Irish DPC releases report on Public Services Cards

(Sep 19, 2019) The Irish Data Protection Commission released its report on the Public Services Card project, The Irish Times reports. The DPC ordered the Department of Employment Affairs and Social Protection to stop processing personal information of 3.2 million citizens tied to the issuance of the cards. The DPC identified eight adverse findings about the PSC project, including its determination that the privacy statement published by the department lacked sufficient information. Minister for Employment Affa... Read More

Finnish Presidency releases draft compromise proposal for ePrivacy Regulation

(Sep 19, 2019) The Finnish Presidency of the Council of the European Union has released a draft compromise proposal for a new ePrivacy Regulation. The draft proposal contains a new article on the “processing of electronic communications data for the purpose of detecting, deleting and reporting material constituting child pornography” and proposed modifications to Articles 1 to 4a and 18 to 29 within the ePrivacy Regulation. The Working Party on Telecommunications and Information Society plans to discuss the dr... Read More

Irish DPC podcast covers data transfers post-Brexit

(Sep 19, 2019) The Irish Data Protection Commission released an episode of its Know Your Data podcast on Brexit. The episode covers what will happen to data transfers from Ireland to the U.K. once Brexit goes into effect, including the impact on those transfers should the U.K. leave the European Union without a deal, the role standard contractual clauses play and the resources the DPC has on its website to help organizations handle the changes.Full Story... Read More

Berlin DPA issues 200K fine for GDPR violations

(Sep 19, 2019) Berlin’s Data Protection Authority has issued a 195,407 euro fine to Delivery Hero for violations of the EU General Data Protection Regulation, Gründerszene reports. The DPA said in its letter announcing the fine it administered the penalty for various GDPR infractions. Delivery Hero allegedly sent unwanted advertising emails to eight customers. One customer allegedly received 15 emails after they opted out of receiving such messages. The DPA also found Delivery Hero did not fulfill a number of ... Read More

ICO issues 150K GBP fine for nuisance calls

(Sep 19, 2019) The U.K. Information Commissioner’s Office fined Superior Style Home Improvements 150,000 GBP for nuisance calls. The company allegedly called individuals who were registered with the Telephone Preference Service over an 11-month period. The recipients had not given their consent to receive such calls. The ICO issued an Enforcement Notice warning the organization to stop the practice. "Companies engaged in this illegal activity should take note, we will take action against those that continue to... Read More

Philippines seeking APEC CBPR certification

(Sep 19, 2019) The Philippine Star reports the National Privacy Commission in the Philippines has submitted its application to become the ninth economy to join the Asia Pacific Economic Cooperation Cross-Border Privacy Rules. "Our certification would be recognized in all jurisdictions. For companies that would require cross border flows with the Philippines, this would be a seal of good housekeeping so to speak, that the company they are dealing with has reached that standard," Privacy Commissioner Raymund Lib... Read More

Industry prefers detailed crafting of India's non-personal data regulation

(Sep 19, 2019) The Economic Times reports India's industry advocates are calling for the government to be mindful of drawing a line when composing a draft non-personal data regulation. While there has been a committee assigned to explore the issue of non-personal data, industry has concerns that anonymized, community and e-commerce data may be lumped into a personal data legislation. Data Security Council of India CEO Rama Vedashree said non-personal data sharing should be voluntary and incentivized, adding th... Read More

Hong Kong telecom fined HK$84K for violating PDPO

(Sep 19, 2019) Hong Kong's Office of the Privacy Commissioner for Personal Data has announced a fine of HK$84,000 against telecom SmarTone Mobile Communications for violations of the Personal Data (Privacy) Ordinance. The company was originally charged with a record 23 violations before being convicted of 14. The charges stem from SmarTone's lack of compliance related to a data subject requesting the company exclude her personal data from direct marketing campaigns.Full Story... Read More

CNIL updates no-deal Brexit FAQ

(Sep 19, 2019) France’s data protection authority, the CNIL, updated its frequently asked questions page on how organizations should handle data transfers between the EU and the U.K. in the event of a no-deal Brexit, according to a post on Hunton Andrews Kurth's Privacy & Information Security Law Blog. The CNIL recommends companies identify processing activities that involves data transfers to the U.K., determine the proper transfer mechanism for those activities, and ensure they are in place and effective... Read More

Bipartisan effort underway to change Utah voter privacy law

(Sep 19, 2019) Utah's Democratic and Republican parties have come together to voice a desire to have a voter privacy law amended, The Salt Lake Tribune reports. The chairmen for both parties went before the Utah Legislature to argue for voter registration data, which 12.4% of voters have withheld from political parties under a law passed last year. Names, birthdates, addresses, phone numbers, party affiliation, and when or if a person voted are among the information that voters can keep from being disclosed. B... Read More