SAI Global GRC Community

Building Organizational Integrity.
Blogs >> Privacy and Data Protection

The New York Times reports that the United States Court of Appeals for the Second Circuit has handed down a judgment (7 May 2015) ruling that the National Security Agency's (NSA) systematic collecting of citizens' phone records was outside the scope of s. 215 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA Patriot Act) Act of 2001 (26 October 2001).

The Office of the Australian Information Commissioner (OAIC) has handed down the commissioner's determination in Grubb v Telstra Corporation Ltd [2015] AlCmr 35 (1 May 2015), in which it was found that telecommunications company Telstra Corporation Ltd (Telstra) interfered with the complainant's privacy by refusing to provide him with access to the metadata held by Telstra in relation to his mobile phone, which was in breach of the former National Privacy Principle 6.1 of the Privacy Act 1988 No. 119 (Cth) (the Act). According to the OAIC, the geo-location metadata held by Telstra constituted "personal information" for the purposes of s. 6 of the Act, despite the data itself being anonymous, meaning that Telstra was obliged to provide that information on the request of the complainant.

The Memphis Business Journal reports that United States District Judge Henry T. Wingate has denied Mississippi Attorney General Jim Hood's attempt to block Google from accessing correspondence between Mr Hood and the Motion Picture Association of America.

The ruling forms part of Google's lawsuit against Mr Hood, which reportedly came about after Mr Hood "subpoenaed information from Google over what the attorney general says is related to an investigation over Google sharing its [advertising] revenue with makers of videos who promote illegal drug sales". According to the Memphis Business Journal, Google then filed its lawsuit against Hood alleging that the attorney general's investigation was illegal, and that Mr Hood is assisting the Motion Picture Association of America in a campaign to "use legal action to investigate online piracy in ways not approved by Congress".
Memphis Business Journal: Judge sides with Google against Mississippi Attorney General (13 April 2015)
(Source: Memphis Business Journal)

The United States Department of Justice (DoJ) has announced that Austin Alcala, a fourth member of an international computer hacking ring has pleaded guilty to "conspiracy to commit computer intrusions and criminal copyright infringement based on his role in the cyber theft of software and data related to the Xbox One gaming console and Xbox Live online gaming system, and popular games such as the ['FIFA'] online soccer series; ['Call of Duty: Modern Warfare 3']; and ['Gears of War 3']" between 2012 and 2014.

The United Kingdom Information Commissioner's Office (ICO) has made available an enforcement notice (27 August 2014) served under the Data Protection Act 1998 c. 29 (UK) to Winchester and Deakin Ltd (trading as Rapid Legal and Scarlet Reclaim) after the direct marketing company was found to have made unsolicited marketing calls to people who had:

The United Kingdom Information Commissioner's Office (ICO) has announced that Racing Post has signed an undertaking (undated) to improve its electronic data security practices following the compromise of 677,335 accounts during a data breach in October 2013.

The United Kingdom Information Commissioner's Office (ICO) has announced that a bank employee responsible for investigating money laundering allegations has been fined after admitting to having read his colleagues' bank accounts.

Guidance on Responding to a Data Breach

27 Aug 2014
Written by World Watch

The Office of the Australian Information Commissioner (OAIC) has made available Data breach notification guide: A guide to handling personal information security breaches (August 2014), which "provides general guidance for agencies and organisations when responding to a data breach involving personal information that they hold".

The United Kingdom Information Commissioner's Office (ICO) has announced that Thamesview Estate Agents (Thamesview) has signed an Undertaking (undated) after one of the company's outlets continued to dispose of papers containing customer personal information in transparent bags that were left on the street. According to ICO head of enforcement Stephen Eckersley, the information on the papers was clearly visible and included passport copies and previous tax payment details.

Published in Records Management

The American Bar Association (ABA) has made available the biographies (undated) of the panellists at its recent event The Evolution of Cybersecurity and Planning for Response, hosted by the association's cybersecurity legal task force.

Page 1 of 31

© 2015 SAI Global Limited ABN 67 050 611 642




User Registration
or Cancel