EU, South Korea 'intensify' data protection cooperation efforts

(Nov 21, 2017) Officials from the European Commission and South Korea issued a joint statement Monday announcing efforts "to further strengthen cooperations" between the two regions around data flows and data protection. Věra Jourová, Commissioner for Justice, Consumers and Gender Equality, together with Korea Communications Commission Chairman Lee Hyo-seong and Korea Internet & Security Agency Vice President Jeong Hyun-cheol, said they have, in recent months, "significantly strengthened the mutual underst... Read More

Roundup: Singapore, Australia, US and more

(Nov 20, 2017) In response to public comments, the Singapore Ministry of Communications and Information and the Cyber Security Agency announced they will clarify the scope of the new Cybersecurity Bill prior to introducing it. Australia’s NSW Labor party has introduced a bill requiring government agencies to report breaches, and the government published a draft of a national approach to how digital identity is managed. In the U.S., senators have introduced the Consumer Privacy Protection Act of 2017 and a bill... Read More

UIDAI confirms 210 government websites involved in data breach including Aadhaar information

(Nov 20, 2017) Following an inquiry raised by the Right to Information, the Unique Identification Authority of India has confirmed that 210 state and central government departmental websites exposed users' personal details, including Aadhaar numbers, IBTimes UK reports. While the data has since been taken down, the government has not yet disclosed how the breach took place, how long the data was exposed, nor how many citizens were impacted. India's controversial Aadhaar system is "currently the world's largest... Read More

NSW Ambulance employees join class-action lawsuit against employer

(Nov 20, 2017) In Australia's Supreme Court today, former and current employees of NSW Ambulance launched a class-action lawsuit claiming it failed to adequately protect their personal information after a former contractor unlawfully disclosed it, The Sydney Morning Herald reports. Waqar Malik was convicted of selling 130 former NSW Ambulance employees' worker's compensation files, including medical records, to personal injury lawyers. The plaintiff's attorney said he believes the case will advance privacy law... Read More

Global News Roundup — November 13-20, 2017

(Nov 20, 2017) In response to public comments, the Singapore Ministry of Communications and Information and the Cyber Security Agency announced they will clarify the scope of the new Cybersecurity Bill prior to introducing it. Australia’s NSW Labor party has introduced a bill requiring government agencies to report breaches, and the government published a draft of a national approach to how digital identity is managed. In the U.S., Senators have introduced Consumer Privacy Protection Act of 2017 and a bill res... Read More

Notes from the iappANZ, 17 November 2017

(Nov 16, 2017) This week sees a continuing focus in Australia on notifiable data breaches. The regime will be introduced on 22 Feb. 2018. The OIAC has provided a helpful analysis pointing out that GPs, gyms and childcare centers may all have obligations if they experience data breaches that are likely to cause serious harm under the relevant local legislation. Many of these are smaller businesses that may not have taken steps to comply with the APPs — there is an exemption from compliance with the Privacy Act... Read More

Singapore agencies to clarify scope ahead of new Cybersecurity Bill

(Nov 16, 2017) Responding to concerns received during a consultation period, the Ministry of Communications and Information and the Cyber Security Agency said they will clarify the scope of the new Cybersecurity Bill as well as its definition of critical information infrastructure operators prior to introducing it. Out-Law.com reports that the agencies said they will "amend the Bill to clarify that only systems which have been explicitly designated by the Commissioner will be considered CIIs." Other amendments... Read More

New Zealand's OPC accepting designs for Privacy Trust Mark logo

(Nov 16, 2017) New Zealand's Office of the Privacy Commissioner has created a call for help in creating a logo for it’s Privacy Trust Mark, which will be added to products and services that have been recognized as having consumer privacy as a priority. Entries will be accepted until midnight, 15 Feb. 2018, and the winner will be awarded $3,500. The Privacy Trust Mark is intended to create an identifiable mark of trust for consumers, helping the OPC promote "a culture in which personal information is protected ... Read More

Apple agrees to help India develop anti-spam app

(Nov 16, 2017) Reuters reports that Apple has agreed to help the Indian government develop an anti-spam app, with limited capabilities, after previously refusing to do so, citing concern for customer privacy. A government official said that as public criticism from the Indian regulator mounted, Apple executives flew to New Delhi to discuss the app. The executives concluded that the current iOS platform might not allow for the government's requests, such as making call logs available. Apple has said its stance ... Read More

Australia releases drafts of Trusted Digital Identity Framework

(Nov 16, 2017) The Australian government revealed the public draft of the Trusted Digital Identity Framework, which includes 14 draft documents designed to produce a national approach to how digital identity is managed. It will also accept public comment until Dec. 8, ZDNet reports. Assistant Minister for Digital Transformation Angus Taylor said of the public draft documents, "This includes documents outlining how providers will be accredited, privacy, security, risk, and fraud management requirements, as well... Read More