Here’s a round-up of interesting reading we found online today*;
The Belgian Data Protection Authority published two new decisions of the BDPA's Litigation Chamber, each handing down a fine for infringements of the GDPR. The two cases were very different, but the combination makes for interesting lessons in relation to consent and legitimate interests. Other topics covered include the processing of health-related data, the use of "invite/tell-a-friend" functionality, whether to publish a DPIA and what to check in a privacy statement.
Meal delivery service Home Chef has confirmed a data breach, two weeks after a data breach seller listed a database of 8 million customer records on a dark web marketplace. The Chicago-based company said customer names, email addresses and phone numbers were taken in the breach, along with scrambled passwords. The hackers also took the last four digits of its customers’ credit card numbers and mailing addresses, the company said.
Cosmetics Brand Natura Suffers Data Breach; Personal Details of 250,000 Customers Leaked. Natura, a provider of personal care and beauty products, suffered a data breach which compromised the personal information of more than 250,000 customers. The Brazilian cosmetics firm unknowingly leaked the personal information of customers who had ordered products from its official website.
Powys Council has apologised to people whose personal data was published on the authority's web page. Names and addresses attached to a letter on direct payments were shown on the site amid a rush to put information about coronavirus support online on April 22.
The HSE has suspended the practice of giving Covid-19 test results to employers ahead of workers, after concerns about “breaches of confidentiality”. The emergence of results going to bosses ahead of workers triggered criticism and has sparked a data protection inquiry.
Market Problems Aside, Companies Are Planning Privacy Spending Spree. A new report from FTI Consulting shows that organizations plan on sinking more money into privacy in an effort to satisfy a growing number of privacy regulations and avoid the public backlash associated with a data breach.
Millions of sensitive data records lost could cost top-earning tech companies an average of $174 million per day, research shows. A new report reveals the reputational and financial impact of severe and catastrophic data breaches on top companies and social media platforms. Apple could lose a staggering $83 billion per month, while Microsoft could experience a drop in the value of $2.3 billion each week. Businesses should prioritise security training for all staff, keep software updated and carefully control who can access sensitive data, says an expert.
US company leaders admit value of data is tempting businesses to sidestep rules, survey finds. Data privacy: the survey found that 97% of organisations plan to increase spending on data privacy over the coming 12 months. Survey shows 78% of respondents believe companies willing to take risks to unlock greater value despite privacy concerns
*These sites aren’t affiliated with GDPR Community and these aren’t an advertisement, they’re simply site’s we’ve thought the community might have an interest in reading.