Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC's) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@oneDPO.com.
Arsenal F.C had aligned itself to the best practices of privacy in preparation for the Data Protection Act. During a recent GDPR audit, the firm found it was involved in more than 800 types of data collecting in different locations and formats. These data protection steps ensure much stronger customer engagement and a much more open relationship with the fan base.
A database containing highly sensitive and private activity information has been exposed in South Africa. More than 890GB of browsing log data of all online activities of over 1 million users has been revealed due to an unencrypted database hailing from a web filter app built by Conor.
Canadian clinical laboratory services provider,LifeLabs has announced a data breach that exposed the personal information forup to 15 million Canadians. The data breach was caused after an unauthorizeduser gained access to their systems. It was also reported that LifeLabs workedwith third-party cybersecurity experts to secure the affected systems andpurchase the stolen data from the hackers.
A College Board, a non-profitorganization that administers placement exams, has been accused of selling morethan five million students' personal information. College Board claims it doesnot sell student information, according to its data privacy principles. But,its privacy statement does disclose that qualified colleges, universities, non-profitscholarship services, and non-profit educational organizations do pay a licensefee to use the students' information.
For more info: https://edscoop.com/college-board-student-data-lawsuit/
The Swedish DPA has issued an administrative fineagainst the company Nusvar which runs the website Mrkoll.se. This websitepublishes personal data of all Swedes above the age of 16. The DPA found thatthe site has carried out credit information activity in a way that is not incompliance with the law.
The Bulgaria's Commission for Personal DataProtection announced a fine of BGN 55,000 against the National Revenue Agencyfor EU General Data Protection Regulation violations. The NRA was accused ofimproper processing of data, which led to subsequent data misuse, was found tohave violated Article 6 of the GDPR.
For traffic and planning purposes, motorists inMaryland are tracked regularly. This tracking has raised serious privacyconcerns among the public as they feel this may reveal driving patterns, suchas routes and schedules. The police department defends the act by stating thatthe personal data stored on the server is secure and not accessed by anycompanies.