucially, we have approached the new framework with a practical mindset, providing concrete suggestions for actions to take now.

https://www.hldataprotection.com/files/2018/06/HL-Future-proofing-privacy-2018.pdf

Understanding the GDPR

This GDPR FAQ Guide is created in partnership with Robert Half and the multinational law firm Baker McKenzie to help organizations understand, prepare and operate under the GDPR. This guide covers the GDPR basics and focuses on critical areas such as third-party risk, data-privacy rights, consent management and privacy notices.

http://www.protiviti.com/sites/default/files/united_states/insights/understanding-the-gdpr-faq-guide.pdf

The ultimate guide to become GDPR compliant All you need to know in 7 easy steps

In this guide, PrivacyPerfect provides a seven step scheme to help you become GDPR compliant. It’s not easy, but it’s doable. To provide you with more insight, PrivacyPerfect drafted an infographic reflecting the internal and external stakeholders and sources needed for inventory purposes.

https://www.privacyperfect.com/sites/default/files/documents/privacyperfect_ultimate_gdpr_guide.pdf

Lessons from Hollywood Cybercrimes: Combating Online Predators

Everyone has emails and other digital information that they consider to be no one’s business except their own. Our emails contain everything from tax returns to intimate photos meant only for someone special. Imagine the horror if a hacker infiltrated an email account belonging to someone you knew and made those emails public. Imagine the horror if it happened to you.

https://scholarship.law.berkeley.edu/cgi/viewcontent.cgi?article=1071&context=bjesl

EDPS on the Proposal for a Regulation strengthening the security of identity cards and other documents

This Opinion outlines the position of the EDPS on the Proposal for a Regulation of the European Parliament and of the Council on strengthening the security of identity cards of Union citizens and of residence documents issued to Union citizens and their family members exercising their right of free movement.

https://edps.europa.eu/sites/edp/files/publication/18-08-10_opinion_eid_en.pdf

How to prepare for and handle data breach notifications

This whitepaper describes the steps your organisation can take in order to prepare for and handle data breach notifications under the GDPR. Articles 33 and 34 specify the cases in which your organisation has to register a breach, notify it to the supervisory authority or communicate it to the data subject (the natural persons affected by the breach).

https://www.privacyperfect.com/sites/default/files/whitepaper4_databreachnotification.pdf

Privacy and Freedom of Expression In the Age of Artificial Intelligence

This paper focuses on applications of ‘artificial narrow intelligence’: in particular, machine learning and its implications for human rights.

https://privacyinternational.org/report/1752/privacy-and-freedom-expression-age-artificial-intelligence

Clearly Opaque: Privacy Risks of the IoT (2018)

Clearly Opaque: Privacy Risks of the Internet of Things is the Forum’s new major report on the privacy challenges of connected devices and the emerging strategies to address them. This in-depth, multidisciplinary research report explores issues of transparency, consent, identifiability, emotional and bodily privacy, and the destabilization of boundaries.

Read the research

Asia Pacific Data Protection and Cybersecurity Regulation

This report provides an overview of regional developments in 2017 and what to look out for in 2018. It features a “heat map” comparing the regulatory environments in Asia’s key jurisdictions, individual country spotlights, and a guide with considerations for businesses setting up compliance programs.

https://www.hldataprotection.com/files/2018/06/Hogan_Lovells_Asia_Data_Protection_and_Cyber_Security_Guide_2018.pdf

No One Owns Data

Stakeholders in digital markets often frame claims, negotiations and controversies regarding data access as one of ownership. Businesses regularly assert and demand that they own data. Individual data subjects also assume that they own data about themselves. Policy makers and scholars focus on how to redistribute ownership rights to data. Yet, upon closer review, it is very questionable whether data is—or should be—subject to any property rights.

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3123957

>