Former Information and Privacy Commissioner of Nova Scotia Tricia Ralph said the office needs more powers and resources to ensure citizens are getting information under public records laws, CBC reports. Ralph said government agencies often defied her mandates that records be turned over by citing exemptions without proof.
Full story
Author: IAPP IAPP News
A report by the European Union Agency for Cybersecurity claimed six critical infrastructure divisions are failing to comply with the NIS2 directive to bolster cybersecurity and reduce digital threats, Infosecurity Magazine reports. ENISA Executive Director Juhan Lepassaar said the report "gives valuable insight into the overall maturity of NIS sectors and the challenges of individual sectors. It explains where we stand, and how to move forward."
Full story
The Record reports a data breach at the Toronto Zoo resulted in transaction data and conservation research stolen by hackers. The zoo has not said how many people were affected by the breach, but the Akira ransomware group said it stole 133 gigabytes of information, confidential agreements and personal files.
Full story
Sweden's data protection authority, Integritetsskyddsmyndigheten, said it supports a government proposal to provide better protections to personal data appearing in search information history. The government had been investigating whether the country's freedom of press and information laws should have more exceptions for personal data.
Full story
As part of its 25th anniversary, the IAPP will celebrate 25 trailblazing innovators and 25 defining moments in the last quarter century that helped establish the privacy and digital governance profession. This week, we look at U.K. Information Commissioner John Edwards' impact on the profession while leading data protection enforcement efforts in New Zealand and the U.K.
Full story
IAPP Managing Director, Europe, Isabelle Roccia, CIPP/E, details discussions on a hypothetical targeted revision of the EU General Data Protection Regulation proposed by Member of the European Parliament Axel Voss and privacy activist Max Schrems. They proposed a three-tier layered approach to the GDPR that would adjust the legal burden to the size of the organization. "Almost 10 years after its adoption and 13 years after it was first drafted, the key question at hand is whether the GDPR's structure and philosophy is still fit for purpose," Roccia writes.
Full story
Companies looking to implement robot technology must adopt safeguards and procedures to ensure sensitive personal information remains protected. Google Privacy Engineer Erin Relford, CIPT, said organizations must provide "clear and concise informational notices of robotic activity and data collection capabilities at entrances to areas where robots will operate" to maintain transparency and promote safety when using the technology.Â
Full story
A recent decision made in Italy's Court of Cassation will allow individuals the right to access and request their data to be deleted from law enforcement agencies, Statewatch reports. The court decided individuals can be provided with their information to contest potential errors or inaccurate information in their file.Â
Full story
Hong Kong's Office of the Privacy Commissioner for Personal Data and the country's Productivity Council launched a training series for small to medium-sized businesses on protecting themselves from cyberattacks. It will consist of three seminars about data security, how to handle a data breach and how to address the data and privacy risks associated with AI.
Full story
Italy's data protection authority, the Garante, issued a 347,520 euro fine to telemarketing company Wind Tre, and a 70,000 euro fine to a credit rehabilitation company over alleged data protection and personal information processing violations. The Garante claimed Wind Tre violated data protection regulations after the company failed to "adopt technical and organizational measures capable of guaranteeing the privacy of customers."
Full story