SypherPrivacyTalks - November 2024 - Week 48
by Sypher | Published in News - November 25, 2024
Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.
Raiffeisen, GDPR fine over employee irregularities
💶 Romania's data protection authority ANSPDCP has fined Raiffeisen Bank Romania €20,000 for GDPR violations involving unauthorised access, processing and disclosure of customer data. The investigation uncovered systemic issues, including employees misusing personal data to conduct unauthorised financial transactions, sharing sensitive client information, and manipulating accounts without consent.
The bank failed to implement adequate safeguards to prevent these breaches, resulting in the fine and mandatory corrective actions to improve data security and staff compliance… read more (article in Romanian).
The full announcement from the Authority.
Federal Court decision on data scraping increases GDPR-related litigation risks
hengeler-news.com • 2 min read
🧑⚖️ The German Federal Court of Justice has ruled that the loss of control over personal data can justify a claim for damages under the GDPR, even without proof of misuse. This lowers the bar for plaintiffs, and could lead to mass litigation in cases such as data scraping or data breaches.
While the ruling is not final and the details may still be clarified, it signals greater litigation risks for companies handling user data, especially with potential claims from millions of individuals… read more
Data privacy in the age of AdTech: balancing compliance and innovation
📽️ In this video, Usercentrics’ CMO highlights the growing importance of privacy-led marketing in today’s adtech environment.
She covers the challenges of balancing privacy regulations with innovative adtech solutions, its impact on the future of digital advertising, and how marketers can build trust while navigating stricter privacy rules.… watch the video
US: NIST Privacy Workforce Taxonomy
👨🏭 The US National Institute of Standards and Technology (NIST) has released a draft Privacy Workforce Taxonomy for public feedback until 17 January 2025. This framework is designed to help organisations improve privacy practices, enhance hiring efforts and guide professional training… read more
In addition, NIST has published a report examining safer ways to use synthetic content in training generative AI systems.
Exploring the digital landscape: Understanding the EU Digital Operational Resilience Act (DORA)
🛡️ This article co-authored by Kinanis LLC and The Digital Value Group discusses the Digital Operational Resilience Act (DORA), a new regulation that comes into force on 17 January 2025 and aims to improve cybersecurity and operational stability across the financial sector.
DORA introduces uniform standards for managing ICT risks, conducting resilience testing, reporting incidents and overseeing third-party service providers. It applies broadly to financial institutions, including banks, insurers and crypto platforms, reflecting the sector's growing reliance on digital technologies. While DORA is designed to mitigate cyber risks and strengthen operational resilience, smaller institutions may face challenges in meeting its compliance requirements… read more
--
Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
