(Oct 8, 2015) Greetings from Brussels! This week, our IAPP Europe Data Protection Digest is led by Olivier Proust, CIPP/E, of counsel at FieldFisher and based here in Brussels. We asked many of our European Advisory Board members for a reaction to the European Court of Justice’s Safe Harbor ruling this week, and Olivier’s seemed particularly fitting to kick off this week’s Digest: A lot is being said about the CJEU's ruling. Without any doubt, for the privacy community this is the most important legal devel... Read More

Europe Data Protection Digest

Roundup: The ECJ Ruling, Reactions and Predictions

(Oct 8, 2015) Tuesday's historic ruling by the European Court of Justice continues to send waves throughout the data protection and privacy as well as the business communities. Privacy Partnership's Senior Partner Nicola Regan, CIPP/E, writes for Privacy Perspectives on why the absence of a Safe Harbor framework is actually bad for the privacy of European citizens, while UK Information Commissioner Christopher Graham, speaking during Dentons’ “Fireside Chat,” said, “Keep calm … Safe Harbor is not the only rou... Read More

Europe Data Protection Digest

Will Big Data and Staff Training Help Stop Attacks?

(Oct 8, 2015) Using big data analytics to look more closely at abnormal behavior on a network may be more effective at thwarting a data breach than “simply identifying an attack signature,” said panelists at an event in London this week. Big data analysis in real time can help identify new types of attacks on a network before damage can be done, SC Magazine reports. Meanwhile, ComputerWeekly reports the Information Commissioner’s Office has ordered Anglesey County Council to improve its data protection practices “after it repeatedly failed to address security and privacy issues.” The notice includes a requirement for “mandatory data protection training for all staff,” the report states. Read More

Europe Data Protection Digest

Facial-Recognition Regulations Considered; Researchers Unveil “Climb”

(Oct 8, 2015) The Home Office "is considering increasing the regulations for retention of face recognition records,” Biometric Update reports. The Home Office announced it is “undertaking a policy review of the statutory basis for the retention of facial images and consulting key stakeholders,” adding it is “considering the role of the Biometrics Commissioner. The government will of course publish the findings of the review and consult formally as appropriate.” Meanwhile, researchers from Cardiff University, ... Read More

Europe Data Protection Digest

DPAs To Announce Cooperative Agreement

(Oct 8, 2015) During their “Fireside Chat” at Dentons’ offices in London, UK Information Commissioner Christopher Graham and former interim Privacy Commissioner of Canada Chantal Bernier previewed details of a new cooperation agreement amongst global data protection authorities (DPAs) to be announced at the Data Protection and Privacy Commissioners Conference later this month. In this exclusive for The Privacy Advisor, Sam Pfeifle writes that the Arrangement, as it’s being called, was first discussed at the DPAs’ conference in Mexico in 2011 and creates a common understanding of DPAs’ obligations as they work together “so that separate memorandums of understanding don’t have to be negotiated and signed each time DPAs coordinate on a case.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Safe Harbor Ruling Continues To Ripple Through Business Community

(Oct 8, 2015) There’s no shortage of media coverage of this week’s invalidation of Safe Harbor by the European Court of Justice (ECJ). Though many large companies appear to be prepared for other workarounds, small- and medium-sized companies, including marketers and healthcare companies, are feeling the pressure and confusion stemming from the end of this major data transfer agreement. According to International Business Times, the decision could spur the U.S. Congress to update its privacy laws. Center for D... Read More

Daily Dashboard, Europe Data Protection Digest

No-Tracking Search Engine Gets $9M from Investors

(Oct 8, 2015) Swiss-born search engine Hulbee, which has received $9 million from investors, aims to become a “pro-privacy alternative to mainstream search engines,” Tech Crunch reports. Unlike other search engines, “it does not track users,” the report states. “It’s competing with other search players in the pro-privacy space,” promising untracked ads as well. According to Hulbee CEO Andreas Wiebe, “Ads on Hulbee are targeted based on the search query, so there’s no geotargeting or cumulative tracking,” the report states. “Hulbee doesn’t fall back on surveillance, so there’s no geotargeting,” Wiebe said. “For Hulbee, the user is completely invisible … We recognize that most consumers do not want to be tracked.” The system has been available in the U.S. since August. Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Lessons from Breaches: How To Protect Your Brand

(Oct 7, 2015) One of the major mistakes companies often make when preparing for a data breach is taking a one-size-fits-all approach. Unfortunately, the reality is that no data breach is the same, and there are a wide variety of unique circumstances that need to be accounted for in a data breach response plan. The best example? The Ashley Madison breach. In this exclusive for The Privacy Advisor, Michael Bruemmer, CIPP/US, shares strategies you can employ to protect your brand. Looking at several unconventional breaches, he writes, “From the motivations of the attackers to the potential impact on customers, there are several lessons that organizations and individuals can learn from these examples.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Data Protection Is About Behavior, Not Just Devices

(Oct 7, 2015) The burgeoning trend of cybersecurity devices is problematic as the devices “are perpetuating the misguided and possibly dangerous idea that security can be simply packaged into a neat little box and shipped out en masse … when, in reality, security is about behavior rather than any single shiny product,” Motherboard reports. “The ‘security in a box’ mentality is a foolish idea,” the report states, noting, “Instead, security is understanding the threats against whatever it is you're trying to protect … appreciating that no strategy is perfect and that hackers will find a way to get into your system. Security is being able to adapt when new problems arise.” Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest

Study: Cost of Breaches Is on the Rise

(Oct 7, 2015) The Ponemon Institute’s 2015 Cost of Cyber Crime Study, which examines 252 organizations in five different countries, discovered that while the average cost of data breaches increased 1.9 percent in the past year, boards are showing less get-up-and-go regarding data security, IT World Canada reports. Larry Ponemon said the numbers are “moving in the wrong direction,” with breach response time also up 30 percent. And boards don’t seem to care unless stock prices are affected, said Curtis Levinson... Read More

Asia-Pacific Dashboard Digest, Canada Dashboard Digest, Daily Dashboard, Europe Data Protection Digest