Further to the Facebook and Tesco scandals, and the apparent statistic increase of enforcement fines issued, the Polish Data Protection Authority has issued a landmark fine of €645,000 against online retail company morele.net for insufficient security and organisational measures violating data confidentiality and integrity principles prescribed in the EU’s General Data Protection Regulation.Read More
By Cameron Abbott and Wendy Mansell
Fifty countries including Japan, Canada and many EU nations have come together with over 150 tech companies, pledging to fight against cybercrime. United State’s tech giants such as Facebook, Google and Microsoft have also joined the party.
The United States, Russia and China however have decided not to sign on. Each has no doubt very different reasons for this – the disappointment is mostly directed to the US. However it is a shame that Russia and China did not also feel the weight of the international community pressure to accept these principles.
The effort to combat cybercrime is being led by France, with French President Emmanuel Macron claiming that it is urgent that the internet is better regulated.
The countries and companies involved are fighting against illegal online activity like censorship, cyber interference in elections, hate speech and trade secrets theft.
The pledge has been made in a document titled the “Paris call for trust and security in cyberspace”.
By Cameron Abbott and Sarah Goegan
The UK Information Commissioner’s Office (ICO) has issued a notice of intent to levy a £500,000 fine against Facebook for breaches of the UK’s Data Protection Act 1998. The ICO found that Facebook failed to protect its users’ data and be transparent about how that data was being harvested. This failure, ICO said, did not enable users to understand how and why they may be targeted by a political party or campaign.
The fine comes as part of a larger investigation by ICO into misuse of data in political campaigns, and responds to the highly publicised allegations that Cambridge Analytica used data obtained from Facebook to target voters in the 2016 US presidential election.
By Cameron Abbott and Sarah Goegan
Cambridge Analytica, the data company embroiled in the Facebook privacy scandal, is closing down. The firm’s parent company, SCL Elections, announced that it and some of its affiliates including Cambridge Analytica had commenced insolvency proceedings in the UK, and would immediately cease all operations.
In a statement, Cambridge Analytica said it had been “vilified” and the subject of “numerous unfounded accusations” about its activities, which it says are legal and widely accepted in online advertising. It blamed negative media coverage of allegations the company improperly used the data of 87 million Facebook users (which you can read about here, here and here) for a mass exodus of clients.
The Kensington and Chelsea London Borough Council (Council) was recently fined £120,000 (approximately AUD$217,920) by the UK Information Commissioner’s Office (ICO) for the unauthorised processing of personal data belonging to 943 people who owned vacant properties in the Borough.
By Cameron Abbott and Samantha Tyrrell
Facebook has always been confronted with privacy-related scrutiny, including being the respondent in the proceedings that ultimately brought down the EU-US privacy shield. On 28 January 2018, Facebook revealed its “privacy principles” to users for the first time. Via a series of educational videos and a ‘Privacy Check Up’ function, Facebook has shared the core principles it uses to guide its approach to privacy. Facebook will also roll out a new hub which will allow users to more easily control their privacy settings.
A Belgian researcher has discovered a weakness in WPA-2, the security protocol used in the majority of routers and devices including computers, mobile phones and connected household appliances, to secure internet and wireless network connections.
The researcher, Mathy Vanhoef, has named the flaw KRACK, for Key Reinstallation Attack.
Any device that supports Wi-Fi is likely to be affected by KRACK, albeit devices will have different levels of vulnerability depending on their operating systems. Linux and Android are believed to be more susceptible than Windows and iOS, and devices running Android 6.0 are reportedly particularly vulnerable.
By Cameron Abbott and Olivia Coburn
Global spending on information security products and services will reach $86.4 billion this year, according to US-based technology research and advisory firm Gartner, Inc.
This figure is an increase of 7 per cent over 2016, and is expected to grow to $93 billion in 2018.
By Cameron Abbott and Allison Wallace
With the EU heading full throttle towards the implementation of new data protection regulations in May 2018, there has been a lot of buzz around the impact the regulations will have, not only on day-to-day life, but other existing regulations.
One of these regulations is the Directive 2002/58/EC aka the ePrivacy Directive, which has been urgently reviewed ahead of the data protection regulations being implemented.