Articles from Around the Web

Cyberattack of UK sportswear company exposes data of 10M customers

The BBC reports 10 million customers of U.K. sportswear chain JD Sports had their data exposed in a cyberattack. The breach reportedly affected online sales data from 2018-2020, including personally identifiable information. JD Sports representatives said they were contacting affected customers, working with “leading cyber-security experts” and talking with the U.K. Information Commissioner’s Office to respond to the breach.Full Story

Roundup: Canada, EU, US and more

In this week’s Global News Roundup, the Privacy Commissioner of Canada reflected on the commission’s annual report. The European Data Protection Board published its binding decision in the Irish Data Protection Commission’s WhatsApp case. U.S. Republican lawmakers introduced another bill to ban citizens from downloading TikTok. And the Saudi Arabian Data and Artificial Intelligence Authority opened a public consultation period for secondary data use guidelines. (IAPP member exclusive.)Full Story

EU member states move toward agreement on European Health Data Space

Euractiv reports the Council of the European Union is drawing closer to a consensus position on the proposed European Health Data Space. The council's Working Party on Public Health agreed on amendments to the European Commission's proposed provisions regarding secondary use of data, including withholding data for the purposes of public security and national security.

US state privacy developments: Indiana, New Hampshire, Washington

The Indiana Senate Committee on Commerce and Technology voted 11-0 to advance Senate Bill 5, an act concerning consumer data protection. The committee adopted an amendment to add a sunset on the right to cure in 2028. SB 5 needs two Senate floor votes to change chambers.

A view from DC: New US Congress, new life for proposed ADPPA

IAPP Managing Director, Washington, D.C., Cobun Zweifel-Keegan, CIPP/US, CIPM, breaks down the latest privacy developments in the nation’s capital, including a look at the potential road ahead for the proposed American Data Privacy and Protection Act as the 118th U.S. Congress settles into its new structure.Full Story

A view from Brussels: ENISA cybersecurity priorities and the threat landscape analysis

Kenyan president announces 'data protection registration system,' digital ID requirement

Kenyan President William Ruto announced the formation of a “data protection registration system” as part of the country’s observation of global Data Privacy Day, The Star reports. Ruto made the announcement as part of a two-day event in Nairobi that connected “stakeholders from government agencies (and) private and public sectors . . .

The IAPP's top 5 most-read articles for the week of Jan. 23, 2023

The IAPP and FTI Consulting published the "Privacy and AI Governance Report."
The IAPP published the “Global Legislative Predictions 2023” white paper.

NIST publishes AI Risk Management Framework

The U.S. Department of Commerce National Institute of Standards and Technology released its Artificial Intelligence Risk Management Framework 1.0 Jan. 26. Required under the National AI Act of 2020, the framework is the product of 15 months of work by NIST scientists who compiled public comments from more than 240 AI stakeholders through multiple listening sessions and workshops, while producing two previous drafts of the document last year. The framework is voluntary but will help organizations deploying AI systems to enhance their trustworthiness and reduce biases.

Public consultation for Saudi Arabia's secondary data use guidelines opens

The Saudi Arabian Data and Artificial Intelligence Authority opened public consultation for its secondary data use guidelines Jan. 25. The objective is “establishing the legal framework for sharing data for research, development and innovation purposes.” The consultation period runs until Feb. 9.Full Story

Ransomware group's servers seized by FBI, European partners

The U.S. FBI and international partners in Germany and the Netherlands seized multiple servers allegedly belonging to ransomware group Hive, CyberScoop reports. Hive, "considered a top-five ransomware threat by the FBI," allegedly targeted more than 1,500 victims globally since June 2021.

Search form

Search form

Search form

Discover the latest industry insights and developments with our News from Around the Web page. We curate feeds from a variety of reputable organizations, bringing you a comprehensive overview of relevant news and trends. Stay informed and connected with the most current updates from across the web.

Sign Up For Our Newsletter