Continue reading »
Continue reading »
Continue reading »
Report by the Joint Research Centre (JRC) on safety, security, privacy and societal questions emerging from the rise of the Internet of Toys – “Internet Connected Toys that constitute, along with the wave of other domestic connected objects, the Internet of Things”.
Report from Citi GPS: Global Perspectives & Solutions on how consumers are tracked, and how the data that is collected and analyzed, and how consumers feel about that.
Whitepaper on data breaches with proposals how to decrease response time. It includes seven security operations capabilities you need, a handy checklist to evaluate your security operations capabilities, and best practices for efficient security response.
paper on mobile-risk scoring and how to do that in practice. It was carried out by IAPP and Kryptowire and is based on input of 400 privacy professionals.
UN Special Rapporteur on the Right to Privacy, Joseph Cannataci, presented his report on governmental surveillance and access to personal data from a national and international perspective.
A brief guide on United Nations stand on privacy. Guide is prepared by Privacy International.
Survey on data security and incident response trends, and how to minimise data breach risks.
Annual report of the Data Protection Commissioner of Ireland for yer 2016.
Discussion paper on Certifications, seals and marks under the GDPR prepared by Centre for Information Policy Leadership. It looks at regulation provided in GDPR and benefits of such mechanisms.
Recently UK Information Commissioner Office (ICO) published several GDPR guidances and requests for public feedback.
In March ICO published draft guidance on consent under the EU GDPR. Guidance was opened for public feedback till March 31, and ICO now aims to publish this guidance in May 2017.
Our guidance on consent explains our recommended approach to compliance and what counts as valid consent. It provides practical help to decide when to rely on consent, and when to look at alternatives. It also explains the key differences with the DPA and gives advice about existing DPA consents.
Reed the feedback on ICO’s guidelines:
In April ICO published its feedback request on profiling and automated decision-making. It represents ICO’s initial thoughts on certain aspects of profiling in the GDPR, however, ICO warns, it should not be interpreted as guidance. Responses will help to form ICO’s contribution to the WP29 guidelines that will be published later this year.
The discussion paper published today highlights the key areas of profiling we feel need further consideration. This includes subjects like marketing, the right to object and data minimisation – and we want your feedback. We’d like to hear the views of our stakeholders and get examples of best practice before 28 April 2017.
ICO has published its call for feedback on derogations under GDPR.
For all derogations, stakeholders are encouraged to submit their views through the online ‘Call for Views’, uploading research and/or data where relevant. This exercise is to capture views on if and how the government should implement the defined flexibilities permitted within the GDPR.
Consultation closes at midday on 10 May 2017.
In March ICO published updated version of paper on big data, artificial intelligence and machine learning. This paper sets out the ICO’s views on issues and how they relate to the GDPR.
European Commission has launched public consultation on the evaluation and review of the European Union Agency for Network and Information Security (ENISA, whose current mandate will come to an end in 2020). ENISA is the Agency of the European Union tasked with contributing to the enhancement of the overall level of cybersecurity of the EU and its Member States.
The European Commission wants all interested stakeholders to share their views on ENISA’s past performances, as well as on a possible revision of its mandate in view of new challenges the EU faces in the cybersecurity field.
The consultation is open until 12 April 2017.
IAPP together with EY has published their second annual Privacy Governance Report. 120-pages report is result of data provided by 600 privacy professionals across the globe. It focuses on GDPR and move of other countries towards more robust privacy regulation.
Annual IAPP-EY Privacy Governance Report 2016 has been released and is available for free download. It’s a second year of releasing the report. Report is most comprehensive benchmarking data for privacy. IAPP-EY Privacy Governance Report 2016 contains 126 pages of detailed information from 600 companies around the world that have provided answers to budget, staffing, organizational, and prioritization questions.
Privacy and services in cloud is a hot topic now. With GDPR now adopted some are afraid that new privacy regulation in Europe will kill the cloud quickly. Although it is doubtful cloud services will cease to exist because of regulation nevertheless compliance with privacy and data protection regulation will leave an impact. Therefore it is no surprise two big law firms – Eversheds and Baker & Mckenzie – recently published their reports on cloud services.
Continue reading »
Ernst & Young made global survey on the privacy issues facing organizations today.
In this GISS 2015 privacy questionnaire, 38% of respondents admit that they address security in new business processes and technologies, but not privacy specifically.
However, more telling, and perhaps more concerning for organizations and individuals alike when it comes to managing privacy, is that for nearly half (46%) of survey respondents, their number one or two concern is not having a clear picture of where personal information is stored or processed outside of their main systems and servers. This is exacerbated by the fact that for 40% of respondents, their number one or two concern is that there are simply not enough people to support their privacy program.