How changes to Ireland's DPC may impact GDPR enforcement across the EU
In an interview with Politico, Ireland's Data Protection Commissioner Helen Dixon discussed a range of data protection topics ahead of her departure from the DPC in February.
Discover the latest industry insights and developments with our News from Around the Web page. We curate feeds from a variety of reputable organizations, bringing you a comprehensive overview of relevant news and trends. Stay informed and connected with the most current updates from across the web.
CNIL fines Yahoo 10M euros over alleged cookie consent violations
France's data protection authority, the Commission nationale de l'informatique et des libertés, fined Yahoo EMEA 10 million euros over the company's alleged violation of the ePrivacy Directive. The CNIL found visitors to the Yahoo site had cookies placed on their computer without their consent and difficulty for users wanting to withdraw participation in cookie collection.Full story
ICO updates child online safety provisions
The U.K. Information Commissioner's Office released updated opinions on what online services need to do to comply with the Online Safety Act. The guidelines touch on recent developments in technology and explain legislative developments and how online services can conduct age assurance tests while still using data protections.Full story
TSA expands optional facial recognition ID program
The U.S. Transportation Security Administration expanded its optional facial recognition program that allows passengers to use a facial scan to match them to their state-issued ID, The New York Times reports. The program is similar to Delta's digital ID program that makes it easier for passengers to get through security without showing a physical ID. Full story
Hospital patient data returned after ransomware group sued
North Star Health Alliance, a group of hospitals in New York, sued LockBit ransomware group after a data breach stole patient data, GovInfoSecurity reports. The hospitals sued LockBit to force the return of its data from cloud vendor Wasabi Technologies.Full story
NIST releases guidance for businesses' cybersecurity standards
The U.S. National Institute of Standards and Technology published drafted guidance for businesses' cybersecurity programs. The guidance aims to help businesses develop cybersecurity programs that fit the needs of the organization while also navigating cyber risks.Full story
EDPB publishes report on DPO coordinated enforcement
The European Data Protection Board adopted 17 Jan. a report on the results of its 2023 coordinated enforcement action regarding data protection officer responsibilities and efficacy required under the EU General Data Protection Regulation. Informed by 15,108 stakeholder responses, the EDPB report outlines notable challenges DPOs and their organizations are faced with in terms of resources and training while offering recommendations to support improvements.
FTC joins global data privacy, security law enforcement pact
The U.S. Federal Trade Commission will enter a new multilateral agreement, the Global Cooperation Arrangement for Privacy.
New Jersey's comprehensive privacy bill signed into law
Gov. Phil Murphy, D-N.J., signed New Jersey's comprehensive privacy bill, Senate Bill 332, into law 16 Jan. The law is set to take effect one year after its signing date in January 2025. There is no indication or mandate on a timetable for commencing attorney general rulemaking before the law takes effect.
Report details how health websites flout privacy laws
Consumer Reports along with Boltive released a report showing nine out of 10 health care companies continue to share customers' personal data despite privacy laws that should limit the practice.