BNA_21569 BLW ACC 2016 AHLA Survey and Guidance Report BAN 728x90_Ldbd

(Feb 24, 2017) In this episode of The Privacy Advisor Podcast, Chris Zoladz, CIPP/E, CIPP/G, CIPP/US, CIPM, CIPT, of Navigate talks about what he’s seeing on the ground as he advises clients who’re aiming to comply with the GDPR as its effective date rapidly approaches. Zoladz says based on his experience, organizations are largely not going to be completely compliant by May 2018, in part due to budget cycles. He also describes how to be strategic about big data and the GDPR’s new consent requirements. A big p... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Privacy Shield? Let's talk about it

(Feb 24, 2017) While the Article 29 Working Party, and others, may have questions about the foundations of the EU-U.S. Privacy Shield framework, it has thus far weathered a variety of storms, and even been joined by the Swiss-U.S. Privacy Shield. In fact, more than 1,700 organizations are now actively participating and using the framework to transfer data from the EU to the United States. Looking to learn more? Want to talk it out? The IAPP has you covered. Those of you who've already registered for the sold-o... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Cloudflare bug exposes private data

(Feb 24, 2017) A bug discovered in Cloudflare's software earlier in February accidentally exposed data like private messages on dating sites, frames from adult sites, and hotel bookings, BBC News reports. "Unfortunately, it was the ancient piece of software that contained a latent security problem and that problem only showed up as we were in the process of migrating away from it," said Cloudflare Chief Operating Officer John Graham-Cumming. The company has since fixed the issue, and Graham-Cumming said he wasn't worried that the exposed data was misused. "I am not changing any of my passwords," he said. "I think the probability that somebody saw something is so low it's not something I am concerned about." Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Cellebrite announces product that can crack locked phones

(Feb 24, 2017) CyberScoop reports Cellebrite has announced its Advanced Investigative Service tool can "unlock and extract" locked iPhones' full file system, including those from the 6 and the 6+. “These capabilities dramatically increase law enforcement’s ability to access critical digital evidence and solve cases faster, by providing forensically sound access and extraction capabilities not found anywhere else in the industry,” the company said. “Furthermore, we now make the world’s first ‘decrypted physical... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Google allowing all developers to deploy anti-harassment tool

(Feb 24, 2017) Google’s offshoot Jigsaw and the tech company’s Counter Abuse Technology Team have released new code allowing developers to implement an anti-harassment tool that Jigsaw has worked on for more than a year, Wired reports. The piece of code is called Perspective, an API that uses machine learning to automatically detect abusive speech. A user types in a phrase, with the Perspective API assessing a score based on the “toxicity” of the content. “We hope this is a moment where Conversation AI goes from being ‘this is interesting’ to a place where everyone can start engaging and leveraging these models to improve discussion,” said Conversation AI Product Manager CJ Adams. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Notes from the IAPP Canada Managing Director, February 24, 2017

(Feb 24, 2017) There’s a news story this week (below) about a government computer system not having the necessary privacy protections built into it. It’s actually a follow-up investigation by the British Columbia Auditor General, who went public with her disappointment that the government had not yet fixed the system. I suppose these stories are going to continue for some time into the future. There just aren’t enough people responsible for building and implementing systems who are versed in privacy know-how.... Read More

Canada Dashboard Digest

British Columbia Auditor General cites improvement in ICMS, but issues remain

(Feb 24, 2017) British Columbia Auditor General Carol Bellringer said the government has made improvements in updating potential privacy issues within its Integrated Case Management System, but more work needs to be done, CBC News reports. The system, designed to be used for social programs, was first audited by Bellringer’s office in 2015, when it was determined it was incomplete, and did not properly protect sensitive personal information. A progress audit found British Columbia's government has made “significant effort” to improve the system, specifically regarding client information access. Bellringer said the system still needs a full review of inactive accounts, and more information is needed to ensure transparency. Read More

Canada Dashboard Digest

British Columbia privacy commissioner investigating vigilante group

(Feb 24, 2017) The Office of the Information and Privacy Commissioner for British Columbia is investigating the controversial vigilante group, Surrey Creep Catchers, CBC News reports. Creep Catchers is a group of organizations across Canada that aim to expose people they claim are sexual predators by posing as minors online, then setting up meetings in person to shame their targets. The group was allegedly involved in an incident involving an RCMP officer who was arrested and charged for attempting to meet an underage child. Law enforcement agencies have voiced their concerns about the groups, stating citizens could be in danger if a potential child predator was confronted in public. Read More

Canada Dashboard Digest, Privacy Bar Section

CRA to record fingerprints of tax evaders

(Feb 24, 2017) The Canada Revenue Agency has started to record the fingerprints of every individual charged with tax evasion, CBC News reports. "Introducing a mandatory fingerprinting policy would serve as a powerful deterrent to those considering committing a serious tax offence or those who may contemplate reoffending," an internal CRA memorandum states. "The mobility restriction is an important deterrent, especially for people engaged in offshore tax evasion." The fingerprints of all accused tax evaders wil... Read More

Canada Dashboard Digest

On the five big data stages of adjustment to the GDPR

(Feb 23, 2017) With the EU General Data Protection Regulation just around the corner, companies managing risk and working with big data applications have much work to do to mitigate any compliance gaps. A recent IAPP-hosted web conference explored these issues, and based on interactions with a number of companies and regulators following the event, Anonos CEO Gary LaFever has mapped out the varying stages of adjustment companies have been making for GDPR readiness. In this post for Privacy Perspectives, LaFever details these five stages, ranging from the first stage, "awareness," to the final stage, "ensuring continuity of operations," to help companies that control and process data find a solution. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest