US Dep. of Commerce released a FAQ on the invalidation of the Privacy Shield

The US Department of Commerce has released a FAQ document related to the invalidation of the EU-US Privacy Shield by the Court of Justice of the European Union.

ICDPPC publishes the report of the 41th International Conference

The Data Protection and Privacy Commissioners publish the report of their 41st International Conference held in Tirana, Albania on 21-24 October 2019. The report is entitled "CONVERGENCE AND CONNECTIVITY RAISING GLOBAL DATA PROTECTION STANDARDS IN THE DIGITAL AGE".

Poor risk assessment leads Capital One to M penalty

Capital One Financial Corporation has been imposed an M penalty by a banking regulator for the data breach it suffered in 2019. The US Office of the Controller of the Currency found that Capital One conducted an insufficient risk assessment which therefore did not prevent the data breach occurred in 2019. As a result of the breach, data of 100M credit card applicants were stolen. 

Find more from Reuters here

Find the page the Capital One dedicates to the 2019 cyber-incident here

Danish DPA issues a new fine to PrivatBo

The Danish Data Protection Agency has fined the management company with DKK 150.000 for not complying with the requirements of an appropriate level of security under the GDPR

Hamburg DPA call for Federal action to prevent illicit use of covid-19 tracing app data by the police

The DPA of Hamburg, Germany, has issued a press release where it states that "Contact details that are to be collected for the purpose of official traceability of chains of infection are increasingly being used by the police for the purpose of prosecuting criminal offenses". Johannes Caspar, Hamburg Commissioner for Data Protection and Freedom of Information: “A solution to this unsatisfactory and legally uncertain situation is in the hands of the federal legislature".

    Page 1 of 359