According to Axios' cybersecurity newsletter Codebook, an Oxford University Ph.D. student has reported ways to work around the EU General Data Protection Regulation and violate others' privacy. James Pavur said he used a fake email account to try to obtain his fiancee's personal data from various companies. Of the 150 firms Pavur contacted, 83 reported that they had the data, and nearly 25% of those organizations gave Pavur access to the information. Mid-sized companies that are subject to the GDPR accounted for the majority of companies that divulged the information, according to Pavur, who did not name the companies that granted him access.
If you want to comment on this post, you need to login.