French Data Protection Authority (CNIL) fines GROUPE CANAL+ €600,000 On October 12, 2023, the French Data Protection Authority (known as “the CNIL”) imposed a fine of €600,000 on French media company GROUPE CANAL+ for violating various data protection and privacy obligations. The fine resulted from multiple complaints received by CNIL about difficulties individuals faced [...]
The California governor has signed Bill 362, also known as the Delete Act, enabling residents to request the removal of their personal information from all data brokers operating in the state. The Delete Act aims to provide consumers with greater control over their personal information that is collected and sold by data brokers. The [...]
Here is a roundup of some of the recent regulatory updates in the data protection and privacy space around the world. Canada On September 22, 2023, the second set of amendments to Quebec’s privacy law (under “Bill 64” or “Law 25”) came into effect. The amendment aims to modernise Quebec’s long-standing privacy law in [...]
Business Email Compromise (BEC) is a type of cyber crime that involves misusing or impersonating a corporate email address to manipulate a company’s employees or contractors. The goal of BEC is normally to trick an employee into transferring funds or sharing sensitive information. BEC attacks are often sophisticated, and exploit email communication systems to [...]
In a move that underscores Turkey's commitment to supporting economic growth and enterprise development, the country’s Personal Data Protection Board (‘the Board’) recently made a substantial revision to their Data Protection Regulations (‘the Regulation’). The Board announced their decision on 6 July 2023, and presented a significant increase in the monetary threshold for exemption [...]
In recent weeks, India's legislators passed a data protection law that outlines how technology companies handle users' data. The Digital Personal Data Protection Act, 2023 gives government authorities powers to request information from firms and issue directives to block content based on the recommendations of a data protection board appointed by the federal government. [...]
South Korea’s Personal Information Protection Commission has taken a strong stance against global tech giants OpenAI and Meta, highlighting the growing significance of data privacy worldwide. In response to a data breach resulting in 687 South Koren users having their personal information exposed, South Korea’s Personal Information Protection Commision (PIPC) successfully fined OpenAI KRW [...]
On 27 July 2023, the UK’s National Cyber Security Centre (NCSC) published a new guidance on what is collectively termed ‘Shadow IT’ to assist organisations in implementing appropriate risk management measures on ‘rogue devices and software’. The guidance helps organisations to pinpoint various types of activities that may be considered as ‘shadow IT’ within [...]
Reports about data breaches often focus on the financial impact on businesses. But recent data breaches involving three UK police services and the UK Electoral Commission have highlighted how inadequate data protection can threaten people’s safety—and even their lives. Responding to a freedom of information request on 8 August, the Police Service of Northern [...]
Unlocking the Key to Compliance: Data Privacy Health Checks for Healthcare Organisations Healthcare companies are some of the biggest targets of cyber-attacks, with health data being a particularly sensitive form of personal data. Healthcare organisations store, maintain and transmit vast amounts of data to support the delivery of efficient and appropriate patient care. [...]
HewardMills Ltd is a company registered in England and Wales | Registered office: 77 Farringdon Road, London EC1M 3JU | Registration number: 11211970 | All rights reserved | © Copyright 2022 | Privacy notice
