Articles about gdpr

Speed

Generally Disclosing Pretty Rapidly: GDPR strapped a jet engine on hacked British Airways

Analysis If Equifax's mother-of-all-security-disasters last year underlined one thing, it was that big companies think they can weather just about anything cybercriminals – and regulators – can throw at them. One unpatched web server, 147 million mostly US customer records swiped, and a political beating that should pulverise a company …
John E Dunn, 12 Sep 2018

Law firm seeking leak victims to launch £500m suit at British Airways

British Airways faces a £500m lawsuit over its recent mega-breach that exposed payment card details of 380,000 customers. The airliner last week apologised and offered to compensate customers for any direct financial loss for the attack that took place between 21 August and 5 September via its website and app. However, an …
John Leyden, 11 Sep 2018
asleep

Europe's GDPR, Whois shakeup was supposed to trigger spam tsunami – so, er, where is it?

Updated When new European privacy legislation forced internet registries and registrars to withhold the ownership details of internet domain names, a number of groups – including intellectual property lawyers and cybercrime experts – warned it would result in a jump in spam and online fraud. "A lot of people who are using this data …
Kieren McCarthy, 29 Aug 2018
UK border control photo via Shutterstock

Campaigners call for immigration exemption in UK's Data Protection Act to be scrapped

Campaign groups have today launched a legal challenge against an exemption in the UK's Data Protection Act that could prevent citizens gaining access to immigration data held on them. The Open Rights Group and EU citizens' group, the3million, have argued that, as it stands, many people would not be able to access data that the …
Rebecca Hill, 28 Aug 2018

None too chuffed with your A levels? Hey, why not bludgeon the exam boards with GDPR?

Schools across the UK may have thought results fever was over for another year – but, thanks to the nation's privacy watchdog, they might not get to relax just yet. The Information Commissioner's Office has published a how-to guide on demanding more information about exams results for students. "If you've just received your …
Rebecca Hill, 28 Aug 2018
Facebook-style crying emoji

Chap asks Facebook for data on his web activity, Facebook says no, now watchdog's on the case

Facebook's refusal to hand over the data it holds on users' web activity is to be probed by the Irish Data Protection Commissioner after a complaint from a UK-based academic. Under the General Data Protection Regulation, which came into force on 25 May, people can demand that organisations hand over the data they hold on them …
Rebecca Hill, 24 Aug 2018
Encryption

ETSI crypto-based access control standards land

Worried about enterprise security, access control, and GDPR? Relax, the standards bods at European Telecommunications Standards Institute (ETSI) have you covered. Covered, that is, if you implement its latest encryption standards. ETSI's Technical Committee on Cybersecurity announced it has released two Attribute-Based …
Man holds the BMW f30 key fob with an apple watch showing the connected drive information.

Connected car data handover headache: There's no quick fix... and it's NOT just Land Rovers

The perils of previous owners retaining unfettered access to the data and controls of connected cars after resale is a wider problem across the industry, The Register has discovered. We have confirmed that BMW, Mercedes-Benz and Nissan may all have much the same issue as Jaguar Land Rover, the focus of our recent article on …
John Leyden, 21 Aug 2018
Cookies

That's the way the cookies crumble: Consent banners up 16% since GDPR

IT consultants, software firms and campaigners spent months touting 25 May 2018 as the dawning of a new era – for better or worse, depending on who was selling the snake oil – but research published this month indicates minor changes in reality. The General Data Protection Regulation, which came into force on Towel Day, …
Rebecca Hill, 21 Aug 2018
wall punch

Internet overseer continues wall-punching legal campaign

The organization that oversees the internet's naming and numbering systems is continuing its embarrassing European legal campaign, insisting for a third time that the German courts have got it wrong. On Friday, ICANN appealed [PDF] the latest court decision against it, this time insisting that the Appellate Court of Cologne, …
Kieren McCarthy, 21 Aug 2018
Toronto Google Map image via Shutterstock

Google responds to location-stalking outcry by… tweaking words on its BS support page

Google has responded to an outcry over how it continues to keep a record on people's whereabouts – even when they specifically opt-out – by changing the word of its misleading help page. Earlier this week, researchers revealed that even if you went to Google's "location history" setting and turned it off, its most common iOS, …
Kieren McCarthy, 17 Aug 2018
Stalker: woman peers through keyhole

Google risks mega-fine in EU over location 'stalking'

Special Report Privacy campaigners say Google's obsessive collection of location markers violates Europe's privacy laws - potentially exposing the Californian giant to punitive fines. Several privacy watchers agree that as it stands, users are misled, and can't give informed consent. That exposes the company to financial penalty under GDPR …
Andrew Orlowski, 16 Aug 2018
fail

Internet overseer ICANN loses a THIRD time in Whois GDPR legal war

The internet's domain names overlord has failed in a third attempt to keep to the wheels from falling off its Whois service in Europe, raising questions over its competence. US-based Internet Corporation for Assigned Names and Numbers (ICANN) was slammed by the Appellate Court of Cologne, Germany, for not having "sufficiently …

Web doc iCliniq plugs leaky S3 bucket stuffed full of medical records

Exclusive Online medical consultation service iCliniq left thousands of medical documents in a publicly accessible Amazon Web Services S3 bucket. iCliniq locked down the online silo earlier this week only after the slip-up was brought to its attention by German security researcher Matthias Gliwka. He approached El Reg after failing to …
John Leyden, 3 Aug 2018
container_ship_hamburg_shutterstock_648

Holy ship! UK shipping biz Clarksons blames megahack on single point of pwnage

British shipping services firm Clarksons has revealed a high profile data breach last year stemmed from a hack on a “single and isolated user account”. shipping container Hacked Brit shipping giant Clarksons: A person may release some of our data today READ MORE Criminal hackers stole employee information from the shipping …
John Leyden, 1 Aug 2018
movie still from zoolander: 'hansel, he's so hot right now. hansel'

Oooooh! Fashion! Yes, 1m-plus accounts on clothes, trinket websites exposed by lax security

Naff computer security at an e-commerce provider potentially exposed the details of more than a million unique accounts on British clothing and accessory shopping websites, infosec experts have confirmed. Sub-optimal security at Fashion Nexus meant a white-hat hacker, Taylor Ralston, was able to access databases containing …
John Leyden, 1 Aug 2018
India battle tapestry photo via Shutterstock

India mulls ban on probes into anonymized data use – with GDPR-style privacy laws

India is following Europe down the data protection path, with draft legislation criticized as a mixed bag of good and bad laws being proposed on Friday. Under the proposals, there will be a data protection authority with the ability to impose fines; individuals get some new rights over how their data is handled, but not as …
Man faceplants in airbag

Shock Land Rover Discovery: Sellers could meddle with connected cars if not unbound

Both data and the online controls on "connected cars" from Jaguar Land Rover remain available to previous owners, according to security experts and owners of the upmarket vehicles. The car maker has defended its privacy safeguards and security of its InControl tech. El Reg began investigating the issue after talking to Matt …
John Leyden, 27 Jul 2018

Create a news alert about gdpr, or find more stories about gdpr.

Biting the hand that feeds IT © 1998–2018