AI & Cybersecurity: Reflections on a multidimensional relationship

Earlier this month I was a guest on Episode 47: Innovation and Tech Zoom In of the European Edition of the Breaking Banks Podcast Moderated by Ajit Tripathi. The podcast looks at “European Unicorns, Startups, Founders, Regulators and Leaders innovating the rapidly evolving Fintech scene, with some of the world’s most well-known hosts and influencers in fintech. Produced in cooperation with FintechStage.” LISTEN ...

The importance of having a coordinated incident response plan in place

This is true not only in monetary terms, but information security could even be a question of life and death.   In September 2020, a breaking article confirmed the inevitable - the first death caused by a ransomware attack. The alleged victim is a woman who necessitated urgent medical care and had to be re-rerouted to another hospital as a ...

Schrems II – No legal certainty and no quick fixes! It’s a geopolitical matter before it’s a legal one. “A NEW AGE OF DATA TRANSFERS” PART IV

I just attended today’s online LIBE meeting on possible solutions following the CJEU’s “Schrems II” decision, where it was recognized that the question of data transfers to third countries is fundamentally a geopolitical matter before being a legal one. In this way, legal certainty should be re-established as soon as possible – but such an achievement ...

Organizations are left with no practical legal grounds to transfer personal data to the United States. “A new age of data transfers” Part III

After the official statements of the European Data Protection Board (EDPB) and several Supervisory Authorities (SAs), it is clear that at the moment there is no practical way for data to lawfully flow from the EU to the US. The reasoning in 5 steps: On 16 July 2020 the Court of Justice of the European Union (CJEU) invalidated the European ...

Privacy Shield is invalid. Here’s what you need to do now. “A new age of data transfers” Part I

This blog is part of a multi-part series, “A new age of data transfers”, which will explore the practical implications of the Court of Justice of the European Union’s judgement in  Case C-311/18 “Schrems II”.  Following the invalidation of the Privacy Shield on 16 July 2020 by the Court of Justice of the European Union, the situation ...

Italian Data Protection Authority fines Wind 17 million Euro and Iliad 800,000 Euro

The Italian Data Protection Authority has continued its investigation into telephone operators following a significant number of complaints related to marketing activities, fining Wind Tre Spa approximately 17 million Euro for unlawful data processing. In the course if its investigation, the authority found that users had been contacted by SMS, email, fax, phone and automated calls in absence of having ...

Privacy “Nutrition Labels”, Transparency, and Data Protection as a Corporate Social Responsibility

Last week Apple announced an important strategic step forward in the protection of the privacy and data protection rights of its users by way of an enhanced privacy feature that it has called a "Privacy Nutrition label".  Using icons in combination with clear and simple language, the information provided by way of Apple’s pop-up "label" ...

UPDATE (i): “PUBLIC HEALTH AND PRIVACY” AND NOT “PUBLIC HEALTH OR PRIVACY”: A COLLECTION OF GUIDANCE ON COVID-19

In the evolving COVID-19 scenario in which business continuity also depends on adequate data protection and cybersecurity practices on the part of organizations, knowledge mapping of privacy & data protection guidance and cybersecurity best practices has taken on an even more important role. It’s for that very reason that, without the presumption of completeness, I ...

“PUBLIC HEALTH AND PRIVACY” AND NOT “PUBLIC HEALTH OR PRIVACY”: Surveillance in the fight against COVID-19

“Hopefully COVID-19 will be gone at some point, but tracking technologies may stay for longer and permanently hamper the rights and freedoms of individuals” As part of my blog series on #PublicHealthANDprivacy in light of the COVID-19 pandemic, this short reflection will focus on digital surveillance. There is no doubt that data and technology have the ...

“Public health AND Privacy” and not “Public health OR Privacy”: A collection of Guidance on COVID-19

Below is an attempt (without the presumption of completeness) to map all the official resources providing guidance on the correct processing of personal data in the context of COVID-19 and Cybersecurity-related information on working remotely in the context of the COVID-19 pandemic. I genuinely hope this will help in the effort of achieving "Public health AND Privacy"! Stay safe and ...