TJ McIntyre writes on IT Law in Ireland: The Data Protection Review Group has now published a consultation paper (pdf) on reforming Irish law on notification of data breaches. Pages 33-38 on possible regulatory options are particularly useful, though the group is clearly hampered by the fact that any national reforms might soon be out…
Category: Non-U.S.
Two major German websites report data theft
AP/Reuters reports two data breaches out of Germany: SchülerVZ, an online forum for German teenagers and high school students, has said it has identified the person it suspects of stealing the data, which include the name, age, school, gender, and photo of thousands of users. A more serious breach involves the names, client numbers, addresses,…
UK: Private medical records for sale
Jo Macfarlane reports: The confidential medical records of patients treated at one of Britain’s top private hospitals have been illegally sold to undercover investigators. Hundreds of files containing intimate details of patients’ conditions, home addresses and dates of birth are being offered for as little as £4 each. The files were sold by two men…
Student data stolen from National Institute of Educational Testing Service
Earlier this month, The Nation reported that Thailand’s National Institute of Educational Testing Service (“NIETS”) web site had been downed by denial of service attacks and had been offline between Wednesday through Friday. The Nation subsequently reported that NIETS learned that information about some 1,000 students were stolen by hackers in the attack. Deputy Education…
London cyber criminals face jail over Natwest fraud
Asavin Wattanajantra reports: London-based cyber criminals face jail after siphoning off £600,000 from bank customers with a trojan virus. According to a report in the West Sussex County Times, the criminals used a trojan to infected computers, which waited until a user logged onto an account and then slithered its way into online cash transfer…
Knowing or reckless misuse of personal data – introducing custodial sentences
From the UK Ministry of Justice: Reference Number : CP22/09 Status: Open Open date: 15 October 2009 Close date: 07 January 2010 A consultation on exercising the power to provide for custodial sanctions for those found guilty of knowingly or recklessly obtaining, disclosing, selling or procuring the disclosure of personal data without the consent of…