Latest privacy news

According to a database of records compiled by archivist Joseph O'Connor, at least 1,071 US news organizations are blocking EU visitors; however, whether an organization is compliant with the GDPR may depend on whether they intend to target EU visitors or are merely accessible to them.

The revised estimate refers to a previously reported figure estimating the number of "personal records" affected. The group's initial announcement on 13th June also revealed 5.9 million payment cards have been affected by the breach.

They want to infer consent, they want to craft new rules for their own data collection activities and they want to fine themselves less than they demand private organizations be fined. When regulators and lawmakers are this bad at implementing data protection practices, what hope does anyone else have?

The bill lacks crucial rights afforded to EU citizens under the GDPR. Privacy advocates have also reacted negatively to the bill.

The "definition of personal data in the modern world is beginning to swallow everything," according to Professor Lilian Edwards. In a two-part interview with Indivigital she also stated that EU privacy laws may "destroy" free-to-user business models. 

In an interview with Indivigital, Professor Lilian Edwards also stated free-to-user business models are "contributory to destroying privacy and creating profiling and discrimination". She also accused Facebook and Google of "playing games" by claiming they are only "data processors" under the new regulations.

On average, organizations based in India, the United States and countries in the Middle East suffered the largest data breaches. "Malicious or criminal attack" is the root cause of most breaches globally.

The woman's every interaction with a man she met by chance on an airplane was photographed, and published without her consent to Twitter, by two strangers who took an interest in her conversation.

Information Commissioner Elizabeth Denham and David Lammy MP have both made comments in the last 24 hours about likely action being taken by the UK's data protection authority against Facebook.

The UK's data protection authority, the Information Commissioner's Officer, revealed the size of the potential fine in a call with reporters. The incident is alleged to have affected 87 million Facebook users and their friends.

The latest revision proposes deleting Article 10 (obligations and privacy responsibilities for browsers), amending Article 6 (permission to process electronic communications) and clarifying Article 8 (the processing and collection of information from a user's device).

An unauthorized user obtained administrator privileges and accessed Timehop's Cloud Computing Environment on a number of occasions between December 2017 and July 2018. Users' names, email addresses and phone numbers have been compromised in the breach.

DomainFactory, a subsidiary of Host Europe Group, claims its customers' personal data was accessible to 'outside parties' as of 29th January 2018. Some sources claim the attack originated from a DomainFactory customer.

Damian Collins MP, whose website doesn't contain a privacy policy, told the BBC tech platforms are 'exploiting' users' data.

The motion for a resolution was approved by 303 votes to 223. It gives the European Commission and the United States until 1st September to bring data protection practices into line with EU's data protection laws.

The suspected data breaches are believed to have affected members of the Welsh Conservatives and the Liberal Democrats. In both instances it's unclear how many users have been affected.

The study also revealed Americans have significantly more trust in 'scientists and technical experts' and their 'local police force' than the 'media in general' or U.S. Congress.

The breach appears to have originated from the travel platforms payment page. "Basic customer information" necessary to make a booking is also likely to have been affected.

HealthEngine, a doctor appointment booking service, has announced 59,600 "patient feedback entries" may have been "improperly accessed." The announcement comes one week after the platform was accused of passing patients' personal information to a personal injury law firm.

During a debate on the Data Sharing and Governance Bill 2018, a Minister seemingly suggested consent can be inferred from previous interactions with public bodies. It's one of many incidents that underlines how public authorities and officials are struggling to operate under new data protection regulations.