SAI Global GRC Community

Building Organizational Integrity.
Blogs >> Privacy and Data Protection

Privacy advocates have expressed concern about a lack of awareness among Australian businesses regarding amendments to the Privacy Act 1988 No. 119 (Cth) (the Privacy Act), which will commence on 12 March 2014. Capgemini Australia testing services director Shane Lonergan reportedly estimates that "[50%] of organisations in Australia don't even know about the legislative changes".

How Will You Celebrate Data Privacy Day?

23 Jan 2014
Written by Asma Ghobriel

Data Privacy Day is celebrated on Jan 28 every year.  Why not take this opportunity to strengthen your Data Privacy and Data Protection program?  Here are some program elements to consider:

Google Takes Action on Terms of Service Breaches

22 Jan 2014
Written by World Watch

Google Inc (Google) has withdrawn two third-party-developed software extensions for its Chrome web browser from the Chrome web store after the extensions were updated so as to breach Google's terms of service.

Published in Consumer Protection

The Republic of Korea government is preparing legislative amendments that would increase the maximum fine for a financial institution's failure to protect customer data more than 800-fold to KRW5 billion (approximately US$4.7 million/€3.4 million). The development is reportedly part of the government's response to the recent leak of the personal details of 15 million people who held credit card accounts with nationally-based entities KB Financial Group Inc, NongHyup Financial Group Inc and Lotte Group.

Published in Information Security

Starbucks Corporation (Starbucks) has made available a letter (16 January 2014) from its chief information officer Curt Garner that encourages customers to download a software update to its mobile app for iOS devices after "a research report identified theoretical vulnerabilities associated with [the app] in the event a customer's [iOS device] were to be physically stolen and hacked".

Snapchat Inc (Snapchat) has apologised (9 January 2014) to so-called "Snapchatters", the users of its eponymous smartphone-based social media service, after advising (2 January 2014) them of a security breach that occurred in December 2013.

Fact Sheet - Privacy and Outsourcing

16 Jan 2014
Written by World Watch

The Office of the Privacy Commissioner of Canada (OPCC) has published a fact sheet (January 2014) regarding private sector organisations' privacy-related obligations under the Personal Information Protection and Electronic Documents Act (PIPEDA) when considering outsourcing.

The United States Federal Trade Commission (FTC) has announced that the creator of a top-selling flashlight app for Android operating system mobile devices has agreed to settle FTC charges that it "deceived consumers about how their geolocation information would be shared with advertising networks and other third parties".

The United Kingdom Information Commissioner's Office (ICO) has announced that a former finances manager of a general practitioner's (GP) surgery has pleaded guilty in the Magistrates' Court to charges of breaching s. 55 (Unlawful obtaining etc. of personal data) of the Data Protection Act 1998 (UK).

Maryland state Attorney General Douglas Gansler has announced that Maryland, 36 other United States (US) states and the District of Columbia have entered into a US$17 million settlement with Google, following the company's breach of consumer protection and privacy law by placing advertising tracking cookies on Safari web browsers despite telling users that it would honour the default Safari privacy settings, which prevented the placement of such cookies, from 1 June 2011 to 15 February 2012. Mr Gansler stated that the settlement "requires Google to change its privacy practices and to pay Maryland ... more than [US]$1 million as a civil penalty".

© 2015 SAI Global Limited ABN 67 050 611 642




User Registration
or Cancel