News

Regulatory compliance and standard requirements

• June 03, 2019 03 Jun'19

  Australia’s Notifiable Data Breaches scheme drives compliance but issues remain

  Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms

• May 31, 2019 31 May'19

  Facebook loses bid to halt European court decision on EU-US data sharing

  Irish Supreme Court dismisses attempt by Facebook to prevent the European Court of Justice considering the validity of US-EU data transfers, after Austrian lawyer Max Schrems argued that they put the privacy of EU citizens at risk

• May 31, 2019 31 May'19

  GCHQ urged to abandon plans to access encrypted chats

  Tech companies and security and policy experts are calling for more dialogue with GCHQ on encryption, urging it to ditch its proposal for eavesdropping on encrypted chats

• May 30, 2019 30 May'19

  2.3 billion business and consumer data files exposed online

  In the year since the GDPR compliance deadline, the number of data files exposed online without adequate protection is up more than 50% due to misconfigured security controls, report reveals

• May 29, 2019 29 May'19

  ICO to shortlist Sandbox applicants

  Privacy watchdog’s Sandbox service aims to help develop innovative and beneficial products and services that are privacy compliant

• May 28, 2019 28 May'19

  Many search engine users unaware of personal data collection

  Many users of online search engines are still unaware that data is being collected about them for personalised advertising, a study has revealed

• May 26, 2019 26 May'19

  Australian firms coming to grips with AI ethics

  Australian businesses are warming up to AI, but just two in five have standards and guidelines for AI ethics, a study finds

• May 24, 2019 24 May'19

  Just over half of UK firms don’t have a cyber resilience plan

  Many UK firms still lack cyber resilience and data protection capabilities covering email a year after the implementation of the GDPR aimed at improving personal data protection

• May 24, 2019 24 May'19

  GDPR: Are we there yet?

  A full year since the General Data Protection Regulation was implemented, there has not been the severe punitive action expected by many and personal data breaches continue to happen, leaving many wondering if any progress has been made

• May 24, 2019 24 May'19

  Effect of GDPR yet to be felt, says law firm Hogan Lovells

  Despite the fact that the GDPR has been in full effect for a year, the true effect of the regulation is yet to be felt and organisations should ensure they keep their eye on the ball, says leading privacy law firm

• May 24, 2019 24 May'19

  No real change a year into GDPR, says privacy expert

  A year after the GDPR compliance deadline, many organisations still have a lot of work to do to make real changes and shift focus away from fines to business value and gain, says PwC’s GDPR and data protection lead

• May 24, 2019 24 May'19

  SurveyMonkey opens Dublin datacentre region to court data-security conscious enterprises in Europe

  Online survey software provider SurveyMonkey is on a Europe-wide enterprise charm offensive, and is focusing on winning over CIOs with the offer to locally host their data within its European datacentre region

• May 23, 2019 23 May'19

  Arm China seeks solutions to US export controls with Huawei

  Chip design firm in communication with Huawei-owned semiconductor firm HiSilicon following US move to halt exports of US technology to Chinese tech giant

• May 23, 2019 23 May'19

  IBM’s investment in automation pays off in GDPR’s first year

  The first year of the EU’s General Data Protection Regulation has demonstrated the value of IBM’s investment in machine learning-based automation and the importance of having the right strategy and systems in place, according to the firm’s data ...

• May 22, 2019 22 May'19

  TalkTalk admits new failings in 2015 data breach notification

  TalkTalk’s failure to notify all those affected by its 2015 data breach highlights the importance of data visibility so that breach notifications are fast and accurate – a key requirement of the GDPR

• May 22, 2019 22 May'19

  Singapore proposes data portability provisions

  The Personal Data Protection Commission is seeking public feedback on proposed provisions that will let consumers move their personal data across organisations

• May 20, 2019 20 May'19

  GDPR an opportunity to improve data systems and processes

  A year after the official implementation of the GDPR, it is important to highlight the positive opportunities that compliance provides and the insights breach reports are providing, say Deloitte consultants

• May 20, 2019 20 May'19

  ICO to support GDPR certification schemes

  The UK data protection watchdog is accepting enquiries from organisations considering developing GDPR certification schemes, which the ICO says could help recipients achieve competitive advantage

• May 15, 2019 15 May'19

  Facebook engaged in ‘calculated’ campaign to eliminate competition, claims businessman

  A US businessman is seeking damages from Facebook after accusing the social media company of unfairly blocking “humorous” Facebook pages which generated hundreds of thousands of dollars in advertising revenue

• May 15, 2019 15 May'19

  Microsoft working to support decentralised identity

  Microsoft is among the big tech players aiming to help enable personalisation of products and services without putting privacy at risk

• May 14, 2019 14 May'19

  Electronic ID in the Nordics – a model for other countries?

  Use of electronic identity schemes in Sweden, Norway, Finland and Denmark is far ahead of other countries – but why?

• May 09, 2019 09 May'19

  Facebook co-founder: ‘It is time to break up Facebook’

  Co-founder of Facebook, Chris Hughes, has published an op-ed in The New York Times calling for Facebook to be broken up, as it faces investigations from the US Federal Trade Commission

• May 07, 2019 07 May'19

  HMRC begins deleting unlawful voice biometric data

  HM Revenue and Customs is to forge ahead with Voice ID despite beginning to delete the largest state-held voice biometric database gathered without consent after UK privacy and data protection watchdog issues order

• May 03, 2019 03 May'19

  Zero trust: A 21st century security model

  Traditional corporate security models date back to a time when there were fewer, lower-level threats, but a zero trust model is better suited to the 21st century, according to the originator of the idea

• April 29, 2019 29 Apr'19

  Privacy and data protection an opportunity, says entrepreneur

  Organisations should see data protection and privacy compliance as an opportunity to build trust with customers, according to startup One.Thing.Less

• April 26, 2019 26 Apr'19

  GDPR cases drive bigger budgets for Nordic regulators

  High-profile General Data Protection Regulation cases in Finland and Sweden have increased the workload for regulators, which are to receive an increase in funding

• April 25, 2019 25 Apr'19

  NCSC and ICO pledge to support data breach victims

  The UK’s cyber security agency and privacy watchdog have agreed to work together to improve support for data breach victims and enhance cyber guidance

• April 25, 2019 25 Apr'19

  European Union to create central biometrics database

  New rules will see the introduction of a repository of personal data from hundreds of millions of citizens to support law enforcement across member states

• April 17, 2019 17 Apr'19

  Morrisons to launch fresh appeal against breach liability ruling

  Supermarket chain Morrisons is to launch a second appeal against a High Court ruling that found it liable for a data leak by a former employee

• April 12, 2019 12 Apr'19

  Bounty UK fined £400,000 for sharing personal data unlawfully

  UK pregnancy and parenting club fined for “unprecedented” level of unauthorised sharing of personal data by operating as a data broking service

• April 11, 2019 11 Apr'19

  Most organisations still lack incident response plans

  Most companies lack incident response plans, others fail to test them and nearly half are not GDPR compliant, but some report improved security through automation, a study shows

• April 09, 2019 09 Apr'19

  UK councils team up to boost cyber security

  Three UK councils and data analysis firm Splunk have teamed up to improve cyber defence capabilities and maintain their security systems

• April 08, 2019 08 Apr'19

  GDPR at a critical stage, says information commissioner

  The ICO is calling on data protection officials to help kick off the next phase of the GDPR by embedding sound data governance at its annual conference, where another DPO was recognised for excellence

• April 08, 2019 08 Apr'19

  How APAC firms can tame the data beast

  Companies and data management experts across Asia-Pacific reveal how they are tackling data management challenges that have been compounded by growing cloud usage and compliance requirements

• April 05, 2019 05 Apr'19

  London council fined by the ICO for disclosing personal information held on Met Police Gangs Matrix

  The London Borough of Newham has been fined for disclosing the sensitive personal information of more than 200 individuals that police held information on

• April 05, 2019 05 Apr'19

  European firms see value in ‘known good’ approach to security

  European data protection regulations are driving enterprise interest in an approach to security being championed by virtualisation software maker VMware, says the company’s security lead

• April 04, 2019 04 Apr'19

  Third-party Facebook apps expose 540 million users’ details

  Researchers have discovered another trove of Facebook users’ details, showing there is still no control over data shared with third parties, potentially exposing Facebook to more regulatory and legal action

• April 03, 2019 03 Apr'19

  Government urges businesses and charities to up cyber security

  The UK government is urging businesses and charities to take action to prevent cyber attacks as the costs go up, despite an overall reduction in breaches, partly driven by new data protection laws

• April 01, 2019 01 Apr'19

  Black Hat Asia 2019: Get ready for the cyber arms race

  The arms race is now squarely in the cyber realm as defence teams and threat actors arm themselves with AI tools

• April 01, 2019 01 Apr'19

  Zuckerberg calls for new internet regulation

  Facebook chief calls for new internet regulation in four key areas to define clear responsibilities for people, companies and governments, including more GDPR-aligned data protection rules

• April 01, 2019 01 Apr'19

  Singapore government to review data security in public sector

  A high-level committee comprising ministers and private sector security experts will review data security practices and recommend measures to better protect citizens’ data

• March 29, 2019 29 Mar'19

  ICO kicks off sandbox beta to support innovation

  The UK’s privacy watchdog has launched the first phase of an initiative aimed at enhancing data protection while supporting business innovation

• March 27, 2019 27 Mar'19

  Mind the overlap between GDPR and ePD, warns privacy lawyer

  Organisations need to be aware of the overlaps between European data protection and privacy rules, and which takes precedence, a privacy lawyer warns

• March 25, 2019 25 Mar'19

  Mike Lynch heads to High Court to defend against HP allegations

  The UK’s biggest fraud case commences, with the former CEO of Autonomy, Mike Lynch, attempting to clear his name

• March 25, 2019 25 Mar'19

  Small businesses hit hardest by cyber crime costs

  Small businesses felt the biggest impact of the UK’s cyber crime bill in 2018, research shows

• March 22, 2019 22 Mar'19

  Facebook security policy and practices unfit, say infosec pros

  Confidence in Facebook’s ability to keep users’ data safe has once again been shaken by revelations of poor password protection practices, prompting calls for a security review

• March 22, 2019 22 Mar'19

  UK police should not deploy live facial recognition technology until issues are resolved, MPs told

  The Science and Technology Committee has heard from the information and biometrics commissioners about the flawed use of live facial recognition technology by UK police

• March 15, 2019 15 Mar'19

  Brexit complicating already complex data protection

  GDPR impact is yet to be felt and data protection is set to become increasingly complex, with Brexit adding even more complexity that could be overwhelming, warns head of international privacy association

• March 14, 2019 14 Mar'19

  National Cyber Security Programme at risk of missing targets

  The National Audit Office has sharply criticised the Cabinet Office over failings in how it set up the National Cyber Security Programme that mean it may struggle to meet its goals

• March 14, 2019 14 Mar'19

  Met Police collaborated with US prosecutors in WikiLeaks investigation

  The Metropolitan Police has confirmed it exchanged information on WikiLeaks staff in the UK with the US Department of Justice, which is conducting criminal investigations into the organisation