DP Gazette • Issue 4 • April 4 2016

In DP Gazette by John A. Walsh0 Comments

A roundup of the latest news from the European Union and beyond related to Data Protection, Data Privacy and related topics.Got a tip? Contact us.



EU Data Protection News



Largest ever fine for breach of data protection laws issued by the Italian Data Protection Authority

Businesses should be aware of a new atmosphere of increasing regulatory enforcement within the EU in the run up to the introduction of the General Data Protection Regulation (GDPR). Both Italian and UK authorities have recently imposed large fines on companies in relation to regulatory offences. Related Article

New data rules mean it can’t be ‘business as usual’ – Helen Dixon, Irish Data Protection Commissioner

Data Protection Commissioner Helen Dixon has one of the busiest jobs in Irish public, preparing her rapidly expanding office for the challenges of the implementation of one of the largest-ever changes to how business is done in Ireland.Related Article

UK businesses stopped preparing for the GDPR because of Brexit

a quarter of UK businesses stopped preparing for the GDPR, thinking the regulation won’t apply once the UK leaves the EU. The GDPR, or General Data Protection Regulation, has been ratified by the UK and will come into force on May 2018 – which will almost certainly be before the UK leaves the EU. Even if the UK leaves before, however, the GDPR will still apply for all companies wanting to do business with the EU. Related Article

UK Information Commissioner fines Flybe, Honda for breaking data rules.

The ICO fined two companies a total of £83,000 for breaking the rules regarding marketing emails. Although the figure seems small compared to the terminal fines issued to companies such as Media Tactics, it notably targeted a regular area for data misuse and the offending companies could have easily avoided being fined.An investigation by the commissioner’s office found that Exeter-based airline Flybe had “deliberately sent more than 3.3 million emails to people who had told them they didn’t want to receive marketing emails from the firm”.Related Article

European Court of Justice to Determine Website Owner’s Liability for Social Media Plug-Ins

At the beginning of 2017 the Higher Regional Court of Düsseldorf referred the question whether a website owner is indeed the responsible body from a civil and data protection law perspective to the European Court of Justice. The Court’s decision, which may be rendered by the end of this year, will have a fundamental impact on the assessment of the legality of social media plug-ins and “like” functions which have become standard features on most websites.Related Article

UK Information Commissioner to hire up to 200 new staff members

The UK’s Information Commissioner’s Office (ICO) is set to hire up to 200 new staff members to cope with the increased oversight it will have over UK businesses when the EU’s General Data Protection Regulation (GDPR) comes into effect in May 2018.Related Article



Data Breach News



NY Attorney General Schneiderman Settles Data Breach Investigation

New York State Attorney General Eric T. Schneiderman announced a settlement with Acer Service Corporation (a Taiwanese computer manufacturer) relating to the NYSAG’s investigation of a breach of Acer’s data. The data breach, first reported in June, 2016, involved data for over 35,000 customers throughout the United States, Canada and Puerto Rico, including 2,250 customers who resided in New York.Related Article

Privacy-unaware GP surgeries put patient records at risk with ‘enhanced data sharing’

The company behind the SystmOne clinical management system widely used in GP surgeries across the UK, has rejected claims made over the weekend that patient records could be compromised as a result of ‘enhanced data sharing’ features in its software. .Related Article

36.6 million data breaches were recorded in India in 2016: Report

Nearly 36.6 million data records were compromised in India last year in 33 data breaches — a 14 per cent rise as compared to 2015, a new report said on Monday. According to global digital security firm Gemalto’s ‘Breach Level Index’, identity theft and unauthorised access to financial data were the leading type of data breaches, accounting for 73 per cent of all data theft.Related Article

Middle East data hacks on the rise

The number of data breaches in the Middle East has risen 16.67 percent since 2015 as hackers become increasingly sophisticated, according to research.
New data from global cybersecurity firm Gemalto found that approximately 45.2 million data records in the Middle East were compromised in 2016, compared to 38.5 million in the previous year.Related Article

FBI finds no illegal acts in data breach at Georgia university

Officials at a Georgia university say the FBI has found no violation of federal law in a data breach. Secretary of State Brian Kemp and Kennesaw State University this month confirmed that a federal investigation was focused on the school’s Center for Election Systems. The center has certified Georgia’s voting machines and other elections equipment since 2002.Related Article

Dozens of patients’ medical records found lying in Melbourne street

A hospital is being investigated for breaching the privacy of dozens of patients after medical records revealing a “swollen penis” and mental illnesses among other things, were found in a Coburg street.The Australian Information and Privacy Commissioner Timothy Pilgrim is investigating how the records of 31 patients were removed from the John Fawkner Private Hospital in Melbourne’s north last month.Related Article



Non-EU Data Protection News



Japan, EU launching high-level talks on safe data transfers

Global trend is for EU to be the gold standard for data privacy. The decision of the Japanese Government to convene a working group to align their data privacy laws with other jurisdictions highlights the trend of rising standards for data privacy legislation that is being driven by GDPR. It also highlights the economic and trade value of respecting human rights to data privacy in cross-border trade. Related Article

Chile is updating its DP laws to meet modern standards

The President of Chile, Michelle Bachelet, signed, on 13 March 2017 a Bill to Regulate the Protection and Processing of Personal Data and Create the Personal Data Protection Agency (‘the Government’s Bill’), which would amend Law No. 19.628 on the Protection of Private Life 1999. This development follows the current trend of modernising national data protection laws across the Latin American continent. Related Article

Senate votes to allow Internet Providers sell customer’s data

US Senate has voted to let internet providers sell consumer data without consent. Further adds to the shit sandwich US data subjects are being asked to eat with the weakening of the FCC and FTC enforcement functions.Related Article

Leave a Comment