Security News
The incoming head of the UK's data watchdog has "Gone on the record" to say he will be fair and impartial in his dealings with tech companies despite once describing Facebook as "Morally bankrupt pathological liars." Speaking on Thursday at a hearing of the Digital, Culture, Media and Sport Committee via video link from New Zealand, he was asked about his criticism of big tech companies.
85 percent of the small- to medium-sized enterprises in the UK are familiar with GDPR, but more than half are still not cleaning their data and therefore not adhering to the GDPR's legal requirements, a REaD Group survey reveals. The survey of 1,110 SMEs also revealed that only 40 percent hold their customer and prospect data in a CRM or other database: a surprisingly low figure given that businesses need to maintain contact with their customers for sales and marketing purposes, and never more so than over the past 15 months.
Amazon has quietly been hit with a record-breaking €746 million fine for alleged GDPR violations regarding how it performs targeted behavioral advertising. In an SEC Form 10-Q filed today, Amazon states that this massive fine came out of CNPD in July 2021, which fined them for improper processing of personal data.
Former Brave chief policy officer Johnny Ryan is continuing his crusade against the online advertising industry by filing a lawsuit against Google, Facebook, Amazon, Twitter, and US telco AT&T in Germany. Ryan's latest campaign organisation, the Irish Council for Civil Liberties, said in a statement that online advertising amounts to "The Biggest. Data. Breach. Ever" and accusing internet adland of compiling "Secret dossiers" on every single netizen.
When you're implementing a password policy for your AD with GDPR compliance in mind it's a good idea to use a 3-rd party tool to help your password policy reach your entire end-user directory. During a password change in Active Directory, this service will block and notify users if the password they have chosen is found in a list of leaked passwords and provides dynamic feedback for password compliance.
New TSA security directive is a needed shock to the systemThe Department of Homeland Security's Transportation Security Administration announced a Security Directive that will enable the Department to better identify, protect against, and respond to threats to critical companies in the pipeline sector. VMware fixes critical vCenter Server RCE vulnerability, urges immediate actionVMware has patched two vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation and is urging administrators to implement the offered security updates as soon as possible.
The upcoming physical return to the office is also set to bring the influx of IoT devices that may be installed on networks as part of new COVID-19 workplace compliance policies. Some of these devices may collect large quantities of personal data that needs to be protected and is subject to the GDPR. GDPR Privacy by Design.
3 years since rolling out in May 2018, there have been 661 GDPR fines issued by European data protection authorities. Spain issued the largest number of GDPR fines by far - totaling 222 fines during the last 3 years since the GDPR is in effect.
Using Washington State's proposed law as a guide, New York, Texas and many other states are inching their way toward a data privacy law. "Virginia is now just the second state to pass a comprehensive privacy bill. While we're pleased that Virginians will have new privacy rights, legislators should continue working in the next session to strengthen it. This bill has some important privacy provisions, but consumers need more practical options for controlling their data."
Fines issued for violations of the EU's General Data Protection Regulation in 2020 exceeded €170 million, or roughly $200 million. The GDPR, which requires organizations to protect the personal data and privacy of EU citizens, came into force in May 2018, and, based on publicly available information, it since resulted in fines totaling more than €250 million.