SAI Global GRC Community

GRC COMMUNITY
Building Organizational Integrity.
Privacy and Data Protection

France's data protection authority the Commission nationale de l'informatique et des libertés (CNIL) has announced that it has ceased its monitoring of SAS Hypercosmos, since the shopping centre operator has fully complied with a CNIL request to end the excessive use of video surveillance and biometrics.

The United Kingdom Information Commissioner's Office (ICO) has fined (21 July 2014) online travel services provider Think W3 £150,000 after a "serious breach" of the Data Protection Act 1998 c. 29 (UK) that "revealed thousands of people's details to a malicious hacker".

The United States Securities and Exchange Commission (SEC) has ordered (25 July 2014) alternative trading system (ATS) operator and Citigroup unit LavaFlow to pay a total of US$5 million to settle charges that it "fail[ed] to protect the confidential trading data of its subscribers".

Google Served a Warrant in Money Laundering Probe

23 Jul 2014
Written by World Watch

The United States District Court for the Southern District of New York has made available US Magistrate Judge Gabriel Gorenstein's Memorandum Opinion (18 July 2014) in the matter of an application seeking a warrant to obtain emails from a Google-hosted "Gmail" webmail account. The application also sought to permit a search of those emails as part of an investigation into possible money laundering-related and similar offences.

Published in Anti-Money Laundering

The Office of the Australian Information Commissioner (OAIC) has made available a statement (21 July 2014) by privacy commissioner Timothy Pilgrim advising that the OAIC was recently informed by online retailer The Catch Group of a data breach that occurred in 2011.

Published in Information Security

The Office of the Australian Information Commissioner (OAIC) has announced that Pound Road Medical Centre has been found in breach of the Privacy Act 1988 No. 119 (Cth) by "failing to take reasonable steps to secure sensitive medical records".

Published in Records Management

The Office of the Privacy Commissioner of Canada (OPCC) published Insurance company overhauls its security safeguards following privacy breach (3 March 2014) on 2 July 2014, a report of findings under the Personal Information Protection and Electronic Documents Act.

Published in Information Security

The Office of the Privacy Commissioner of Canada (OPCC) published Wearable Computing - Challenges and opportunities for privacy protection (undated), a report by the OPCC research group, on 3 July 2014. The report aims to "provide the OPCC with a better understanding of the privacy implications of wearable computing technologies[,] as a foundation for the OPCC's advice to Parliament, policy position development and future compliance activities".

The Office of the Privacy Commissioner of Canada (OPCC) published Utility company errs in sending customer's bill to his ex-spouse after computer system uses out-of-date information (February 2014) on 7 July 2014. The document summarises a case involving a utility company's early resolution of a customer's privacy complaint.

Published in Records Management

The Office of the Australian Information Commissioner (OAIC) has released Own motion investigation report - Cupid Media Pty Ltd (June 2014), which outlines the findings of Privacy Commissioner Timothy Pilgrim's own motion investigation into Cupid Media Pty Ltd (Cupid), after the personal information of Cupid users was stolen by hackers gaining unauthorised access to Cupid webservers.

Published in Information Security
Page 1 of 30

© 2013 SAI Global Limited ABN 67 050 611 642

Login

LOG IN

Register

User Registration
or Cancel