27/05/20 GDPR Community Round-Up

Here’s a round-up of interesting reading we found online today*;

• France’s data protection watchdog CNIL has released its second review of StopCovid, the contact-tracing app backed by the French government. The CNIL says there’s no major issue with the technical implementation and legal framework around StopCovid, with some caveats. The smartphone app is set to be rolled out at the weekend after it got the green light Tuesday from the national data protection authority.

• The Data Protection Commission (DPC) has run up a legal bill of over €2.9m as a result of the long-running Max Schrems’ data case. In May 2016, Commissioner, Helen Dixon commenced the legal action that has involved a six-week hearing at the High Court in Dublin. Historical Institutional Abuse: Stormont to investigate a data breach. Stormont's Department of Finance is conducting an investigation into a data breach involving the identities of hundreds of historical abuse survivors, the first minister has said.

• Interesting blog post "Europe’s data-privacy law turns 2. Has it actually made our information safer? People expected fines so big they'd put Big Tech out of business. That didn't exactly happen". Interview with Jessica Lee, a partner with the law firm Loeb & Loeb who specializes in privacy.

• Database of 8bn Thai Internet Records Exposed in Major Data Breach. The database, managed by a third party company for Thailand’s largest cell network AIS, was pulled after spilling billions of real-time internet records on millions of Thai internet users.

• UK’s National Cyber Security Centre launches another Huawei probe. The National Cyber Security Centre (NCSC) has confirmed it is attempting to understand what impact potential US sanction directed towards Huawei would have on UK networks.

• Interview: The Security Queens by Dan Raywood Deputy Editor, Infosecurity Magazine.

• Questionmark, the online assessment provider, has released a new ready-made test to help organizations guard against a data breach. “GDPR for business professionals” will tell organizations how well their people understand their responsibilities. This will help avoid fines and demonstrate compliance to regulators.

*These sites aren’t affiliated with GDPR Community and these aren’t an advertisement, they’re simply site’s we’ve thought the community might have an interest in reading.