|
|
|
|
|
EU Tightens Oversight of Data-Privacy Regulators
|
|
|
|
|
|
Hello. The European Union has a new mechanism for pushing regulators in member states to speed up investigations of alleged privacy law violations.
Regulators that handle large-scale cases affecting people in more than one European Union country will need to report on their progress every other month to the European Commission, the EU’s executive arm, Catherine Stupp reports.
The commission disclosed the new procedure in response to a complaint alleging that the commission itself had violated EU law by not properly overseeing the Irish privacy regulator.
A multiyear process. It can take years to resolve disputes over major cases, which often involve large technology companies. Discontent among European regulators over that pace has been brewing since the General Data Protection Regulation, the EU’s strict data-privacy and security law, took effect in 2018, Ms. Stupp reports.
-
It took four-and-a-half years for the Irish regulator to issue a decision in January in an advertising privacy case against Meta Platforms Inc., fining it $414 million for GDPR violations related to ad-tracking programs.
-
One still-unresolved complaint over location-tracking by Alphabet Inc.’s Google was filed in November 2018.
Johnny Ryan, a senior fellow at the nonprofit Irish Council for Civil Liberties, filed the 2021 complaint that led to the new oversight process. “The law is nothing if it’s not enforced,” he said.
More news below ...
|
|
|
CONTENT FROM OUR SPONSOR: Netscout
|
|
TCP Floods Are Leading the DDoS Attack Vector
Cybercriminals have become more sophisticated in bypassing defenses with new DDoS attack vectors. Like the good guys, criminals also change their tactics, but for nefarious reasons. A hybrid approach remains to be the best strategy to slow attackers down
Learn More
|
|
|
|
|
|
|
|
|
|
GoodRx’s co-founder and co-chief executive officer, Doug Hirsch.
PHOTO: LAUREN JUSTICE/BLOOMBERG NEWS
|
|
|
|
GoodRx shared personal health data with advertisers, FTC alleges in settlement. Prescription-drug discount provider GoodRx Holdings Inc. agreed to resolve Federal Trade Commission allegations that it unlawfully disclosed consumers’ personal health information to advertisers, The Wall Street Journal reported. The agency said it was a first-of-its-kind enforcement action. The company will be prohibited from disclosing consumer health information to third parties for advertising purposes and will pay a $1.5 million civil penalty, according to a proposed settlement filed Wednesday in a California federal court.
|
|
|
Crypto thefts hit record $3.8 billion last year on North Korean hacks. Thieves stole a record $3.8 billion worth of cryptocurrency in 2022 as sanctions on North Korea drove a surge in suspected hacking, Bloomberg reported. Crypto losses increased from $3.3 billion in 2021, Bloomberg said, citing a report by Chainalysis Inc. Hacking groups that U.S. officials have linked to the North Korean government stole an estimated $1.7 billion in 2022, Bloomberg said.
|
|
|
6% to 8%
|
Portion of the information technology budget at retailers and hospitality companies dedicated to cybersecurity, according to a survey of 126 such executives from the sectors’ Information Sharing and Analysis Center.
|
|
|
|
|
|
|
Splunk makes software used by information-technology and security operations to crunch data.
PHOTO: DAVID PAUL MORRIS/BLOOMBERG NEWS
|
|
|
|
Splunk Inc. is laying off about 325 employees, or 4% of its staff, mostly in North America, the company said on Wednesday. The information-technology and security operations company is also scaling back its use of external agencies and consultants as it seeks to cut costs. Chief Executive Gary Steele said Splunk will continue to invest in areas like innovation and will be recruiting in the year ahead, “consistent with our focus on accessing global talent in lower-cost areas.” (WSJ)
|
|
|
Vulnerabilities in Cisco Systems Inc. industrial gear used in data centers, factories and power plants could give cyberattackers complete access to those devices and broader networks, researchers from cybersecurity firm Trellix Corp. found. The vulnerabilities work by taking advantage of the ability to deploy application containers and virtual machines to Cisco routers, the researchers said. Organizations are urged to check for abnormal containers installed on relevant Cisco devices. (Dark Reading)
|
|
|
|
|
Data security company Cyberhaven said it expanded its leadership team with the appointment of Chris Hodson as chief security officer. Mr. Hodson will oversee all facets of security to protect Cyberhaven employees and customers, including cloud and application security, operations and risk management. Most recently, Mr. Hodson was responsible for security strategy at Contentful. Previously, he was chief information security officer at Tanium.
Anchorage Digital Bank has added executives focused on security and compliance, in the wake of the crypto industry’s “flight to quality,” Blockworks reported. The moves are pending “supervisory non-objection” from the Office of the Comptroller of the Currency, Blockworks said.
Blockworks said that Rachel Anderika, formerly the bank’s chief risk officer, is set to become chief operating officer; Mark duBose is now chief compliance and risk officer; and Frieder Weichelt, former chief risk officer at institutional crypto platform BitGo, has been named chief information security officer.
|
|
|
|
|
|