Extensive criminal prosecutions under UK’s Data Protection Act revealed

The CPS have confirmed that 714 offences under the Data Protection Act were charged in 2008-2013,  of which 654 were for the offence of unlawfully obtaining/disclosing data. The information from the  CPS showed that since 2010 there has been  a notable decrease in prosecutions, with just 96 in  2013. However, recent years have seen a notable step-up in enforcement from the Information  Commissioner’s Office.

European data protection regulators review the Internet of Things

The Article 29 Working Party, a European data protection advisory body, has issued an opinion on  the Internet of Things, focussed on wearable technology, eHealth technologies and home automation  technologies. Any equipment located in an EU country must comply with European data protection law  and so providers of such technologies sold to users located  in the EU will need to ensure  compliance. The opinion highlights several areas of concern including the lack of control of data  between objects and the limitations on the possibility to remain anonymous.

The Italian Data Protection Authority releases first half 2014 results

Results released from the Italian Data Protection Authority (Garante) reveals there have already  been 196 inspections, 299 proceedings commenced and approximately EUR 2.5 million issued in fines  in the first half of 2014. For the second half of 2014, the Garante has stated that it intends to  expand its focus to data processing across a wide range of fields, including medicine, banking and  the provision of free public Wi-Fi.

Yelp settles a UDS 450,000 fine with FTC for violating children’s privacy policy

Yelp, a consumer review website, has agreed to settle a fine with the US Federal Trade Commission  for its collection of personal information of children in violation of the Children’s Online  Privacy Protection Act (COPPA). The violations stem from Yelp’s introduction of its apps in 2009,  which allowed anyone to sign up and get full access regardless of age. As well  as the USD 450,000  penalty, the settlement requires Yelp to comply with COPPA in the future, and mandates a report to  the FTC in a year describing what the company is doing to comply.

50 US government contractors’ systems hacked in under a year

A recent study has found that hackers successfully breached systems run by companies doing contract  work for the US Transportation Command (TRANSCOM) at least 50 times between June 2012 and May 2013,  in one case, gaining access to systems on-board an American commercial ship. TRANSCOM were made  aware of just 2 of these breaches, a “troubling finding” according to the report.

Fraudulent transactions in wake of Home Depot Breach

Attempts to use card information stolen in Home Depot’s data breach have already been observed.  Financial institutions have reported that they have seen attempts to empty customers’ accounts and  have pledged to step up efforts to block  the transactions, with several banks starting to replace  all cards potentially affected. Home Depot reported that the cyber- attack is estimated to have put  approximately 56 million unique payment cards at risk and have guaranteed customers that they will  not be liable for any fraudulent charges.

Brazilian regulators follow up on telecom giant Oi’s USD 1.59 million fine

Brazilian regulators are monitoring the business practices are following the data protections law,  after they issued a USD 1.59 million fine to Oi, Brazil’s largest telecommunications company,  earlier this year. Oi’s violations related to the company’s partnership with Phorm, a UK-based  online advertising company. The two companies developed software to track consumer’s internet  practices, generated profiles based on the browsing habits and then sold them to other advertising firms.