Security News

Ireland's Data Privacy Commissioner has hit Facebook-owned messaging platform WhatsApp with a €225 million administrative fine for violating the EU's GDPR privacy regulation after failing to inform users and non-users on what it does with their data. EU data regulators can impose maximum GDPR fines of up to €20 million or 4% of the infringing company's annual global turnover - whichever is greater - for violating EU's privacy laws.

Ireland dramatically loosened international travel restrictions on Monday, joining an EU-wide pandemic passport scheme weeks later than the rest of the bloc after a ransomware attack hobbled healthcare IT systems. All EU member states were connected to a matching digital Covid certificate system on July 1.

Secureworks announced its new Taegis XDR cloud data storage instance in Frankfurt, Germany, for European Union customers and channel partners who prefer to store their telemetry data within the EU. This investment reinforces Secureworks' ongoing commitment to EU customers and partners, while enhancing Secureworks' readiness to fulfill accelerated growth and meet rising demand in the region. The EU General Data Protection Regulation addresses the transfer of personal employee and customer data outside the EU and the European Economic Area.

The European Consumer Organisation announced Monday it had lodged a complaint with the European Commission against Facebook's attempt to modify the terms of service for the WhatsApp messenging service. The US tech titan has sought to nudge users of its messenger platform to accept new terms of service, but Facebook denies that this would allow WhatsApp to share more user data with its main social platform.

Joint Cyber Unit will create more situational awareness and guarantee preparedness to large-scale cybersecurity crises. In the EU, this has taken the form of a new Joint Cyber Unit, situated next to ENISA's offices in Brussels.

The EU's data protection agencies on Monday called for an outright ban on using artificial intelligence to identify people in public places, pointing to the "Extremely high" risks to privacy. In a non-binding opinion, the two bodies called for a "General ban" on the practice that would include "Recognition of faces, gait, fingerprints, DNA, voice, keystrokes and other biometric or behavioural signals, in any context".

The EU's proposed new rules to rein in tech giants risk undermining the security of the iPhone, Apple chief Tim Cook warned Wednesday. Cook, speaking at the VivaTech convention for startups in Paris, took aim at some of the rules that target online "Gatekeepers" such as Apple which controls which apps can be installed on its phones and tablets.

Facebook is subject to EU privacy challenges from watchdogs in any of the bloc's member states, not just its lead regulator in Ireland, the bloc's top court ruled Tuesday, in a ruling that has implications for other big tech companies. Under the EU's stringent privacy rules, known as the General Data Protection Regulation, only one country's national data protection authority has the power to handle legal cases involving cross-border data complaints in a system known as "One-stop shop." For Facebook, which has its European headquarters in Dublin, it is Ireland's Data Protection Commission.

Three European Union member nations and three Middle Eastern countries are looking to train personnel in border, customs, maritime and cybersecurity techniques at a cutting-edge U.S.-funded facility in Cyprus that is expected to be ready early next year, the Cypriot foreign minister said Thursday. The Cyprus Center for Land, Open-Seas, and Port Security is scheduled to start operating on Jan. 16, 2022, Foreign Minister Nikos Christodoulides said after inspecting the under-construction facility with U.S. Ambassador Judith Garber.

In July 2019, the EUCC was the first candidate cybersecurity certification scheme request received by the EU Agency for Cybersecurity under the Cybersecurity Act. This scheme aims to serve as a successor to the currently existing schemes operating under the SOGIS MRA. It covers the certification of ICT products, using the Common Criteria ISO/IEC 15408 and is the foundation of a European Cybersecurity certification framework.