(Jul 30, 2015) Greetings from Dublin! Back in the city of my birth for a fleeting visit, a few meetings and a meal with the Irish information security community courtesy of ISACA Ireland (Information Systems Audit & Control Association). August is almost upon us, and if you know Brussels, then you’ll appreciate that folks have been slowly fleeing the city for sunnier climes in the last weeks. Although still operational, I can sense the change of daily pace in the European quarter; I can drive my car unhi... Read More

Europe Data Protection Digest

Are Dutch Businesses Ready for the GDPR?

(Jul 30, 2015) ComputerWeekly reports that “relatively few businesses in The Netherlands are familiar with the planned General Data Protection Regulation (GDPR).” That’s according to Pieter Lacroix, managing director for the Benelux region at security firm Sophos, who says many organizations have a long way to go before they’ll be able to meet the requirements of the GDPR. Sophos research indicates half of 1,500 respondents surveyed are unaware of their organizations’ data protection policy and only 51 percent... Read More

Europe Data Protection Digest

USB Stick Found To Contain Data on 13,500 Individuals

(Jul 30, 2015) Thousands of Barclays bank customers had their sensitive data potentially compromised after police found a USB memory stick during a raid. The device contained information including names, dates of birth and addresses, Bristol Post reports. The 13,500 individuals affected may have had their job information, salaries, debts, insurance policies, mortgages and passport and national insurance numbers compromised in the incident as well. The report notes “it is thought the personal details could have been in the hands of fraudsters for up to seven years.” The Information Commissioner's Office has said it is “aware of the incident” and “will be making enquiries.” Read More

Europe Data Protection Digest

CNIL Finds Dating Sites Not Protecting Privacy

(Jul 30, 2015) The Local reports on the CNIL’s finding that French dating sites are not protecting users’ privacy. “In total, 13 sites run by eight companies have been put on notice for not protecting ‘sensitive’ data supplied by their clients,” the report states. "Most of these sites offer their users very targeted searches based on their social community, their religious or ethnic (identity), where they live, how they look, their sexual practices and their political opinions," a CNIL spokesperson said. However, the report states, “some sites aren't giving clients sufficient warning of the fact they are handing over the sort of data they are unlikely to share with a neighbour or colleague.” Read More

Europe Data Protection Digest

Minister Backs Campaign Calling for RTBF for Youth

(Jul 30, 2015) UK Minister for Internet Safety and Security Joanna Shields is backing a new campaign called iRights that aims to give children the ability to “easily edit or delete content they have created online,” BBC News reports. The initiative encourages businesses and the government to work together to protect and empower young people online. It touts children’s need for digital literacy and the importance of being well-informed about how their online data may be used. "There is a movement amongst children and young people in terms of reclaiming what they can in terms of privacy,” Shields said. Rachel O'Connell, founder of, says the proposals are in line with many EU laws that would come into force over the next few years. Read More

Europe Data Protection Digest

MPs To Look at Opportunities and Risks

(Jul 30, 2015) Parliament’s Science and Technology Committee plans to assess whether the government is doing enough to help UK entrepreneurs make the most of the increasing availability of data and the power of analytics software, reports. The committee will also look at data protection and privacy, the report states. “Growth in computing power continues at a remarkable pace, bringing enormous economic and social opportunities as new public and private services are developed using big data sets,” said MP Nicola Blackwood, chair of the committee, adding that “there are also growing public concerns about the collection, use and sale of personal data.” Read More

Europe Data Protection Digest

EDRi: EC Will Monitor Retention Laws

(Jul 30, 2015) EDRi’s Protecting Digital Freedom reports the European Commission (EC) has said it “will continue monitoring legislative developments at the national level” for EU data retention laws. The EC sent the response “to the letter we sent on 2 July 2015 asking the commission to investigate illegal data retention laws in the European Union,” the report states, citing an analysis from EDRi and the Electronic Frontier Finland, IT-Political Association of Denmark, Open Rights Group, Panoptykon and others looking at existing national laws in member states that require “the retention of their citizens’ personal data.” The analysis “concluded that the existing laws in at least six countries appear to be in contravention to the Charter of Fundamental Rights,” the report states. Read More

Europe Data Protection Digest

UK Supreme Court To Hear Google Appeal of Vidal-Hall

(Jul 30, 2015) The England and Wales Court of Appeal delivered a decision in April that IAPP VP of Research and Education Omer Tene called “the European Judicial Privacy Decision of a Decade,” invalidating a section of the UK Data Protection Act and establishing affirmatively that “moral damage” is recoverable under privacy law. On Tuesday, however, the UK Supreme Court agreed to hear Google’s appeal of Google v. Vidal-Hall, and the impact of the decision will be wide-ranging. IAPP European correspondent Jennifer Baker has the news for The Privacy Advisor. Read More

Daily Dashboard, Europe Data Protection Digest

Evolving Interpretations of Laws Challenge Businesses

(Jul 30, 2015) Politico reports on the challenges businesses face as EU data privacy rules continue to evolve. Take Bumbee Labs in Stolkholm, for example. The company planned to use mobile phone WiFi signals to access the number of people visiting a city center daily, but Sweden’s Data Inspection Authority in June told it the plan broke privacy rules—despite its use of encryption and other safeguards—and it now must make changes or abandon the project. Spain’s Telefonic, which sells a crowd-tracking system in the UK, dropped plans to sell in Germany following government and public concerns. One law professor says various member states’ interpretation of data protection laws will continue to remain a hurdle. Read More

Daily Dashboard, Europe Data Protection Digest

New Operating System Brings Cheers and Privacy Concerns

(Jul 30, 2015) With the rollout Wednesday of Microsoft’s new operating system, Windows 10, many praised its new features while others expressed concerns about user privacy, Information Age reports. For those using Windows 7 or 8, the upgrade is free, but some are pointing out that comes with a privacy trade-off, as has been demonstrated in Microsoft’s new privacy policy and services agreement, the report states. Microsoft Deputy General Counsel Horacio Gutiérrez said the company’s new dashboard creates a “straightforward resource for understanding Microsoft’s commitments to protecting individual privacy with these services.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest