Paper analyzes data protection implications of 'Hard Brexit'

(Jun 22, 2018) Guernsey Deputy Commissioner Rachel Masterton has penned a paper on the data protection implications of a “Hard Brexit”; former U.K. Information Commissioner Richard Thomas now heads the Geurnsey data protection authority. While the U.K. will be leaving the European Union having been under the rule of EU General Data Protection Regulation for roughly a year, the impact of the GDPR on companies handling data belonging to EU citizens could still change dramatically. Masterton’s paper examines the ... Read More

Leaving the EU: the data protection implications of a ‘Hard Brexit’ for UK businesses with EU data flows and clients

(Jun 22, 2018) This paper by Rachel Masterton seeks to evaluate the additional obligations of the GDPR that will live on in the U.K. beyond its departure from the EU and what the U.K. government could do to relieve some of those requirements. Reviewing case law surrounding data transfers, it addresses the key messages from such judgments and their impact on processing going forward. It also draws on the musings of thought leaders in the arena of data protection and attempts to provide direction to the delibera... Read More

Notes from the IAPP Europe Managing Director, 22 June 2018

(Jun 21, 2018) Greetings from Brussels! An interesting article in The New York Times caught my attention recently about content moderation, which I think merits some comment. Facebook, as we know, is no stranger to the media spotlight and continues to retain their place in the limelight considering the Cambridge Analytica kerfuffle. However, one could be forgiven for overlooking their current efforts to monitor and moderate the vast amount of content on their platform. Let’s rewind to January 2018, Germany, ... Read More

Op-ed: Finding the best way to handle GDPR 'mobile loophole'

(Jun 21, 2018) In an op-ed for Computerworld, J. Gold Associates Founder Jack Gold writes about the best ways to handle the “mobile loophole” involving the EU General Data Protection Regulation. With more employees using mobile devices for work-related purposes, they are often working with data covered under the GDPR, resulting in a murky area for compliance. In order to prepare themselves should regulators take strict enforcement actions, Gold suggests companies treat personal mobile devices as corporate data... Read More

Reporter chronicles attempts to delete genetic info from testing companies

(Jun 21, 2018) Bloomberg reporter Kristen Brown detailed her efforts to have her genetic information permanently deleted from genetic-testing companies. Brown first tried Ancestry.com, where she was able to delete her data on the website but had to call in order to have her sample destroyed. The reporter then went to 23andMe, where she had to wait until the EU General Data Protection Regulation went into effect before her data could be deleted, only to find it was not possible, as the research conducted with h... Read More

Snap allowing third-party developers to access Snapchat features

(Jun 21, 2018) Wired reports Snapchat will allow third-party developers to use features within the app but not access any user data. Snap Kit will give developers the opportunity to use features such as stickers and Bitmoji. Snap said its trust, safety and customer operations teams will approve which developers will have access to Snapchat until it can find a way to automate the process. Developers will not have any way to access "user-identifiable information, such as demographic information or friends list."... Read More

Council investigating practice of requiring payment data via email

(Jun 21, 2018) London’s Islington Council is under review for requiring residents to share personal payment information, including credit card details, security codes and addresses, via email, BBC News reports. Resident Dafydd Vaughan raised alarm after discovering email exchange of personal payment information was required by the local government association for all parking bay suspensions. Vaughan said, "If something happened and the details were leaked, they could be used by other people, and the bank would... Read More

Op-ed: EU policy should support AI development

(Jun 21, 2018) In an op-ed for the EUobserver, Nick Wallace writes that the European Union’s current approach to artificial intelligence will hurt its ability to become a leader in AI. Wallace writes that while the EU funds AI research, the requirements of the new EU General Data Protection Regulation place AI under “the world’s strictest regulations.” If the EU wants to become a leader in AI, Wallace writes that EU policy should give European firms and inventors “the best chance of building and deploying cutt... Read More

Email security company opens two data centers in Germany

(Jun 21, 2018) Email security company Mimecast opened two data centers in Frankfurt, Germany, MediaPost reports. Spurred by the country’s “cautious yet pragmatic approach to cloud,” Mimecast CEO Peter Bauer said the new centers will allow the company to “help organizations adopt a cyber resilience strategy to secure, preserve and continue the flow of information via email.” According to the company, 48 percent of German organizations have seen an increase in malware and ransom attacks through email attachments... Read More