Category Archives: Data Breach

First GDPR sanctions are underway: the German case

On 22 November 2018, the Baden-Württenberg Data Protection Authority (LfDI) announced, with a press release available here in German, of having imposed a € 20.000 sanction on the chat site Knuddels.de, for breach of Art. 32 of the GDPR. Knuddels is an online chat service that was popular in the 2000s, before the Facebook era.… Read More »

Data Breach, not just “notification”

Among the new disciplines, introduced by GDPR, the one about the data breach is seemingly the least of the problem. Unlike DPIA and DPO, rated as discussed topics, Data Breach seems to be a clear point. In fact, there aren’t dispute on this topic. Also, WP250 Guidelines (adopted by the WP29 on 10/3/2017) explain and… Read More »

GDPR in practice

Everybody is talking about GDPR in every session at Security Summit this year, whatever the topic, but in practice what companies are doing to get prepared? Alessandro Vallega started from here to introduce the conference dedicated by Europrivacy to the new European Regulation, on the second day of the Summit organized by Clusit in Milan.… Read More »

UK institutional “data breach” … HSCIC asks for an inconsistent consent …

A recent decision of the Information Commissioner’s Office (https://ico.org.uk/) has manifested a fear that for years affected the UK (and not only) and that it is the focus of the discussions between the associations for the protection of clients/patients/data subjects. The above document states that the British “Data Controller” has experienced an anomaly related to… Read More »

Cyber Crime and Compliance at Milan Politecnico

The headlines go to the Cyber Crime attacks, but ultimately the Compliance remains the main expense leverage in IT security, at least for SMEs. That’s what emerges from the 2016 Survey by the Information Security & Privacy Observatory of the Milan Politecnico School of Management, presented on 2/2 at the conference “Cyber Crime: the invisible threat… Read More »