Security news aggregator

Latest coverage for GDPR

Stay informed on GDPR regulations and data protection with the latest news, insights, and compliance strategies in our info security hub.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

GDPR is the European Union’s General Data Protection Regulation, in force since 25 May 2018. It governs the processing of personal data by organizations in the EU and, in some circumstances, organizations elsewhere that offer services to or monitor people in the EU. It sets principles and lawful bases for processing, gives individuals rights over their data, and defines duties for controllers and processors.

For security practitioners, GDPR requires risk-appropriate technical and organizational measures to protect personal data, such as access control, encryption or pseudonymization where appropriate, resilience, and regular testing. Privacy by design and by default should shape system and data-flow decisions. A personal-data breach may require notifying the relevant supervisory authority without undue delay and, where feasible, within 72 hours of awareness; affected individuals may also need notification when the risk is high. These obligations make asset and data inventories, processor oversight, retention controls, and breach playbooks operationally important.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view
Bank Info Security 10 months ago

Turning Regulation Into an Industry Advantage

Resilionix's Heather Lowrie on Embracing GDPR as Tool for Change and ResilienceIn a modern regulatory environment, compliance is no longer just an exercise in ticking off boxes. Thanks to GDPR, financial services firms are shifting from a reactive mindset to a more proactive approach to compliance that focuses on risk management, said Heather Lowrie, director at Resilionix.

Bank Info Security 1 year, 2 months ago

TikTok Fined 530 Million Euros for Data Transfer to China

Irish DPC Imposes a Fine for GDPR ViolationsTikTok must pay 530 million euros to the Irish data regulator for non-compliance with European privacy law. The nearly $600 million fine stems from TikTok's storage of European user data on servers in China and failure to disclose data transfers to China from July 2020 through November 2022.

Bank Info Security 1 year, 3 months ago

UK Fines Law Firm 60,000 Pounds for Ransomware Data Breach

Firm Failed to Close Outdated User Account, Waited 43 Days to Notify RegulatorsThe U.K. Information Commissioner's Office imposed a fine of 60,000 pounds against Liverpool-based law firm DDP Law for GDPR violations relating to a 2022 ransomware hack and data leak that exposed sensitive information including the details of its clients' cases.

Bank Info Security 1 year, 3 months ago

Violent ChatGPT Hallucination Sparks GDPR Complaint

Norwegian Man Tells OpenAI: I Didn't Kill My ChildrenA Norwegian man is peeved that a chatbot hallucinated a violent backstory for his life after seeing that ChatGPT apparently believes he's a child killer spending decades inside prison. "The fact that someone could read this output and believe it is true is what scares me the most," he said.

Bank Info Security 1 year, 5 months ago

Box-Checking or Behavior-Changing? Training That Matters

Exploring New Ways to Deliver and Measure Cybersecurity Awareness ProgramsRegulations like GDPR, HIPAA and CMMC have made security awareness training a staple of corporate security programs. But compliance is only part of the story. Organizations face an even deeper challenge: influencing employee behavior in ways that create a truly secure workplace.

Transfer of German Man's IP Address Wins Him 400 EurosEuropean privacy regulation - bane of American technology companies and a favorite cudgel of activists - came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.

Transfer of German Man's IP Address Wins Him 400 EurosEuropean privacy regulation - bane of American technology companies and a favorite cudgel of activists - came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.

Transfer of German Man's IP Address Wins Him 400 EurosEuropean privacy regulation - bane of American technology companies and a favorite cudgel of activists - came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.

Bank Info Security 1 year, 10 months ago

Irish Data Protection Commission Probes Google's AI Model

Inquiry Launched to Determine the Company's Compliance With GDPRThe Irish data regulator launched an investigation to determine Google's compliance with a European privacy law when it was developing its PaLM 2 artificial intelligence model. Google launched the multilingual generative AI model last year.

Bank Info Security 1 year, 10 months ago

Dutch Agency Fines Clearview AI 30M Euros for Data Scraping

5th Nation to Investigate Software Firm Imposes Largest GDPR Penalty, Bans UseThe Dutch data regulator is the latest agency to fine artificial intelligence company Clearview AI over its facial data harvesting and other privacy violations of GDPR rules, joining regulatory agencies in France, Italy, Greece and the United Kingdom.

Bank Info Security 2 years, 4 months ago

ICO Reprimands UK Home Office for Privacy Violations

Home Office Electronic Migrant Tracking System Violates UK GDPR, Says ICOA defunct U.K. Home Office pilot project that tracked the whereabouts of 600 migrants violated British privacy law, the British data regulator said early Friday in London, giving the agency a deadline of nearly a month to bring its data processing requirements under compliance.

Bank Info Security 2 years, 5 months ago

Privacy Fines: Tech Hub Ireland Leads EU in GDPR Sanctions

4.7 Billion Euros in Total Known Fines Since Data Protection Law Took EffectIreland - home to the European headquarters of a throng of multinational tech companies - is responsible for the greatest amount of aggregate data protection fines - 2.9 billion euros - since the European Union General Data Protection Regulation went into effect.

Bank Info Security 2 years, 7 months ago

British Lawmakers Push Ahead With Modifying UK GDPR

Data Protection and Digital Information Bill Heads to the House of LordsBritish Conservative lawmakers are pushing ahead with legislation modifying the U.K. codification of European privacy law despite objections from privacy advocates and concerns about the legislation's impact on European trade. Government backers say the bill will bolster the domestic AI industry.