Weekly Privacy Update: July 28th

It has been an interesting week in the data protection world. Lawsuits, verdicts, changes in privacy stances; a lot has happened this week.

Here are the top 3 privacy headlines that you should know of.

Government and NHS Privacy Breach 

The highlight of the past week has to be that the government of the UK has admitted a privacy breach at the NHS. The issue was moved to the ICO immediately after being identified. ICO has been looking into the impact of the breach onto the lives of individuals affected. While all legal restrictions and requirements were defined along with the maturity of the pandemic, data breaches remain a very vast subject to streamline for the lawmakers.

This was one of the key concerns of contact tracing technology. However, it becomes a bigger problem in other countries of the world where democracy is not as strong. The checks and balance, as well as legal infrastructure, shall help in curbing any potential threats of misuse or abuse of state control and power.

 Twitter reports hack to Irish Data Protection Commission

Nobody proposed social media as a perfect communication and control model. From Facebook to TikTok, to even Twitter, one or the other platform always makes news headlines. The privacy world news is no different. Twitter has reported a hack to the Irish Data Protection Commission.

There may have been data and data security breaches involved with the temporary hacking of Twitter. The wait is on the IDP to further proceed with the investigations. Read more at the link linked above.

 The End of Privacy Shield: European Data Protection Authorities React

Privacy Shield is no more. The court has ruled that the data protection infrastructures in place in the USA are inadequate for the data protection requirements of the EU. Hence all transfers of data are no longer legally permissible for the protection of the data subjects in the EU.

Authorities each have their own opinion on this. Read more in the story from Lexology linked above.

GDPR gives many rights to individuals to help them protect their right to privacy. Do you know that any data about you is owned by you? You can ask any organisation to share all the data that they have on you. GDPR Articles 12, 15-22 cover these rights.

Even fewer businesses realise this. Therefore if you have a business that you would like to protect from fines and whatnot, then please take a look at our DSAR toolkit.

Learn and automate how to handle the requests now:
subject access request