Skip to content

Protecting data privacy needs constant evolution

In such a fast-evolving field as technology, it is perhaps inevitable that new regulations are out of date as soon as they emerge from the legislative mangle. So it has proved with the EU’s landmark General Data Protection Regulation, six years in the making before coming into force in May 2018. Protecting data privacy needs …

8 Fundamental Data Anonymization Mistakes That Could Put Your Business At Risk

For data about EU citizens, it shouldn’t be possible to ‘single out an individual, link records relating to an individual or infer information concerning an individual’ without their consent – according to the GDPR. However, there are many situations where you need to use the data, for example, to facilitate software development, where you need …

Website privacy options aren’t much of a choice since they’re hard to find and use

You’ve probably encountered a pair of shoes that won’t stop following you around the internet, appearing in advertisements on different sites for weeks. While many websites offer a way to opt out of targeted advertisements or unwanted emails, we discovered in our recent research that exercising privacy choices isn’t always easy. But that helped us …

Researchers spotlight the lie of ‘anonymous’ data

Researchers from two universities in Europe have published a method they say is able to correctly re-identify 99.98% of individuals in anonymized data sets with just 15 demographic attributes. The suggestion is that no “anonymized” and released big data set can be considered safe from re-identification — not without strict access controls. “Our results suggest …

PSD2, GDPR and Banking Secrecy: What Role for Consent?

The revision of the payment services European legal framework operated by the Second Payment Services Directive (PSD2) deems to respond to the challenges set forth by the thriving innovation in the industry. Its aim is to allow Fintech companies and incumbent players (aka banks) to keep creating novel business models, while ensuring the enhancement of …

Data Security and Privacy Lessons From Recent GDPR Fines

Under the GDPR’s article 83, fines are divided into two separate categories. The first, which merits a maximum 2% of global revenue, is associated with security violations. The second category merits a more severe fine at 4% of global revenue relate to limiting processing for personal data, gaining consent, and processing data lawfully: Article 15: …

Why a Right to Explanation of Automated Decision-Making Does Not Exist in the General Data Protection Regulation

Since approval of the European Union General Data Protection Regulation (GDPR) in 2016, it has been widely and repeatedly claimed that a ‘right to explanation’ of all decisions made by automated or artificially intelligent algorithmic systems will be legally mandated by the GDPR once it is in force, in 2018. However, there are several reasons …