#SypherPrivacyTalks - May 2023 - Week 22
by Sypher - May 31, 2023
Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.
Europe’s privacy regime: 5 years in 5 charts
đĨŗ 5 years of GDPR in 5 simple charts! Check out this insightful article by Giovanna Coi, Clothilde Goujard, and Laurens Cerulus. đ
The article explores the impact of GDPR and its implications on businesses and individuals. The GDPR compelled organisations, from tech giants to small businesses, to prioritise privacy and revamp their data handling practices. Potential fines of up to 4% of annual revenue motivated compliance efforts. However, challenges remain, with ongoing debates on holding Big Tech accountable and proposals to strengthen GDPR enforcement… read more
‘Massive’ Tesla leak reveals data breaches, thousands of safety complaints
đĒĢ A whistleblower has leaked around 100 gigabytes of confidential Tesla data, revealing inadequate protection of customer, employee, and business partner information. đ
This breach may violate GDPR regulations, potentially resulting in fines of up to €3.26 billion for Tesla. The leaked files also expose thousands of customer complaints regarding the driver assistance system, raising concerns about its reliability and safety.
Data protection authorities in Germany and the Netherlands are investigating the matter, emphasising the seriousness of the situation… read more
Twitter: Academics have 30 days to delete data they gathered from the Twitter API
đ¤ Twitter recently unveiled a new policy that has raised concerns among the academic community. Starting June 30, 2023, academic researchers who have collected Twitter data using the free or basic access levels of the Twitter API must delete their data or upgrade to the enterprise access level. The catch? The enterprise access level comes with a hefty price tag of $42,000 per month, making it unaffordable for most academic institutions and grants.
This policy has sparked outrage and criticism from academics who argue that it will hinder their ability to study and analyse social phenomena on the platform. They have raised valid concerns, including the retroactive application of the policy, the lack of clear guidelines, the absence of alternatives for researchers who cannot afford enterprise access, and the potential negative impact on research diversity and reproducibility.
Twitter justifies this decision as a measure to protect user privacy and comply with data protection laws. However, the academic community feels that Twitter did not engage in meaningful dialogue or consultation before implementing this policy, leaving researchers feeling unheard and disregarded.
Twitter has not responded to the academic community's feedback or requests. As a result, some academics have started deleting their Twitter data or seeking alternative sources of social media data. Others have chosen to continue using their data until they receive a notice from Twitter or until legal action is taken against them… read more
GDPR fines: Are they working?
infosecurity-magazine.com • 3 min read
âī¸ Since its implementation in May 2018, the GDPR has shaped global data privacy practices. While there have been high-profile cases, the fines issued by regulators have been relatively small.
TikTok's recent £12.7m fine, despite a potential 4% of global annual turnover, raises questions about the effectiveness of fines as a deterrent. Public trust erosion and negative PR may have more impact. It's crucial for individuals to consider their data privacy and choose alternative providers to drive real change… read more
Survey: 58% of firms have had a GDPR-related data breach
đĸ According to iResearch Services, 58% of firms have experienced such breaches in the past five years. đ
This data comes from a survey of 350 business leaders in the financial and professional services sectors in the UK and US. It's alarming that only 33% of firms have conducted formal GDPR training, relying instead on written policies (28%) or informal discussions (18%). On the bright side, respondents reported improved data protection practices (33%), increased employee awareness (27%), and enhanced customer trust (15%) as benefits of GDPR.
However, 20% mentioned increased compliance costs. Looking ahead, 54% of respondents desire stricter data protection requirements, while 33% want increased penalties for non-compliance. Let's embrace these regulations to reduce the likelihood of data breaches and safeguard our brands. In related news, Meta (parent company of Facebook) recently received a record-breaking €1.2 billion fine from Irish regulators for GDPR violations… read more
___
Stay tuned for more by đ connecting with us on LinkedIn or, better yet, by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
Photo by Michael Förtsch on Unsplash
