JD Supra

GDPR: When Can Data Controllers Rely on 'Legitimate Interests' for Data Processing? New Guidelines from the EDPB

The European Data Protection Board (EDPB), the umbrella group of the EU’s data protection authorities, has issued new Guidelines 01/2024 of October 9, 2024 on the processing of personal data based on ...

Responding to a data breach in Jamaica

2. A description of the security breach, which should include: a. the categories and number of data subjects concerned 3. The measures taken or proposed to be taken to mitigate or address the possible ...
JD Supra

Nowhere To Hide: Controllers have “Constructive Awareness” Of Processor Data Breaches

On December 15, 2020, Ireland’s Data Protection Commission (“DPC”) announced its decision to fine Twitter International Company (“Twitter”) €450,000 for failing to notify the DPC promptly of a data ...
Computer Weekly

NatWest data breach whistleblower demands bank pay data controller fee to ICO

A former Royal Bank of Scotland (RBS) worker who blew the whistle on the bank’s lax data protection practices – and to this day has thousands of sensitive customer data files under her bed – is ...
Ars Technica

Opinion: How to design a US data privacy law

Nick Dedeke is an associate teaching professor at Northeastern University, Boston. His research interests include digital transformation strategies, ethics, and privacy. His research has been ...