Installing data protection guardrails to tackle AI-related cyberattacks

Cyberattacks continue to pose a formidable threat to organisations across the world. In recent times, we have witnessed a surge in high-profile breaches, each one leaving a trail of compromised personal data. Take, for instance, the infamous "Mother of All Breaches" (MOAB) in January 2024, which reportedly exposed over 26 billion sensitive records. More [...]

By |2024-07-29T18:03:26+01:0026th July, 2024|Cybersecurity, DPO, Governments, News|

Privacy and Security in cross-border genetic data transfers

Genomic technology is increasingly becoming entrenched in a lot of our health services. From population health screening, ancestry testing, nutritional testing, policing, and crime prevention, the technique has become commonplace.   This has also led to growth in the need for an exchange of data across international borders, bringing with it significant responsibility from a [...]

By |2024-07-29T16:38:22+01:0025th July, 2024|Data Transfer, DPO, Governments, Life Sciences, News|

The US privacy landscape in mid-2024: How new state laws impact marketing, AI, and the health sector

Until relatively recently, US businesses faced few restrictions on their collection and use of personal data. In 2024, while gaps in rights and protections remain, the US has arguably become one of the most complex privacy landscapes in the world.  In July 2024, three important state privacy laws took effect, taking the total number [...]

By |2024-07-29T16:36:59+01:0024th July, 2024|DPO, Governments, Life Sciences, News, US, US Privacy Law|

CrowdStrike outage – key lessons for DPOs and CPOs

The 19 July CrowdStrike software update that resulted in a global cyber crash, affecting critical services across various industries, including hospitals, airlines, and financial institutions, has had many people reviewing their privacy and cyber processes. Estimates currently stand at 8.5m computers affected - around 1% of Windows machines worldwide.  Unprecedented in its size, the [...]

By |2024-07-24T20:35:56+01:0022nd July, 2024|Cybersecurity, DPO, Governments, News|

Latest roundup in global data protection and privacy

Thailand PDPC publishes criteria for personal data deletion, destruction, and de-identification  On June 14, 2024, the Personal Data Protection Committee (PDPC) released a draft notification under the Personal Data Protection Act 2019 (PDPA), outlining the criteria for data controllers on how to delete, destroy, or de-identify personal data.  According to the PDPA, a data [...]

By |2024-06-28T10:26:52+01:0027th June, 2024|DPO, Governments, News|

UK general election: What the major parties are saying about data protection and AI

When Prime Minister Rishi Sunak announced that the UK would hold a general election on 4 July, he also—incidentally—killed the government’s long-running attempt to reform the UK’s data protection and privacy framework, the Data Protection and Digital Information Bill (DPDIB).  Regardless who wins the election, the DPDIB is unlikely to return. But the UK’s [...]

By |2024-06-28T11:31:59+01:0025th June, 2024|DPO, Governments, News|

Jamaica begins data controller registration under Data Protection Act

On June 1, 2024, Jamaica's Office of the Information Commissioner (OIC) began accepting applications for data controller registration as mandated by section 15 of the Data Protection Act of 2020. This marks the start of a phased compliance process following the Act's initial enforcement in December 2021 and further sections activated in December 2023.  [...]

By |2024-06-28T10:23:02+01:0024th June, 2024|DPO, Governments, International, News|

Texas Data Privacy and Security Act: The most significant US privacy law yet?

The Texas Data Privacy and Security Act (TDPSA) takes effect on 1 July. So far, around 20 US states have passed comprehensive privacy legislation, but only five such laws have taken effect.   Like most other states, Texas has adopted a law similar to the Virginia Consumer Data Protection Act (VCPDA)—but the “Lone Star State” [...]

By |2024-06-28T10:20:58+01:0023rd June, 2024|DPO, Governments, International, News|

Latest regulatory roundup in global data protection and privacy

Costly cyber attack hits UnitedHealth Group Subsidiary  Earlier this year, a cyber attack on a UnitedHealth Group subsidiary, Change Healthcare, caused significant disruption and financial loss for one of the largest employers in the US. The attack is reported to have started with hackers exploiting a server which lacked multi-factor authentication. Recently, UnitedHealth Group [...]

By |2024-05-30T08:52:00+01:0029th May, 2024|Cybersecurity, Data Transfer, DPO, News, Nigeria, Spain, US|

How laws, regulators, and gatekeepers are reshaping digital advertising

Since the first banner ads, the world wide web has largely run on ads. To fund online services, the digital advertising industry collects detailed information about billions of people. But substantial change is imminent.  New laws targeting digital advertising  The ePrivacy Regulation, a long-awaited update to the EU’s rules on direct marketing and cookies, [...]

By |2024-05-30T08:02:03+01:0027th May, 2024|Biometric, Digital Age, DPO, Governments, News|
Go to Top