The challenging job of Supervisory Authorities under the GDPR

How can the General Data Protection Regulation (GDPR) be effectively enforced so as to uphold fundamental rights and freedoms and at the same time, allow for the free flow of data within the Union? This is a question I have been pondering since well before Monday’s publication of the Irish Council for Civil Liberties’s (ICCL) 2021 report on the ...

The race to digitalize Africa and the importance of data security by design

By No tags Permalink

China has affirmed its intention to actively support Africa in the development of its digital infrastructure and connectivity. This was confirmed by Chinese Assistant Foreign Minister Deng Li on 24 August when speaking about the China-Africa Partnership Plan on Digital Innovation at the China-Africa Internet Development and Cooperation Forum. Indeed, China is looking to promote technologies such as ...

The UK’s “data challenge” to the EU

This blog post is a re-elaboration of my interview this morning with Luca Bertuzzi, Digital & Media Editor from EurActiv, available here. Today the UK unveiled its “post-Brexit global data plans to boost growth, increase trade and improve healthcare”, which also include a multi-billion pound partnership with the US, Australia and the Republic of Korea.  Secretary of State ...

Vulnerability alert: IoT devices attacked through ThroughTek “Kalay” network

Millions of IoT devices, which include cameras, smart baby monitors, and Digital Video Recorder (DVR) products, may be impacted by a vulnerability that uses the ThroughTek “Kalay” network. ThroughTek claims to have more than 1.1 billion connections per month and 83 million active devices. The vulnerability, discovered by researchers, poses a very high risk to the privacy and security ...

“The next great financial crisis could come from a cyber attack”: 5 critical cybersecurity measures you should put in place today

The 2021 Report on the SolarWinds Cyber Espionage Attack and Institutions’ Response published by the New York State Department of Financial Services (“Report”) commences with a stark warning: “The next great financial crisis could come from a cyber attack.” “The SolarWinds Attack is, to date, the most visible, widespread, and intrusive information technology (‘IT’) software supply chain attack – i.e., a ...

How data minimization, data quality, and storage limitation can help in the fight against climate change

Over the last 20 years, access to cheap computational capacity has increasingly led to the harvesting of more and more personal data, without having to worry too much about costs related to data storage and processing activities. For this very reason (and all too often), data sets are offhandedly replicated, databases are left unmanaged, and the same ...

Two-sided control

What was promised by the GDPR (Art. 80 and Rec. 142) is now a reality! Following Schrems’ filing of 422 complaints to ten EU Data Protection Authorities yesterday for cookie-related violations, it is now clear that the data protection compliance posture of companies will be checked not only by Supervisory Authorities but also – de facto and actively – by privacy organisations and associations patrolling the internet to proactively find ...

Schrems II: One year later

Today marks the first anniversary of the CJEU’s “Schrems II” ruling which invalidated the European Commission’s Privacy Shield adequacy decision concerning the transfer of data to the US.   Despite an urgent need to reach a deal on transatlantic data flows for economic and geopolitical reasons, few if any concrete results have been seen to date. As stressed earlier this year by European Commissioner Didier Reynders and Věra Jourová, Vice President of ...

Habemus UK adequacy!

After many debates, lots of speculation, and negotiations, the Adequacy decisions for the United Kingdom have been approved and Personal Data can continue to flow freely from the EEA to the UK after 30 June 2021. In my opinion, it is both right and reasonable that the decisions have been adopted, given that the ...