Articles about gdpr


Microsoft menaced with GDPR mega-fines in Europe for 'large scale and covert' gathering of people's info via Office

Microsoft broke Euro privacy rules by carrying out the "large scale and covert" gathering of private data through its Office apps. That's according to a report out this month [PDF] that was commissioned by the Dutch government into how information handled by 300,000 of its workers was processed by Microsoft's Office ProPlus …
Kieren McCarthy, 16 Nov 2018
Stressed dude awake at night

Just because you're paranoid doesn't mean hackers won't nuke your employer into the ground tomorrow

The number one thing worrying infosec bods right now is… yup, you guessed it, a giant targeted attack that KOs their employers' systems. This fear was seconded – though not closely – by the threat posed by the people with whom they make small talk at the water cooler: their org's very own blabby, policy-swerving, "oh-I'll-just …
Gareth Corfield, 14 Nov 2018

GDPR USA? 'A year ago, hell no ... More people are open to it now' – House Rep says EU-like law may be mulled

The rash of high-profile IT security breaches, data thefts, and other hacks that have erupted over the last year or so may push US legislators to consider laws similar to Europe's privacy-protecting GDPR. This is according to Representative Will Hurd (R-TX), who told attendees at the Aspen Cyber Summit in San Francisco today …
Shaun Nichols, 8 Nov 2018

US draft bill moots locking up execs who lie about privacy violations

Company bosses could be thrown in jail for up to 20 years if they aren't straight with US regulators about privacy violations under a law drafted by senator Ron Wyden. The Democrat has proposed a new privacy bill for the US, with the short title of the Consumer Data Protection Act (PDF), which aims to address the hole in …
Rebecca Hill, 5 Nov 2018
Map of Europe, with lock symbolizing GDPR

GDPR stands for Google Doing Positively, Regardless. Webpage trackers down in Europe – except Big G's

In a US Senate hearing that went little reported this month, America's antitrust chiefs warned that Europe's tough General Data Protection Regulation (GDPR) had benefited the companies it was designed to tame. A study out this week tracking activity on the top 2,000 sites used by netizens in Europe confirms it: in one respect …
Andrew Orlowski, 12 Oct 2018
Man feels someone else's pain

Workplace services-flinger Sodexo pulls Engage website after division hit by malware smackdown

Employee benefits firm Sodexo has suffered a data breach exposing personal info believed to include names, email addresses and home addresses after UK arm Sodexo Motivation Solutions’ internal IT systems were hit by malware. In the wake of the breach, it pulled Engage's staff-facing retail discount and perks website …
John Leyden, 10 Oct 2018
Beware awkward moments next exit

Sendgrid blurts out OWN customers' email addresses with no help from hackers

Cloud-based email marketing service SendGrid has copped to blabbing customer email addresses, chalking it up to some overenthusiastic indexing without explaining why pages were public-facing in the first place. In a breach notice sent out on Tuesday 2 October, SendGrid said that "some email addresses processed through the …
John Leyden, 4 Oct 2018

Sneaky phone apps just about obey the law, still have no trouble guzzling your data, says Which?

Apps use sneaky tactics to get UK users to hand over more info than they need to – and privacy policies remain long and confusing. These claims were this week emitted by Brit consumer rights body Which? in a report into data privacy of 29 commonly used Android and iPhone apps released. The investigation found that – despite …
Rebecca Hill, 26 Sep 2018
Tilted glass with milk lying on a table

Aggregate this: NewsNow has spilt a bunch of 'encrypted' passwords

Updated UK aggregator NewsNow has suffered a breach resulting in the leak of users' "encrypted" passwords. Word of the breach surfaced through reports to security consultant Troy Hunt, who runs the Have I Been Pwned service. Data breach at @NewsNowUK — Troy Hunt (@troyhunt) September 24, 2018 The breach …
John Leyden, 25 Sep 2018

Brexit campaigner AggregateIQ challenges UK's first GDPR notice

A Canadian data analytics firm on the receiving end of the UK's first-ever violation notice of Europe's new data privacy laws is appealing the claims against it. The GDPR notice was sent by Blighty's Information Commissioner (ICO) against AggregateIQ, an organization linked to the Facebook-Cambridge Analytica scandal. The biz …
Kieren McCarthy, 24 Sep 2018

Generally Disclosing Pretty Rapidly: GDPR strapped a jet engine on hacked British Airways

Analysis If Equifax's mother-of-all-security-disasters last year underlined one thing, it was that big companies think they can weather just about anything cybercriminals – and regulators – can throw at them. One unpatched web server, 147 million mostly US customer records swiped, and a political beating that should pulverise a company …
John E Dunn, 12 Sep 2018

Law firm seeking leak victims to launch £500m suit at British Airways

British Airways faces a £500m lawsuit over its recent mega-breach that exposed payment card details of 380,000 customers. The airliner last week apologised and offered to compensate customers for any direct financial loss for the attack that took place between 21 August and 5 September via its website and app. However, an …
John Leyden, 11 Sep 2018

Europe's GDPR, Whois shakeup was supposed to trigger spam tsunami – so, er, where is it?

Updated When new European privacy legislation forced internet registries and registrars to withhold the ownership details of internet domain names, a number of groups – including intellectual property lawyers and cybercrime experts – warned it would result in a jump in spam and online fraud. "A lot of people who are using this data …
Kieren McCarthy, 29 Aug 2018
UK border control photo via Shutterstock

Campaigners call for immigration exemption in UK's Data Protection Act to be scrapped

Campaign groups have today launched a legal challenge against an exemption in the UK's Data Protection Act that could prevent citizens gaining access to immigration data held on them. The Open Rights Group and EU citizens' group, the3million, have argued that, as it stands, many people would not be able to access data that the …
Rebecca Hill, 28 Aug 2018

None too chuffed with your A levels? Hey, why not bludgeon the exam boards with GDPR?

Schools across the UK may have thought results fever was over for another year – but, thanks to the nation's privacy watchdog, they might not get to relax just yet. The Information Commissioner's Office has published a how-to guide on demanding more information about exams results for students. "If you've just received your …
Rebecca Hill, 28 Aug 2018
Facebook-style crying emoji

Chap asks Facebook for data on his web activity, Facebook says no, now watchdog's on the case

Facebook's refusal to hand over the data it holds on users' web activity is to be probed by the Irish Data Protection Commissioner after a complaint from a UK-based academic. Under the General Data Protection Regulation, which came into force on 25 May, people can demand that organisations hand over the data they hold on them …
Rebecca Hill, 24 Aug 2018

ETSI crypto-based access control standards land

Worried about enterprise security, access control, and GDPR? Relax, the standards bods at European Telecommunications Standards Institute (ETSI) have you covered. Covered, that is, if you implement its latest encryption standards. ETSI's Technical Committee on Cybersecurity announced it has released two Attribute-Based …
Man holds the BMW f30 key fob with an apple watch showing the connected drive information.

Connected car data handover headache: There's no quick fix... and it's NOT just Land Rovers

The perils of previous owners retaining unfettered access to the data and controls of connected cars after resale is a wider problem across the industry, The Register has discovered. We have confirmed that BMW, Mercedes-Benz and Nissan may all have much the same issue as Jaguar Land Rover, the focus of our recent article on …
John Leyden, 21 Aug 2018

Create a news alert about gdpr, or find more stories about gdpr.

Biting the hand that feeds IT © 1998–2018