Free tools and resources for Data Protection Officers!

Tag Archives for " data breach "

What changes GDPR will bring?

While some tend to portray new European Union (EU) General Data Protection Regulation (“GDPR”) as menacing Apocalypse coming from nowhere, fact is that GDPR is an “upgrade” of existing EU data protection laws. EU Data Protection Directive (Directive 95/46/EC) was adopted already in 1995. In some countries – like Germany and Sweden – data protection laws were introduced even much earlier – in 1970s and 1980s.

GDPR keeps the basic principles of Data Protection Directive and ads new “layer” to it, aiming to unify data protection in all EU countries and bring more rights and control over data use back to individuals. In fact, GDPR incorporates guidance of data protection authorities and best practice in data protection. There almost nothing in GDPR that wouldn’t already exist somewhere. For example, data protection by design and by default principle originated back in 1980s, data protection officers already are mandatory requirement in Germany, and breach notification exist in communication sector for years.

But let’s look what exactly are the changes GDPR brings us.

Continue reading »

Latest papers on privacy and data protection – May

Kaleidoscope on the Internet of Toys

Report by the Joint Research Centre (JRC) on safety, security, privacy and societal questions emerging from the rise of the Internet of Toys – “Internet Connected Toys that constitute, along with the wave of other domestic connected objects, the Internet of Things”.

Read report

Who Watches the Watchers?

Report from Citi GPS: Global Perspectives & Solutions on how consumers are tracked, and how the data that is collected and analyzed, and how consumers feel about that.

Read report

Practical Guide to Efficient Security Response

Whitepaper on data breaches with proposals how to decrease response time. It includes seven security operations capabilities you need, a handy checklist to evaluate your security operations capabilities, and best practices for efficient security response.

Download whitepaper

Assessing Mobile App Data Privacy Risk

paper on mobile-risk scoring and how to do that in practice. It was carried out by IAPP and Kryptowire and is based on input of 400 privacy professionals.

Read summary of paper

UN Report on Governmental Surveillance

UN Special Rapporteur on the Right to Privacy, Joseph Cannataci, presented his report on governmental surveillance and access to personal data from a national and international perspective.

Read report

How  to Talk About the Right to Privacy at the UN

A brief guide on United Nations stand on privacy. Guide is prepared by Privacy International.

Read guide

Be Compromise Ready: Go Back to the Basics. 2017 Data Security
Incident Response Report

Survey on data security and incident response trends, and how to minimise data breach risks.

Read survey

Annual Report of the Data Protection Commissioner of Ireland

Annual report of the Data Protection Commissioner of Ireland for yer 2016.

Read report

Certifications, Seals and Marks under the GDPR and Their
Roles as Accountability Tools and Cross-Border Data Transfer
Mechanisms

Discussion paper on Certifications, seals and marks under the GDPR prepared by Centre for Information Policy Leadership. It looks at regulation provided in GDPR and benefits of such mechanisms.

Read paper

Irish Data Protection Commissioner to examine Yahoo

Ireland’s Data Protection Commissioner is stepping up its examination of the Yahoo Inc. data breach and is awaiting information from Yahoo regarding allegations on scanning of users’ emails for US government.

In September Yahoo confessed that in 2014 hackers had stolen the data of 500 million users. But just month later Yahoo was accused in using software checking millions of emails for specific information related to national security.

Read more: Irish data regulator steps up Yahoo hack probe, waits on email scanning

UK government breached personal data security 9,000 times in a year, watchdog reveals

UK’s National Audit Office (NAO) has found that government has breached personal data security nearly 9,000 times in a year. Most of breaches – about 6,000 – are on HMRC.

NAO found that 17 largest departments recorded 8,995 data breaches in years 2014-2015, but reported to the Information Commissioner (ICO) only 14 incidents. Although not all incidents shall be reported to ICO, NAO observed that lack of detail in the self-reporting data means it is not possible to determine how significant any of unreported breaches was.

Full story

Spotify forces users change their passwords – because other companies keep getting hacked

Spotify is making some users reset their passwords and the reason is – other websites keep getting hacked. There have been numerous huge data breaches affecting tens of millions of users.

Situation is even worse because of the fact that many people re-use their passwords across many services. So breach of one service where password was re-used compromises other sites and services as login details obtained on one service can be used to gain illicit access to accounts on other services and websites.

Therefore Spotify is forcing users whose details were exposed in some of these previous breaches to change their passwords.

Full stoy

>