Privacy watchdogs in Europe have imposed fines totaling more than $330 million since the EU's General Data Protection Regulation went into full effect in May 2018, according to law firm DLA Piper. Over the past year, regulators received 121,000 data breach notifications, up 19% from the year before.
Information security and privacy professionals responsible for safeguarding personal information have been left in limbo as the U.K. exits the EU. But the transfer of Europeans' data from EU member nations to the U.K. can continue unimpeded for six months until the EU makes a final ruling on the issue.
This edition of the ISMG Security Report features an analysis of the very latest information about the SolarWinds hack. Also featured are discussions of "zero trust" for the hybrid cloud environment and data privacy regulatory trends.
More than two years after Europe's tough new General Data Protection Regulation came into full effect, EU privacy watchdogs are finding more consensus, and consumers have been benefiting, experts say. But how regulators apply sanctions, in particular, remains a work in progress.
For the first time, a U.S. technology firm has been fined under the EU's General Data Protection Regulation. Ireland's Data Protection Commission on Tuesday hit social media giant Twitter with a $547,000 fine for failing to report and document a data breach within 72 hours, as required under GDPR.
Security and risk management leaders experience increased demand for ITRM solutions originating from cybersecurity initiatives, board risk oversight and digital compliance obligations. Use this research to evaluate the opportunities and challenges in automating IT risk decision making.
France's privacy regulator has hit retail giant Carrefour with a $3.7 million fine for violating privacy laws, including GDPR. It's accused of failing to make privacy policies easy to understand, placing advertising cookies without consent and retaining customer data for unreasonable periods of time.
Microsoft is revamping its controversial "productivity score" in Microsoft 365 so that individual workers can no longer be tracked. The move follows warnings by privacy advocates that the feature was a step too far into the realm of workplace surveillance.
Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. But as more workplace surveillance capabilities appear, legal experts warn that organizations must ensure their tools do not violate employees' privacy rights.
European lawmakers are once again considering encryption policies and attempting to strike a balance between the privacy and security afforded by strong encryption and law enforcement's needs. But with encryption being a cornerstone of the internet, is there any new balance to be struck?
Small and midsize enterprises must avoid assuming they won't be targeted for cyberattacks and ensure they're taking adequate security precautions, says Emma Philpott of the consultancy IASME Consortium Ltd., who offers insights on essential steps.
Ticketmaster UK has been fined $1.7 million by Britain's privacy watchdog for its "serious failure" to comply with the EU's General Data Protection Regulation. Its failure to properly secure chatbot software led to attackers stealing at least 9.4 million payment card details.
A German appeals court has slashed by 90% the $11 million General Data Protection Regulation fine levied last year against 1&1 Telecom by the nation's federal privacy watchdog over call center data protection shortcomings. Experts say the case is a reminder that all GDPR fines can be appealed.
The latest edition of the ISMG Security Report features an analysis of how President-elect Joe Biden is expected to renew international relationships needed in the fight against cyberattacks. Also featured: the pandemic's impact on cybercrime; analysis of Europol's annual cybercrime report.