Irish DPC releases CSP guidance

(Oct 25, 2019) The Irish Data Protection Commission has released guidance for organizations when they use cloud service providers. The guidance was created to help data controllers ensure they follow transparency requirements under the EU General Data Protection Regulation and have the proper contract in place when they use a CSP. The DPC’s guidance also covers the definition and security considerations around cloud computing, as well as further guidance from the European Data Protection Supervisor and Europea... Read More

Top-5 most-read stories since Oct. 21, 2019

(Oct 25, 2019) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes that's even too much. To help, we offer our top-five most-read stories for the week of Oct. 21.Full Story... Read More

The IAPP's top-5 most-read stories for the week of Oct. 21, 2019

(Oct 25, 2019) We know, there's lots of privacy news, guidance and documentation to keep up with every day. And we also know, you're busy doing all the things required of the modern privacy professional. Sure, we distill the latest news and relevant content down in the Daily Dashboard and our weekly regional digests, but sometimes, that's even too much. To help, we offer our top-five, most-read stories of the week. Resource Center: "IAPP 2019 Privacy Tech Vendor Report" Daily Dashboard: "EC releases report... Read More

Warren, Wyden ask FTC to investigate Amazon over Capital One breach

(Oct 24, 2019) Sens. Ron Wyden, D-Ore., and Elizabeth Warren, D-Mass., have asked the U.S. Federal Trade Commission to investigate Amazon over the Capital One data breach, The Wall Street Journal reports. In a letter sent to the agency, the senators wrote the tech company did not properly protect consumers from a known vulnerability in its cloud computing system. The senators added since the issue had been reported a year earlier, the FTC should look into whether Amazon’s failure to remedy the flaw should be l... Read More

IAPP white paper: 'Talking Tech for Privacy Pros: Coming Down from the Cloud'

(Oct 22, 2019) For privacy professionals, considerations around databases center on design decisions, system architecture and the way they are used and maintained rather than on the individual variables and the other minutia involved in their creation. In this third part in a series of white papers, former IAPP Westin Research Fellow Nicholas Schmidt, CIPP/US, offers an explanation of cloud computing and introduction into systems architecture.Full Story... Read More

French minister offers warning about European use of AWS

(Oct 16, 2019) French Junior Economy Minister Agnes Pannier-Runacher said Europe is running out of time if it ever wishes to wean itself off Amazon Web Services, Reuters reports. She added if Europe cannot find an alternative to AWS within 24 months, the region runs the risk of "a loss of sovereignty. This is what I’m hearing from experts, including French people in Silicon Valley, who underline how worrisome this situation is."Full Story... Read More

Data privacy slowing cloud adoption by Nigerian businesses

(Oct 10, 2019) Data privacy and security concerns are barriers to the adoption of a public cloud in Nigeria, Punch reports. At a recent conference, speakers noted gaps in the current cybersecurity law have created barriers to prevent cyberattacks and data theft, and as a result, businesses are reluctant to shift to the cloud. “In some cases, huge amounts of data have been obtained from citizens of certain countries by governments of other countries without their permission. This is one more headache for the co... Read More

20M Russians affected by tax records breach

(Oct 4, 2019) A pair of misconfigured databases has exposed the tax records and personal information of 20 million Russians, Infosecurity Magazine reports. Analysts found the Amazon Web Services Elasticsearch cluster lacked password protection and an authentication mechanism. The unencrypted personal information, which was collected over a seven-year span and sat exposed for more than a year, included names, addresses, residency statuses, passport and phone numbers, tax ID numbers, and employer names and phon... Read More

SAP receives 2019 HPE-IAPP Privacy Innovation Award at PSR

(Sep 24, 2019) In a ceremony Tuesday morning at the IAPP's Privacy. Security. Risk. conference in Las Vegas, Nevada, application software provider SAP was announced as the winner of the HPE-IAPP Innovation Award. SAP was honored for its creation and development of Data Custodian, a multi-cloud software-as-a-service application that provides customers with data protection, transparency and regulatory compliance aid, among other data management functions, within a public cloud. The HPE-IAPP Privacy Innovation A... Read More