ACI_Q2_Ads_disaster-728x90
BNA_15349_Privacy_Law_Asia_wp_ad_680x75_Ldbd
ACI_Q2_Ads_battletested-728x90
Certification_Ad_300x250final-01
DPC15_300x250_ads_FINAL
PPC_CIPM_300x250.FINAL-01

(Jul 27, 2015) Last Friday, after a week of media buzz about the hackability of certain Fiat Chrysler vehicles, and the introduction by two senators of a new privacy and security bill for connected cars, Fiat Chrysler announced a voluntary recall of 1.4 million vehicles. The recall and penalty “is a first-of-its-kind move in the Internet-of-Things era,” writes Jedidiah Bracy, CIPP/E, CIPP/US, and “is a big deal, demonstrating a very real convergence of the online and offline worlds.” In this post for Privacy Tech, Bracy examines the hack and subsequent recall and what it means for this brave new IoT world in which we’re entering. Read More

Daily Dashboard

EDPS Provides Detailed Recommendations for Final GDPR Text

(Jul 27, 2015) As the trilogue process continues toward a final draft of the EU’s proposed General Data Protection Regulation, the European Data Protection Supervisor has not stood idly by. Today, the EDPS released a detailed draft of its own, creating a new “fourth text” for the trilogue process to consider. Further, it has released its own mobile app that allows one and all to both read its recommendations and compare all of the texts against one another. IAPP Publications Director Sam Pfeifle analyzes the EDPS recommendations for Privacy Tracker. Read More

Daily Dashboard

Roundup: Kuwait, Russia, U.S. and More

(Jul 27, 2015) This week’s Privacy Tracker roundup highlights a controversial new antiterrorism law in Kuwait that would see mandatory DNA collection from all citizens, residents and visitors to the country. Also, Russia has passed a right-to-be-forgotten law, and Ireland is expected to pass a new law giving adopted individuals access to their birth certificates. In the U.S., another student privacy bill has been introduced while senators who have already proposed student privacy bills hope to work together to push a single bill forward. Also, there’s a new bill aiming to reform FISMA, and the courts have been busy deciding on Neiman Marcus, butt-dialing, a Florida healthcare privacy law and Facebook denying search warrants. (IAPP member login required.) Read More

Daily Dashboard

New Mindset, Budget Plan Helpful in Breach Prevention

(Jul 27, 2015) RSA Chief Technology Officer Zulfikar Ramzan believes breach prevention requires a proactive attitude and wise budgeting in favor of security, BankInfo Security reports. “Security practitioners need to eliminate the perimeter and adopt a prevention mindset to establish the security maturity of the organization in dealing with cyber threats," Ramzan said. “Learning to distinguish between an intrusion and breach and working out ways to respond to breaches are critical.” The current status quo of allocating money toward prevention ought to be similarly revised, he suggests, recommending “organizations allocate one-third of their budgets to each of those disciplines to build a better breach response framework,” the report states. Read More

Daily Dashboard

Web Conference: Canada’s Mandatory Breach Notification Law Update

(Jul 27, 2015) On June 18, Canada passed into law Bill S-4, The Digital Privacy Act, which made a number of important amendments to the Personal Information Protection and Electronic Documents Act (PIPEDA), many of which are now in force. The IAPP now has a web conference recording available that looks at the key changes and their potential impacts for all organizations handling personal information about Canadians. Hear Alex Cameron of Fasken Martineau DuMoulin and Peggy Byrne of CIBC discuss the new rules, how they may affect organizations and what steps need to be considered to address the new requirements. Editor’s Note: Privacy Tracker recently ran a story addressing the provisions yet to be enacted. Read More

Daily Dashboard

Constitutional Court Upholds Law

(Jul 27, 2015) France’s Constitutional Council upheld a controversial surveillance law that permits intelligence agencies to gather metadata with the only necessary approval from “an independent body created to oversee surveillance activities,” The Wall Street Journal reports. Dissenters argue the legislation “undermines privacy and civil liberties because it allows a wide range of surveillance activities without prior approval by a judge” and that its “terminology … is so vague as to permit any kind of survei... Read More

Daily Dashboard

Privacy Trumps Journalistic Freedom, European Court Rules

(Jul 27, 2015) The European Court of Human Rights (ECHR) has ruled that journalists can be prevented from publishing publicly available information in cases where a person’s right to privacy is violated, Out-Law.com reports. In the case of Satakunnan Markkinapörssi and Satamedia v. the Republic of Finland, the ECHR decided that the Finnish magazine could be prevented from publishing publicly available tax data in order to protect the privacy rights of individuals. Finland’s data protection ombudsman advised th... Read More

Daily Dashboard

If Used Correctly, Student Data Has Opportunity for Good

(Jul 27, 2015) As the use of student data continues to grow, so do privacy concerns, and legislators have taken note. But there are many “positive outcomes that can come from sharing data,” Pip Learning Technologies CPO Rob Curtin tells the MIT Technology Review, and student privacy laws, if poorly informed, could “stifle innovation.” Student data “could be used to help educators tailor instruction to individual students … while overly restrictive policies could prevent that by closing off opportunities to share such data,” the report states. “There is a right way and a wrong way to do this,” Curtin said. “And if we follow the rules, we can move data around, and there are really good reasons for doing that.” Read More

Daily Dashboard

Using Data To Determine Character, Limit Access

(Jul 27, 2015) Companies like Upstart are developing algorithms to scrutinize personal data for qualifying traits for certain services, such as loans, The New York Times reports. Using applicants’ “SAT scores, what colleges they attended, their majors and their grade-point averages,” companies are able to overcome what ZestFinance CEO Douglas Merrill dubs “selection bias.” Workday’s Dan Beck adds, “If you can leverage data to overcome that, great.” Meanwhile, Fast Company reports on how a “coder used 23andMe'... Read More

Daily Dashboard

Hackers Could Use Cell Phones as Spycams

(Jul 27, 2015) Stagefright, a “multimedia playback engine” unique to Google Android phones, has a vulnerability so profound that “that attackers could send a text message with a malicious video file and infect the mobile device without a recipient actually clicking to open the file,” effectively rendering it a “spycam,” The Christian Science Monitor reports. Google has released a patch for the flaw, but “the fix won't help millions of users with older versions of the system that Google no longer supports,” the... Read More

Daily Dashboard