Security news aggregator

Latest coverage for GDPR

Stay informed on GDPR regulations and data protection with the latest news, insights, and compliance strategies in our info security hub.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

GDPR is the European Union’s General Data Protection Regulation, in force since 25 May 2018. It governs the processing of personal data by organizations in the EU and, in some circumstances, organizations elsewhere that offer services to or monitor people in the EU. It sets principles and lawful bases for processing, gives individuals rights over their data, and defines duties for controllers and processors.

For security practitioners, GDPR requires risk-appropriate technical and organizational measures to protect personal data, such as access control, encryption or pseudonymization where appropriate, resilience, and regular testing. Privacy by design and by default should shape system and data-flow decisions. A personal-data breach may require notifying the relevant supervisory authority without undue delay and, where feasible, within 72 hours of awareness; affected individuals may also need notification when the risk is high. These obligations make asset and data inventories, processor oversight, retention controls, and breach playbooks operationally important.

Volume over time

Weekly headline count for the current query.

Showing 15 most recent headlines Filtered view

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security challenges

The Hacker News 1 year, 8 months ago

TikTok Pixel Privacy Nightmare: A New Case Study

Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But one online travel marketplace targeting young holidaymakers with ads on the popular video-sharing platform broke GDPR rules when a third-party partner misconfigured

The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an "illegal database with billions of photos of faces," including those of Dutch citizens