A German DPA to carry out 500 company audits on international data transfers

Posted on by Federica Romanelli
On November 3, 2016, the Bavarian Data Protection Authority (BayLDA) informed that it will carry out a privacy audit on the international data transfers of more than 500 companies. The Authority has decided to carry out such audits because of the suspicion that companies may transfer data abroad without even being aware of it. Indeed, many small and medium-sized German businesses outsource its data processing – for example through cloud computing – and the service providers transfer Read more [...]

German DPA prohibits data transfer from WhatsApp to Facebook

Posted on by Federica Romanelli
On September 26, 2016, the Hamburg Commissioner for Data Protection and Freedom of Information issued an order prohibiting Facebook to collect and store data of German WhatsApp users.  The decision came after WhatsApp issued a statement informing its users that the application’s terms and privacy policy was updated, as a consequence of WhatsApp’s joining Facebook. Following the wave of concerns expressed by DPAs all over the world, the German Authority issued the order prohibiting Facebook Read more [...]

Privacy issues in biometrics

Posted on by Federica Romanelli
Commercial use of biometric data increased dramatically in recent years: some software are now able to recognize physical characteristics, such as fingerprints, retinas, hand and facial geometry, as well as voices. This technology makes people’s life easier as their hand or voice may be enough to access their phone or bank account, and one single click may be enough to be tagged in hundreds of photos. However, you cannot change biometric data as you change passwords: it needs to be well protected. Read more [...]

Class action USA intentata a seguito di attacco hacker a Yahoo

Posted on by Federica Romanelli
Il 23 settembre, 2016, Ronald Schwartz, residente a New York, ha citato in giudizio ed iniziato l’iter per presentare una class-action nei confronti di Yahoo. Schwartz ritiene che la società non sia riuscita a proteggere adeguatamente i propri utenti da attacchi privacy. Il procedimento è stato instaurato dopo che, il 22 settembre 2016, Yahoo ha emesso un comunicato stampa in cui ha confermato che le informazioni personali di almeno 500 milioni di utenti sono state rubate alla società alla Read more [...]

Privacy Shield update – circa 200 le società aderenti a un mese dall’inizio

Posted on by Federica Romanelli
A settembre 2016, sono circa 200 le società registrate sotto l’EU-US Privacy Shield, secondo il sito ufficiale del Dipartimento del Commercio USA. L'elenco include Microsoft e Salesforce, come grandi multinazionali. Il Privacy Shield è entrato in vigore il 1° agosto 2016 in sostituzione del Safe Harbor, dichiarato nullo in ottobre 2015. A un anno dalla sua implementazione, Safe Harbour contava circa 129 entita statunitensi aderenti. Nel 2016 i partecipanti erano 5.500 in totale. Il Dipartimento Read more [...]