18th Newsletter -> 5 - 11 November 2016

EU Questions U.S. Over Yahoo email Scanning

The European Commission has contacted the United States asking about secret court order Yahoo used to scan thousands of customer emails for possible terrorism links. The court order raised concerns that the U.S. may have violated a new data transfer pact - the Privacy Shield Agreement. Under the new agreement that came into force in August, the U.S. have agreed to limit the collection of and access to Europeans' data stored on U.S. servers due to EU concerns about data privacy and mass U.S. surveillance. It was reported last month that Yahoo had scanned incoming customer emails in 2015 for a digital signature linked to a foreign state sponsor of terrorism, at the behest of a secret court order.

Read more HERE

_______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

Facebook Agrees to Stop Collecting WhatsApp User Data in the UK

UK Information Commissioner Office (ICO) said on Monday that Facebook has agreed to suspend using data for advertisements and product improvement related purposes from UK users of its WhatsApp messaging app. This agreement follows the ICO investigation from August this year, where they investigated user data collection practices of WhatsApp. The ICO discovered that consumers were not properly protected and warned Facebook that it faces enforcement action if it uses such user data without valid consent. Furthermore, Facebook and WhatsApp were also asked to sign an undertaking committing to better explaining to customers how their data would be used and to give them ongoing control over that data. But so far the companies have not agreed.

Read more HERE

You can read more about the ICO investigation in the 8th edition of our Newsletter HERE

Nike Ends Privacy Violations Following the Dutch DPA Investigation

The Dutch DPA (Autoriteit Persoonsgegevens) has investigated Nike and its Nike+ Running app (since renamed to Nike+ Running Club) and it concluded that Nike did not provide sufficient information to the users of the app about the processing of their personal (health) data. Specifically, Nike did not obtained the required explicit consent from the app users and it had not determined data retention periods.

To address this issues Nike has taken measures to end the violations. It has launched a new application, where it specifically asks the users for consent to process their health data. The information to users has been improved, and Nike has effectuated fixed retention periods.

Read more HERE

UK ICO Fines £70,000 for Marketing Text Messages

This week the ICO has issue a £70,000 fine to a London-based company Nouveau Finance Ltd, which primarily deals with providing loan matching services. The company was fined because it sent out 2.2 million marketing text messages to people who had not given permission to receive these messages and the company also didn’t identify who they were from.

Although there were only 92 complaints made about the messages, an ICO investigation revealed that Nouveau Finance Ltd had sent out over two million messages without consent. The business, which is registered with the Financial Conduct Authority (FCA), contracted a marketing services company to carry out the six-month-long text campaign, but failed to check that this company had complied with the Privacy and Electronic Communications Regulations (PECR).

Read more HERE

Read the Full Penalty Notice HERE

Compiled by Jernej Mavrič, email: jm@dp-recruitment.com

Dedicated to the International Data Protection recruitment market

DPR are international leaders in data privacy lawyer and practitioner recruitment

Our consultants have been leading the way in data privacy/protection recruitment since the earlier years of data protection legislation

Credible, experienced, friendly and well connected data protection market specialists

Specialists in data protection recruitment for all sectors and all international geographies

We hire privacy focused law graduates and CIPP qualified candidates for our own in-house research team.

DPR have market-leading data protection and information governance recruitment experience, and always provide a professional efficient and friendly service.

Head of Data Protection Consulting.

Hugo at DPR who manages the team has been the leading name in data privacy/protection recruitment from the beginning, DPR is the leading company in data privacy recruitment and they deliver on UK and international vacancies efficiently and effectively.

Deputy Chief Privacy Officer

If you need to recruit additional support or leadership within your organisation, or if you are interested in developing your own data protection career, then I highly recommend Data Privacy Recruitment Ltd.

Senior Executive, International Data Privacy

Data Privacy recruitment provided in-depth information about the UK privacy legal services market both in-house and private practice, their knowledge of the market is outstanding. For me it was their professionalism and support that really made the difference, I would highly recommend to any lawyer who is looking to further develop their career in the privacy market

18th Newsletter -> 5 - 11 November 2016

Dedicated to the International Data Protection recruitment market

DPR are international leaders in data privacy lawyer and practitioner recruitment

Our consultants have been leading the way in data privacy/protection recruitment since the earlier years of data protection legislation

Credible, experienced, friendly and well connected data protection market specialists

Specialists in data protection recruitment for all sectors and all international geographies

We hire privacy focused law graduates and CIPP qualified candidates for our own in-house research team.

Head of Data Protection Consulting.

Deputy Chief Privacy Officer

Senior Executive, International Data Privacy

Data Privacy Lawyer

DPR

Address