The Information Commissioner’s Office (ICO) has served the Ministry of Justice (MoJ) with a monetary penalty of £140,000 after a serious data breach led to the details of all of the prisoners serving at HMP Cardiff being emailed to three of the inmates’ families. The breach was only discovered when one of the recipients contacted…
Category: Non-U.S.
Telstra sanctioned for failing to protect customer data
Telstra is still getting bad press over a breach in 2011 that was previously covered on this blog. Telecoms giant Telstra has been sanctioned by the Australian Communications and Media Authority for failing to protect privacy of customer billing and personal information. The ACMA found that Telstra breached its customer privacy obligations when personal information…
French Data Protection Authority CNIL Announces New Online Notification Procedure For Reporting Data Breaches
Cynthia O’Donoghue and Daniel Kadar write: France’s data protection authority, the Commission Nationale De L’informatique et Des Libertés (CNIL), released a new mandatory online notification procedure for French electronic communications service providers (Providers) to rapidly report data breaches to CNIL in compliance with new EC Regulation (No.611/2013) (the Regulation). Any data breach must be reported to CNIL via a…
Hervé lifting
An insider breach previously reported on this blog continues to create problems for bank’s clients who were dodging their taxes. What Edward Snowden is to mass surveillance, Hervé Falciani is becoming to private banking. In 2008 the now 41-year-old native of Monaco walked out of the Geneva branch of HSBC, where he had worked for…
Manitoba’s Private Sector Privacy Law – Similar To Alberta’s Law, But Important Differences Exist
Michael G. Fekete of Osler, Hoskin & Harcourt LLP writes: On September 13, 2013, Manitoba joined Quebec, British Columbia and Alberta by enacting provincial private sector privacy legislation. Once it comes into force, Manitoba’s Personal Information Protection and Identity Theft Prevention Act (PIPITPA) will govern the collection, use and disclosure of personal information, including that…
Panasonic UK signs undertaking following theft of laptop with unencrypted personal information from third party contractor
Panasonic UK has signed an Undertaking with the Information Commissioner’s Office (ICO) following the theft of an unencrypted laptop containing personal data relating to people who had attended a hospitality event run by a third party company on Panasonic’s behalf. The incident is a good reminder that your contracts with business associates or vendors need…