National Highway Traffic Safety Administration (NHTSA) has released best practice guidelines for vehicle cybersecurity. Guidelines are aimed to car makers and their purpose is to help improve car security. However, 22 pages document is non-binding – there’s no regulatory imperative requiring that car makers meet these standards. Full article and guidelines
UK’s Information Commissioner’s Office (ICO) has published guidance on privacy notices under EU General Data Protection Regulation (GDPR). GDPR introduces new requirements for controllers on notifying data subjects about processing of their data. GDPR requires privacy notices to be understandable and accessible. ICO’s guidance provides best practice on communicating privacy information to individuals. Access guidance
Yesterday (October 19, 2016) the Court of Justice of the European Union (CJEU) issued its judgment in case Patrick Breyer v. Bundesrepublik Deutschland, in which court recognizes that dynamic IP addresses registered by websites are personal data. CJEU followed the Opinion of the Advocate General delivered earlier this year. In its decision CJEU concluded that […]
On September 23 the European Data Protection Supervisor (the “EDPS”) Giovanni Buttarelli published his opinion “Coherent enforcement of fundamental rights in the age of big data”. This opinion is part of an ongoing project, launched in March 2014 with the EDPS’ “Preliminary Opinion on Privacy and Competitiveness in the Age of Big Data”.It addresses the concern […]
Cloud Infrastructure Services Providers in Europe (“CISPE”) – a relatively new coalition of more than 20 cloud infrastructure providers operating in Europe – has recently published its first Code of Conduct for Cloud Infrastructures Services. The CISPE Code of Conduct: Gives a framework to comply with the General Data Protection Regulation Excludes the reuse of […]
On September 9, 2016, the operator of the world’s largest Internet hub, De-Cix, filed lawsuit against the German government to stop mass surveillance by the German intelligence agency Bundesnachrichtendienst (BND). De-CIX is challenging the legality of orders from the BND to implement monitoring of communications flowing through its Frankfurt Internet exchange point. De-CIX insists that […]
UK’s National Audit Office (NAO) has found that government has breached personal data security nearly 9,000 times in a year. Most of breaches – about 6,000 – are on HMRC. NAO found that 17 largest departments recorded 8,995 data breaches in years 2014-2015, but reported to the Information Commissioner (ICO) only 14 incidents. Although not […]
Michel Reymond has published a paper “Hammering Square Pegs into Round Holes: The Geographical Scope of Application of the EU Right to Be Delisted” where he explores the extraterritorial effects of the decision of Court of Justice of European Union (CJEU) in so called Google Spain case. In that case CJEU recognized “right to be forgotten” or, according Michel […]