dcsimg

Explained: Payment Service Directive 2 (PSD2)

Payment Service Directive 2 (PSD2) is the implementation of a European guideline designed to further harmonize money transfers inside the EU. The ultimate goal of this directive is to simplify payments across borders so that it’s as easy as transferring money within the same country. Since the EU was set up to diminish the borders between its member states, this make sense. The … [Read more...]

IT Governance to discuss GDPR compliance and information security at The Security Show

Alice Turley, a data privacy consultant at IT Governance, will be speaking at The Security Show, on Thursday, 14 March.  Alice is a qualified data protection, compliance and insurance professional with experience in providing expert and solution-based advice to businesses within the insurance, advertising and education … [Read more...]

The not-so-definitive guide to cybersecurity and data privacy laws

US cybersecurity and data privacy laws are, to put it lightly, a mess. Years of piecemeal legislation, Supreme Court decisions, and government surveillance crises, along with repeated corporate failures to protect user data, have created a legal landscape that is, for the American public and American businesses, confusing, complicated, and downright annoying. Businesses are expected to comply with … [Read more...]

Highlights from the Data Protection Commission’s first annual GDPR report

This week, the DPC (Data Protection Commission) published its first annual report under the GDPR covering the period 25 May to 31 December 2018. The report highlights a number of interesting statistics and year-on-year comparisons, most notably:   2,864 complaints received, bringing the total for 2018 to 4,113 complaints – a 56% increase on … [Read more...]

Labs survey finds privacy concerns, distrust of social media rampant with all age groups

Before Cambridge Analytica made Facebook an unwilling accomplice to a scandal by appropriating and misusing more than 50 million users’ data, the public was already living in relative unease over the privacy of their information online. The Cambridge Analytica incident, along with other, seemingly day-to-day headlines about data breaches pouring private information into criminal hands, has eroded … [Read more...]

How will a no-deal Brexit affect EU data transfers?

With Brexit day fast-approaching and the UK and EU in negotiation deadlock, it’s time for organisations to work under the assumption that a formal withdrawal agreement won’t be in place by 29 March 2019.  This will be hard work for many of your business activities, but things are surprisingly straightforward regarding personal data … [Read more...]

Will pay-for-privacy be the new normal?

Privacy is a human right, and online privacy should be no exception. Yet, as the US considers new laws to protect individuals’ online data, at least two proposals—one statewide law that can still be amended and one federal draft bill that has yet to be introduced—include an unwelcome bargain: exchanging money for privacy. This framework, sometimes called “pay-for-privacy,” is plain wrong. It casts … [Read more...]

Max Schrems: lawyer, regulator, international man of privacy

Almost one decade ago, disparate efforts began in the European Union to change the way the world thinks about online privacy. One effort focused on legislation, pulling together lawmakers from 28 member-states to discuss, draft, and deploy a sweeping set of provisions that, today, has altered how almost every single international company handles users’ personal information. The finalized law of … [Read more...]

What is an information security policy?

An information security policy is a set of instructions that an organisation gives its staff to help them prevent data breaches. Employees are involved in many of the most common causes of security incidents, whether directly (such as accidental breaches) or indirectly (such as phishing scams), so thorough guidelines are essential. How do you create information security policies? Your … [Read more...]

Results of Facebook investigation coming this summer, says DPC

Ireland’s DPC (Data Protection Commission) has said it will release the findings of its investigation into Facebook and several other high-profile tech companies in June or July. Commissioner Helen Dixon told Bloomberg: “We’re at various concrete stages in all of them, but they’re all substantially advanced.” The DPC began its investigation in October 2018, following consumer complaints … [Read more...]