ICO to investigate claims charities are breaking privacy rules

Christopher Graham, the UK’s Information Commissioner, has launched an investigation into claims that charities are trading lists of telephone numbers of generous donors who are deemed “fair game” for fundraising cold-callers, even if they are registered with the Telephone Preference Service. There have also been complaints that charities are adopting the same tactics as “boiler room” scams, whereby call centres use hard-sell marketing tactics to pressurise members of the public into making donations. The Fundraising Standards Board, a separate voluntary regulator, has launched its own inquiry.

Hacking Team Hacked

In what has been dubbed the “definition of irony”, Hacking Team, a company that specialises in surveillance software has been the target of a cyberattack. The attackers took over Hacking Team’s Twitter page and posted links to a torrent file comprising more than 400GB of data about clients and operations for anyone to download. The leaked data is said to reveal all of Hacking Team’s government clients and details of their transactions.

Trump hotels investigating credit card data breach

Donald Trump’s hotel chain has confirmed they’re investigating a credit card data breach affecting its hotel chains in 6 major US cities. It has been reported that US banks had identified a pattern of fraudulent transactions involving accounts that had been used at Trump Hotel Collection properties, suggesting that the attack dates back to February 2015. Kim Westin, analyst for online security firm Tripwire, has suggested that the breach was a “sophisticated and orchestrated attack”.

CNIL’s crack down on French cookies

French privacy watchdog CNIL is challenging websites for failing to comply with EU regulations regarding cookies. All websites in question failed to gain explicit consent from users before placing cookies on browsers. Although some of the websites informed users they could opt out of cookies by altering their internet settings, this warning was not considered sufficient consent. CNIL’s new online audit powers are said to be at the root of the active enforcement of France’s cookie laws.

Russian Privacy Law

Russian parliament has passed an internet privacy bill. The new law, which resembles the EU initiative of the “right to be forgotten”, means individuals can request search engines remove links that concern personal information which is incorrect or outdated. The scope of the Russian bill exceeds the European initiative as search engines will be forced to remove information even if it is in the public interest. This provision has sparked concern from Yandex, Russia’s biggest search engine, a spokesperson stating “The limitations introduced by this bill reflect an imbalance between private and public interests”.

Dutch Intelligence and Security Bill

The Netherlands are undertaking a public consultation on a draft bill which aims to update the country’s current 2002 Intelligence and Security act. The Bill concerns the regulation of bulk online services. The Bill will require cooperation from all online services offered to customers in the Netherlands, including closed user groups. Domestic interceptions are explicitly allowed by the new Bill but will need to be conducted in a “purpose-orientated manner”; it is not yet clear what this will mean in practice.