News

Data protection regulations and compliance

October 20, 2020 20 Oct'20
BA breach penalty sets new GDPR precedents

The 90% reduction in the fine levied on BA over a 2018 data breach has legal experts talking about the ramifications for the future of data protection
October 16, 2020 16 Oct'20
BA argues ICO data breach fine down to £20m

Information Commissioner’s Office levies fine of £20m on British Airways for failing to protect the personal data of hundreds of thousands of passengers – a vast reduction on the initial £183m penalty
October 15, 2020 15 Oct'20
Cloud data protection keeps the Crick’s medical research Covid-secure

Cloud data management services from Rubrik gave the Francis Crick Institute a data protection edge and have helped keep its vital work going through the pandemic
October 14, 2020 14 Oct'20
Fintech ‘unicorn’ Klarna probed over data misuse

Online bank blames misuse of user data on human error as Information Commissioner’s Office weighs in

October 07, 2020 07 Oct'20
Department for Education failed to protect data on millions of children, says ICO

The Department for Education’s National Pupil Database, which contains millions of items of data on the UK’s schoolchildren, was found to be non-compliant with data protection regulations across the board
October 07, 2020 07 Oct'20
ICO wraps up Cambridge Analytica investigation

Information Commissioner’s Office concludes its investigation into Cambridge Analytica, saying no additional evidence has come to light that would change its previous assessments
September 24, 2020 24 Sep'20
Government blasted over ‘reckless’ contact-tracing security

The Open Rights Group and Big Brother Watch accuse the government of endangering public health with a reckless attitude to contact-tracing data security
September 22, 2020 22 Sep'20
GDS reviewing Cloud First policy post-Schrems II

Review seeks to determine the future of government engagement with cloud hosting services as they relate to cross-border data flows
September 21, 2020 21 Sep'20
India’s storage market takes hit but hasn’t lost its shine

The slower growth in storage spending in India amid the Covid-19 pandemic is expected to be mitigated by digitisation efforts by financial services and manufacturing firms
September 18, 2020 18 Sep'20
Open Data Institute explores diverse range of data governance structures

Unlocking the economic and social potential of data will require a diverse range of governance structures to meet the needs of different contexts, use cases and stakeholders

September 16, 2020 16 Sep'20
Julian Assange held back 15,000 documents to prevent harm to US government

Investigative journalist John Goetz said today that WikiLeaks held back publication of thousands of documents that could harm individuals
September 15, 2020 15 Sep'20
TikTok-Oracle partnership moves forward for consideration

Joint venture proposal could create thousands of jobs and secure TikTok’s future outside China
September 15, 2020 15 Sep'20
Data of every Welsh Covid-19 patient leaked online

Data on all 18,105 people in Wales who have received positive tests for the coronavirus was uploaded to a public-facing web server in error
September 11, 2020 11 Sep'20
Travel industry websites are laughably insecure, claims Which?

The travel industry is failing to take the data security of its customers seriously, according to a Which? investigation
September 07, 2020 07 Sep'20
Court rejects request to exclude ‘11th hour’ US evidence against WikiLeaks founder Julian Assange

Lawyers for Julian Assange say the US has introduced an 11th hour indictment against the WikiLeaks founder that provides additional grounds for his extradition
September 07, 2020 07 Sep'20
Government DPOs challenged by volume of GDPR work

Data protection officers working across the UK government are finding it tough to keep up with the increased workload generated by GDPR, according to a report
September 07, 2020 07 Sep'20
Dutch bank set to save €5m via Veeam backup upgrade

Rabobank ditched legacy backup where patching took months and restores took hours. Those times are now cut down massively and the bank has a readily available test environment
August 25, 2020 25 Aug'20
TikTok takes Trump to court

Under-fire video app TikTok files a formal complaint in the federal courts challenging the Trump administration’s attempt to ban it in the US
August 21, 2020 21 Aug'20
TikTok’s GDPR compliance probed amid accusations of data misuse

Dutch privacy organisation SOMI claims TikTok falls short in protecting young users, and that it is likely violating GDPR
August 21, 2020 21 Aug'20
MPs accuse ICO of failing to do its job on contact-tracing data

Cross-party group of MPs say the ICO has failed to enforce data protection standards or hold the government to account over the unlawful Test and Trace programme
August 20, 2020 20 Aug'20
UKAS rejects ISO certification concerns

UK’s certification body says refreshed guidance is in place to cover the possibility of lapsed ISO certifications
August 20, 2020 20 Aug'20
Social media data leak highlights murky world of data scraping

A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it
August 19, 2020 19 Aug'20
Veeam to add CDP, plus Google cloud as a target

Backup giant set to add continuous data protection for the most critical workloads, plus Google cloud as a target – all on the back of a storming quarter during the pandemic
August 19, 2020 19 Aug'20
Coronavirus: Thousands of ISO certifications set to lapse

Delays and postponements in the auditing process are putting hard-earned security and data protection certifications at risk of lapsing
August 19, 2020 19 Aug'20
Marriott slapped with class action lawsuit over 2018 breach

Group action brings together millions of victims who stayed at the Starwood hotel chain over a four-year period
August 18, 2020 18 Aug'20
Reports Oracle to enter TikTok bidding war

Oracle may be about to make a bid to acquire the US operations of TikTok from its Chinese parent ByteDance, according to the FT
August 12, 2020 12 Aug'20
Pure and Cohesity launch FlashRecover for flash-speed restores

Flash market pioneer links up with scale-out backup product maker to provide bundled backup plus super-fast recovery based around Pure FlashBlade storage arrays
August 11, 2020 11 Aug'20
French data protection authorities to probe TikTok as suitors circle

France’s CNIL has confirmed a new investigation into TikTok’s data protection practices
August 11, 2020 11 Aug'20
Hospitality sector is failing on contact-tracing obligations

Cyber security experts urge the government to do more to help small hospitality businesses improve their contact-tracing data-handling practices
August 06, 2020 06 Aug'20
Footballers to take legal action over use of performance and tracking data

Planned lawsuit will argue that the use of players’ statistics by third-party companies is incompatible with footballers’ data rights
July 29, 2020 29 Jul'20
Majority of organisations at risk of cloud data exposure

Report casts doubt on the effectiveness of the shared responsibility model of cloud security
July 24, 2020 24 Jul'20
A question of trust: University and supplier on the hook for data breach

Data on students at the University of York was stolen in a ransomware attack on a supplier two months ago, and the response of both parties raises serious questions
July 23, 2020 23 Jul'20
Commvault refreshes HyperScale backup appliances with Hedvig

Backup player set to replace Fujitsu/Red Hat-based backup appliances with new hardware and storage software from Hedvig, which it bought late last year
July 23, 2020 23 Jul'20
Post-Privacy Shield, what chance for a Brexit data adequacy deal?

The striking down of Privacy Shield has been hailed as a victory for digital rights and privacy campaign groups, but it will have consequences that go beyond transatlantic data transfers
July 20, 2020 20 Jul'20
ICO hails transformative year as average fine trebles

Information Commissioner’s Office annual report reflects on a busy period, during which it levied two of the largest fines so far seen under the GDPR
July 20, 2020 20 Jul'20
Test and Trace programme unlawful, admits government

The Department of Health and Social Care failed in its legal obligation to complete a mandatory Data Protection Impact Assessment
July 09, 2020 09 Jul'20
Clearview AI faces ICO investigation over facial recognition

Controversial company that scraped data from the public internet to build its facial recognition algorithm faces a joint UK-Australian investigation into its practices
July 07, 2020 07 Jul'20
Australian government foreshadows ‘sovereign data’ classification

The Australian government will examine if certain government datasets should be declared sovereign and only be hosted in the country
June 29, 2020 29 Jun'20
Out of date security laws leave UK plc at risk during pandemic

The CyberUp coalition has written to Boris Johnson to urge him to reform the UK’s 30 year-old cyber crime laws
June 25, 2020 25 Jun'20
Veeam bullish on growth in APAC

Veeam’s top executive in Asia-Pacific expects the company’s growth momentum in the region to continue despite the Covid-19 pandemic, and is setting sights on growth areas such as container backups
June 24, 2020 24 Jun'20
EU judges GDPR an overall success, but changes still needed

Two years after its implementation, an EU report says that the GDPR is achieving what it set out to do, with a few reservations
June 24, 2020 24 Jun'20
Brits will sell their personal data for pennies

Surprising findings from an Okta report on digital identity suggest Brits would be willing to part with valuable personal data for a surprisingly low amount
June 23, 2020 23 Jun'20
Twitter contacts business users over data exposure

Issue relates to how web browsers cached confidential data entered in Twitter’s ads and analytics services, but is unlikely to have resulted in compromise
June 16, 2020 16 Jun'20
UK-US data deal puts Brexit data adequacy pact at risk

European Data Protection Board writes to MEPs saying the UK is at risk of failing to strike a post-Brexit data adequacy accord if its data protection agreements with the US don’t strike the right note
June 02, 2020 02 Jun'20
Digital transformation held back by lack of skilled people

Veeam survey finds digital transformation a hot topic, but 44% of firms are held back by skills shortages. Meanwhile, the cost of downtime is found to be $67,651 per hour for the most important apps
June 02, 2020 02 Jun'20
NIS security regulations proving effective, but more work to do

The UK’s NIS cyber security and risk regulations are proving somewhat effective, according to a government report
May 29, 2020 29 May'20
Singapore’s contact-tracing app tops privacy study

Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds
May 19, 2020 19 May'20
GDPR wholly inappropriate to govern contact-tracing data

Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app
May 19, 2020 19 May'20
Nine million EasyJet customer details lost in data breach

Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline
May 13, 2020 13 May'20
Can Lady Gaga and Madonna get people to take security seriously?

What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers
May 12, 2020 12 May'20
APAC firms still coming to grips with data protection

More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain
May 12, 2020 12 May'20
How Australian firms can plug data protection gaps

Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene
May 04, 2020 04 May'20
NHSX contact-tracing app needs legislative oversight

Legal experts have told Parliament’s Human Rights Committee that legislation is desirable to ensure public trust in the data security of the Covid-19 coronavirus contact-tracing app
May 04, 2020 04 May'20
IT Priorities 2020: Compliance and risk are top security concerns

When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study
April 27, 2020 27 Apr'20
Australia’s CovidSafe app debuts, source codes to follow

Australia’s contact tracing app has been downloaded more than 1.1 million times, even as privacy concerns linger on
April 24, 2020 24 Apr'20
Dark data is contributing to carbon emissions

Almost six million tonnes of carbon dioxide will be pumped into the atmosphere this year as a result of dark data, Veritas research finds
April 21, 2020 21 Apr'20
When data protection is not enough

Organisations should take a holistic approach to data protection and cyber security in what the CEO of Acronis deems a “cyber protection” strategy
April 16, 2020 16 Apr'20
Check Point sounds alarm over double extortion ransomware threat

Researchers say double extortion ransomware attacks are likely to increase in frequency, and warn organisations to be on guard
April 15, 2020 15 Apr'20
Coronavirus: ICO temporarily relaxes regulatory approach

The Information Commissioner’s Office sets out a revised approach to its regulatory duties during the Covid-19 coronavirus pandemic
April 15, 2020 15 Apr'20
Government urged to delay digital services tax amid coronavirus outbreak

Delaying liabilities for a year could help technology companies already stretched thin by the outbreak of the Covid-19 coronavirus pandemic, according to TechUK
April 01, 2020 01 Apr'20
What we can learn from Marriott’s new data breach embarrassment

Marriott International has egg on its face once again following a second data breach in as many years, but there are encouraging signs in its response that suggest it is at least trying to learn from its experiences
March 26, 2020 26 Mar'20
Coronavirus: What are the latest free cyber security offers?

We round up the latest free offers on cyber security products and services being made available during the Covid-19 coronavirus crisis
March 25, 2020 25 Mar'20
Almost half of UK businesses suffered a cyber attack in past year

Latest government statistics reveal the scale of the cyber security challenge facing UK plc, but reveals some cause for optimism
March 25, 2020 25 Mar'20
Australia inks digital economy pact with Singapore

Australia’s digital economy agreement with Singapore will pave the way for data transfers and other digital trade opportunities
March 20, 2020 20 Mar'20
UK Coronavirus Bill relaxes restrictions on mass surveillance powers

Emergency legislation would massively expand state surveillance and police detainment powers
March 17, 2020 17 Mar'20
UK makes its case for post-Brexit data adequacy decision

Government sets out an explanatory framework as it seeks adequacy decisions from the European Commission to maintain the free flow of personal data between the European Union, the UK and Gibraltar
March 10, 2020 10 Mar'20
VAT software supplier exposed data of millions

Eight million sales records belonging to UK and EU consumers left exposed due to misconfigured server
March 05, 2020 05 Mar'20
Biometrics ethics group takes evidence on public-private use of facial recognition

Collaboration between police forces and private entities on facial recognition technology comes under scrutiny by the Home Office’s Biometrics and Forensics Ethics Group
February 27, 2020 27 Feb'20
Clearview hack fuels debate over facial recognition

Customers of Clearview AI, a controversial startup that scrapes and sells billions of photos of people from social media to police forces, have found themselves at the centre of a major data breach
February 24, 2020 24 Feb'20
Thai university to roll out data protection certification

Thailand’s National Institute of Development Administration is offering a certification programme to get organisations ready for the country’s data protection regime
February 21, 2020 21 Feb'20
Labour condemns Google data plans

Shadow digital minister Chi Onwurah challenges the government to stop Google’s plans to move UK user data out of the EU
February 20, 2020 20 Feb'20
Google plans to send Brits’ data to US after Brexit

Move puts British user data beyond the reach of the EU’s GDPR, makes it more accessible to UK and US law enforcement agencies, and has prompted anger
February 19, 2020 19 Feb'20
Blasé directors put business data at risk

The higher up within a business you go, the more likely you are to find people intentionally leaking confidential data, says Egress
February 18, 2020 18 Feb'20
Veeam Availability Suite v10 adds NAS backup and cloud tiering

Availability Suite is mostly about consolidating the company’s data management platform idea, but it has added incremental forever NAS backup, cloud tiering and recovery to vSphere
February 10, 2020 10 Feb'20
Police use of facial recognition ‘unjustifiable’, says Scottish Justice Committee

Members of the Scottish Parliament have said police use of live facial recognition technology is “not fit for purpose”
February 05, 2020 05 Feb'20
Veeam pushes subscription licensing in cloud-centric ‘Act II’

Backup specialist wants to “win the cloud” as it pushes towards a cloud-focused vision that includes pay-for-what-you-use and multicloud after its acquisition last month
February 04, 2020 04 Feb'20
Acronis CEO bullish as specialist goes beyond backup

Acronis is set to launch Cyber Protect as it rides a wave of confidence based on increasing revenues and investor funding. Will the backup-plus-cyber protection calculation pay off?
January 28, 2020 28 Jan'20
Data privacy benefits outweigh spend, says Cisco

Cisco’s 2020 data privacy study shows organisations can generate substantial returns on their data privacy and protection spending
January 24, 2020 24 Jan'20
Disaster recovery failover choices: Synchronous mirrors, P2V and the cloud

We survey the key options in disaster recovery: whether to failover to an on-site location or off-site facility. We also look at the cloud as an option in disaster recovery
January 20, 2020 20 Jan'20
Exposed AWS buckets again implicated in multiple data leaks

A series of data leaks in the past week have once again implicated poorly secured Amazon S3 buckets, which are supposed to be private by default
January 20, 2020 20 Jan'20
GDPR nets more than €100m in fines, with more to come

Fines totalling €114m have already been collected under GDPR, and this figure will spike in 2020 if the UK regulator succeeds in imposing record fines on BA and Marriott
January 17, 2020 17 Jan'20
Scottish police roll out controversial data extraction technology

The introduction of new mobile phone data extraction terminals to Police Scotland will go ahead despite concerns that the use of the technology could be unlawful
January 16, 2020 16 Jan'20
Thailand gets ready for data protection law

Thailand’s personal data protection law comes into effect in May 2020, subjecting organisations to new rules that safeguard the personal data of individuals
January 15, 2020 15 Jan'20
Threat landscape grew in complexity in 2019, no respite in sight

Check Point’s annual state of security report shares some 2019 trends and looks ahead to 2020
January 13, 2020 13 Jan'20
$5bn buy-out set to make backup giant Veeam a US company

Veeam’s founders are out as investment fund gets its hands on a pioneer of virtual machine backup. Now it will be a US company and eligible to target US government customers
January 09, 2020 09 Jan'20
Don’t become the next Travelex: Get ready for ransomware

With Travelex’s IT still in disarray and banks and travellers left without access to funds more than a week after it was hit by a ransomware attack, we ask what others can learn from the foreign exchange services company’s response to the incident
January 09, 2020 09 Jan'20
New GDPR service aims to ease compliance challenges

Security consultants claim their software platform will address a pressing need for an effective and efficient means of complying with data protection rules
January 02, 2020 02 Jan'20
California’s CCPA an opportunity for security industry to do better

California’s consumer protection and data privacy laws came into effect on 1 January 2020, and present a golden opportunity for the cyber security practitioners
December 09, 2019 09 Dec'19
Public sector still losing user devices in high numbers

The Ministry of Justice has lost 354 smartphones, PCs, laptops and tablets in the past 12 months, according to a Freedom of Information request, and other government departments are in the same boat
December 03, 2019 03 Dec'19
Survey finds most firms don’t respond to GDPR requests in time

Most organisations do not respond to requests for GDPR data in the one month allowed, while many return incorrect data. The education sector does best, but the public sector lags behind
November 22, 2019 22 Nov'19
Mystery surrounds leak of four billion user records

Threat researchers uncover four billion user records on a wide-open Elasticsearch server but who left them there is a mystery
November 19, 2019 19 Nov'19
Businesses failing to wipe data from old endpoints

Organisations are not taking adequate precautions to sanitise data held on endpoints when refreshing their PC or mobile device estates
November 15, 2019 15 Nov'19
How Slack is going beyond messaging in enterprise play

Deeper integrations with business applications and data residency support are part of Slack’s broader strategy to penetrate deeper into the enterprise
November 14, 2019 14 Nov'19
ASEAN regulatory sandbox will promote cross-border data flows

The Regulatory Pilot Space will offer ASEAN businesses a safe test environment to provide digital services across the region while complying with data privacy rules
October 29, 2019 29 Oct'19
NordVPN enlists ethical hackers, launches bug bounty programme

Breached consumer VPN supplier details steps it is taking to shore up its cyber security posture after an unknown actor gained access to one of its servers
October 21, 2019 21 Oct'19
Equifax lawsuit offers more evidence against passwords

Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords
October 01, 2019 01 Oct'19
Dutch group works on digitising collaborator archives created in aftermath of World War 2

Experiments have been carried out to ascertain the best technology to open up the analogue archives of the Central Archive of Special Justice in the Netherlands
October 01, 2019 01 Oct'19
Singapore outlines initiatives to tackle OT and IoT security

The Cyber Security Agency of Singapore has developed a blueprint to secure operational technology systems in critical sectors, among other measures to secure cyber-physical systems and the internet of things
September 27, 2019 27 Sep'19
GDPR compliance: Whose job is it and is it really possible?

Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to
September 23, 2019 23 Sep'19
Basic data and skills needed to fix UK social care

Foundations need to be in place to save the social care system from collapse, and NHSX needs to step up to the task, according to a Doteveryone report