Australian telecom bill gets ACLEI backing

(Apr 9, 2020) ZDNet reports the Australian Commission for Law Enforcement Integrity formally voiced its support for the pending Telecommunications Legislation Amendment (International Production Orders) Bill 2020. In its comments to the Parliamentary Joint Committee on Intelligence and Security regarding the bill, ACLEI said the law "will be effective in achieving the aims of facilitating access to valuable data for the use in law enforcement investigations while ensuring safeguards are in place." ACLEI's com... Read More

Turkish DPA issues 18K TL fine for purpose limitation violation

(Apr 9, 2020) Turkey's data protection authority, the KVKK, announced a fine of 18,000 TL for a violation of the purpose limitation principle in the country's Law on the Protection of Personal Data No. 6698. The violation is related to a consumer's phone number being provided to a third party without legitimate purpose. The data controller's actions breached Article 7 of the LPPD, which requires deletion or anonymization of data when there's no longer a legal basis for processing. (Original post is in Turkish... Read More

Data protection frameworks emerging in the BRICS countries

(Apr 9, 2020) The members of the so-called BRICS grouping (Brazil, Russia, India, China and South Africa) have realized that digital transformation is an essential element for the future of their economies and societies. In this perspective, data protection becomes a key priority to foster thriving digital environments, where individuals enjoy protections and businesses benefit from legal certainty.    Given the remarkable economic and strategic value that personal data has acquired, the regulation of this “... Read More

A look at the BRICS countries' data protection frameworks

(Apr 9, 2020) The members of the so-called BRICS grouping, which includes Brazil, Russia, India, China and South Africa, have realized that digital transformation is an essential element for the future of their economies and societies. In this piece for Privacy Tracker, Head of CyberBRICS Luca Belli writes about how the project has "started the first initiative to develop comparative and systematized analyses of the digital policies developed by BRICS countries," as well as the results of its initial probe.Fu... Read More

Zoom increases oversight, adds consultant for security issues

(Apr 8, 2020) ZDNet reports Zoom established a CISO Council and Advisory Board, in addition to hiring former Facebook and Yahoo Chief Security Officer Alex Stamos as an outside consultant. The personnel moves are aimed at better addressing privacy and security flaws plaguing the platform. Meanwhile, a Zoom shareholder brought a class-action privacy suit against the video conferencing app. Also, the U.S. Department of Homeland Security believes Zoom has been responsive to cybersecurity concerns, while Germany ... Read More

Germany adopts draft patient data protection law

(Apr 8, 2020) Germany's Federal Cabinet announced the adoption of the draft Patient Data Protection Act. The law seeks to further the country's shift to digital health while ensuring patient data, including information found in electronic patient data records, is appropriately protected. German Federal Commissioner for Data Protection and Freedom of Information Ulrich Kelber issued a response to the adoption, noting the law requires further privacy considerations, especially regarding access to patient data. ... Read More

Irish DPC releases report on cookies, tracking tech

(Apr 7, 2020) The Irish Data Protection Commission released its report on the use of cookies and other tracking technologies. The report highlights the practices of 38 organizations the DPC asked to participate in the audit, which took place from August to December 2019. "The purpose of the sweep survey was to request information to allow us to examine the deployment of such technologies and to establish how, and whether, organisations are complying with the law," the report states.Full Story ... Read More

Web con: 'The Impact of CCPA and GDPR on Data Management'

(Apr 7, 2020) Requirements for data management under the California Consumer Privacy Act and EU General Data Protection Regulation are changing the way organizations control their data. Join the IAPP April 16 for this web conference to hear privacy professionals discuss what lessons organizations have gleaned from their compliance efforts while working to meet the requirements of these new regulations. Speakers include Dataguise Senior Vice President of Enterprise Privacy Solutions Sagi Leizerov, CIPP/US, Ube... Read More

British Airways, Marriott GDPR investigations extended

(Apr 7, 2020) Computer Weekly reports British Airways and Marriott International negotiated with the U.K. Information Commissioner's Office to extend the probes into their EU General Data Protection Regulation violations. According to financial reports from both companies, British Airways and Marriott had their GDPR decisions deferred to May 18 and June 1, respectively. The ICO agreed to similar regulatory extensions for both companies in January.Full Story... Read More

Uruguay dicta nuevas normas sobre protección de datos

(Apr 7, 2020) En febrero de 2020, Uruguay aprobó nuevas normas importantes sobre protección de datos que mejoran el nivel de protección ya existente, de acuerdo a estándares internacionales. Los cambios comprenden: aplicación extraterritorial de la ley uruguaya; obligación de notificar vulneraciones de seguridad de inmediato a titulares y la autoridad de control; consagración del principio de responsabilidad proactiva (accountability, en inglés); obligación de implementar privacidad desde el diseño (privacy b... Read More