UK’s ICO fines LastPass £1.2M for the 2022 data breach that exposed 1.6 million users’ data. Learn how a flaw in an employee’s personal PC led to the massive security failure.
Category: GDPR
Europe, GDPR, Global Security News
Does the GDPR Apply to American Organisations?
GDPR scope, applicability and key requirements Does the EU GDPR (General Data Protection Regulation) apply in the US? Yes, if your organisation offers goods or services to, or monitors the behaviour of, EU residents, irrespective of their citizenship. Equally, the EU GDPR doesn’t apply to US residents or customers, even if they’re EU citizens. The GDPR was introduced to,…
Europe, GDPR, Global Security News
Does the GDPR Apply to American Organisations?
GDPR scope, applicability and key requirements Does the EU GDPR (General Data Protection Regulation) apply in the US? Yes, if your organisation offers goods or services to, or monitors the behaviour of, EU residents, irrespective of their citizenship. Equally, the EU GDPR doesn’t apply to US residents or customers, even if they’re EU citizens. The GDPR was introduced to,…
GDPR, Global Security News
What Is Legitimate Interest Under the GDPR?
The GDPR (General Data Protection Regulation) outlines six conditions under which organisations can process personal data. Four of those conditions are relatively self-explanatory: contractual requirements, legal obligations, vital interests and tasks carried out in the public interest. That leaves consent and legitimate interest that need to be unpacked. This blog focuses on legitimate interest. What is a…
Europe, GDPR, Global Security News
10 Key EU GDPR Requirements
The EU GDPR (General Data Protection Regulation) places many obligations on organisations that process personal data – which is pretty much all of them. Unsurprisingly, that can feel overwhelming. If you need a bit of help understanding what you need to do to comply with the Regulation, this blog provides a summary of ten key GDPR…
GDPR, Global Security News
The GDPR’s Six Lawful Bases For Processing – With Examples
Under the GDPR (General Data Protection Regulation), a lawful basis must be documented when organisations process personal data. But what is a lawful basis for processing? Do you always need individuals’ consent to process their data? And what exactly are ‘legitimate interests’? We answer those questions and others in this blog. What is a lawful…
Cybersecurity, GDPR, Global Security News, Hosting, Technology
Thinking Beyond Price: What Tech Teams Should Look for in a Hosting Provider
Discover why reliability, scalability, and local support matter more than cost when choosing Australian web hosting for your tech stack.
data protection, GDPR, Global Security News, privacy
The Data (Use and Access) Act and How it Affects the UK GDPR and DPA 2018, and PECR
Enacted in June, the Data (Use and Access) Bill – now the Data (Use and Access) Act 2025 or ‘DUAA’ – marked a significant moment in the evolution of UK data protection legislation. The Act builds on previous legislative efforts – most notably 2022’s shelved DPDI (Data Protection and Digital Information) Bill – and brings…
GDPR, Global Security News, privacy, Training
5 common GDPR mistakes – and how training can fix them
Most GDPR (General Data Protection Regulation) breaches arise from everyday slip-ups, such as missing DSAR (data subject access request) deadlines, picking the wrong lawful basis for processing, failing to enforce retention periods, keeping inadequate records or misreporting incidents. However, fall short of your compliance obligations – for whatever reason – and you face complaints, investigations,…
GDPR, Global Security News, privacy, Training
5 common GDPR mistakes – and how training can fix them
Most GDPR (General Data Protection Regulation) breaches arise from everyday slip-ups, such as missing DSAR (data subject access request) deadlines, picking the wrong lawful basis for processing, failing to enforce retention periods, keeping inadequate records or misreporting incidents. However, fall short of your compliance obligations – for whatever reason – and you face complaints, investigations,…
GDPR, Global Security News, privacy, Training
5 common GDPR mistakes – and how training can fix them
Most GDPR (General Data Protection Regulation) breaches arise from everyday slip-ups, such as missing DSAR (data subject access request) deadlines, picking the wrong lawful basis for processing, failing to enforce retention periods, keeping inadequate records or misreporting incidents. However, fall short of your compliance obligations – for whatever reason – and you face complaints, investigations,…
data protection, Europe, GDPR, General data protection regulation, Global Security News
A Guide to the EU GDPR’s Requirements for an EU Representative
This country’s post-Brexit data protection regime, the UK GDPR (General Data Protection Regulation), requires non-UK organisations that process UK residents’ personal data to appoint a representative in the UK. In the same way, the EU GDPR requires non-EEA organisations that process EU residents’ personal data to appoint a representative in the EU. This blog post…
data protection, Europe, GDPR, General data protection regulation, Global Security News
A Guide to the EU GDPR’s Requirements for an EU Representative
This country’s post-Brexit data protection regime, the UK GDPR (General Data Protection Regulation), requires non-UK organisations that process UK residents’ personal data to appoint a representative in the UK. In the same way, the EU GDPR requires non-EEA organisations that process EU residents’ personal data to appoint a representative in the EU. This blog post…
data protection, Europe, GDPR, General data protection regulation, Global Security News
A Guide to the EU GDPR’s Requirements for an EU Representative
This country’s post-Brexit data protection regime, the UK GDPR (General Data Protection Regulation), requires non-UK organisations that process UK residents’ personal data to appoint a representative in the UK. In the same way, the EU GDPR requires non-EEA organisations that process EU residents’ personal data to appoint a representative in the EU. This blog post…
GDPR, Global Security News, ISMS training, iso 27001 foundation training, privacy, Training
Who Needs ISO 27001 Foundation Training?
ISO 27001 training isn’t just for auditors or security consultants. Indeed, many roles need baseline knowledge of the Standard. If you help to protect information, support audits or manage suppliers, you will benefit. Foundation training teaches you the structure of an ISMS (information security management system), the core requirements in ISO/IEC 27001:2022 and what the…
GDPR, Global Security News, ISMS training, iso 27001 foundation training, privacy, Training
Who Needs ISO 27001 Foundation Training?
ISO 27001 training isn’t just for auditors or security consultants. Indeed, many roles need baseline knowledge of the Standard. If you help to protect information, support audits or manage suppliers, you will benefit. Foundation training teaches you the structure of an ISMS (information security management system), the core requirements in ISO/IEC 27001:2022 and what the…
GDPR, Global Security News, ISMS training, iso 27001 foundation training, privacy, Training
Who Needs ISO 27001 Foundation Training?
ISO 27001 training isn’t just for auditors or security consultants. Indeed, many roles need baseline knowledge of the Standard. If you help to protect information, support audits or manage suppliers, you will benefit. Foundation training teaches you the structure of an ISMS (information security management system), the core requirements in ISO/IEC 27001:2022 and what the…
data protection, Exploits, GDPR, Global Security News, human error, privacy
Human Error and Accidental Data Breaches: Lessons from Recent Cases
According to Verizon’s 2025 DBIR (Data Breach Investigations Report), some 60% of data breaches now involve “the human element” – in other words, errors and non-malicious activity. Failing to use the bcc function when emailing groups of people, accidentally emailing spreadsheets full of unencrypted personal data to entire mailing lists without checking, mistakenly misconfiguring an…
data protection, Exploits, GDPR, Global Security News, human error, privacy
Human Error and Accidental Data Breaches: Lessons from Recent Cases
According to Verizon’s 2025 DBIR (Data Breach Investigations Report), some 60% of data breaches now involve “the human element” – in other words, errors and non-malicious activity. Failing to use the bcc function when emailing groups of people, accidentally emailing spreadsheets full of unencrypted personal data to entire mailing lists without checking, mistakenly misconfiguring an…
data protection, Exploits, GDPR, Global Security News, human error, privacy
Human Error and Accidental Data Breaches: Lessons from Recent Cases
According to Verizon’s 2025 DBIR (Data Breach Investigations Report), some 60% of data breaches now involve “the human element” – in other words, errors and non-malicious activity. Failing to use the bcc function when emailing groups of people, accidentally emailing spreadsheets full of unencrypted personal data to entire mailing lists without checking, mistakenly misconfiguring an…
data protection, EU GDPR, GDPR, Global Security News
GDPR Data Protection Impact Assessments: The 7 Key Stages of the DPIA Process
The GDPR (General Data Protection Regulation) requires organisations to conduct a DPIA (data protection impact assessment) for data processing that is “likely to result in a high risk to the rights and freedoms of data subjects”. Effectively a type of risk assessment, DPIAs assess how high-risk data processing activities could affect individuals (data subjects). Failure to…
AI, data protection, GDPR, Global Security News, Technology
On-Premise vs SaaS Data Annotation Platforms Compared
Choosing a data annotation platform? Learn when to use SaaS or on premise based on speed, cost, data privacy, and project scope.
Cybersecurity, Fax, GDPR, Global Security News, privacy, Security
How Secure Is Online Fax: Privacy and Data Protection Standards
When it comes to sharing sensitive documents online, security sits at the top of everyone’s checklist. Online faxing is…
AI, Asia Pacific, Breaking News, deepseek, GDPR, Global Security News, Laws and regulations
GDPR violations prompt Germany to push Google and Apple to ban DeepSeek AI
Germany asked Google and Apple to remove DeepSeek AI from their app stores, citing GDPR violations over unlawful data collection and transfers to China. The Berlin Commissioner for Data Protection requested Google and Apple to remove the DeepSeek AI app from their app stores due to GDPR violations. On May 6, 2025, Berlin’s Data Protection Commissioner…
cyber security, Exploits, GDPR, Global Security News, penetration testing, security testing
Lessons Learned from the Legal Aid Agency Data Breach
The MoJ (Ministry of Justice) has disclosed that the LAA (Legal Aid Agency) suffered a data breach last month, in which criminals accessed data relating to hundreds of thousands of people, dating back to 2010. Exfiltrated data may have included “contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history,…
cyber security, Exploits, GDPR, Global Security News, penetration testing, security testing
Lessons Learned from the Legal Aid Agency Data Breach
The MoJ (Ministry of Justice) has disclosed that the LAA (Legal Aid Agency) suffered a data breach last month, in which criminals accessed data relating to hundreds of thousands of people, dating back to 2010. Exfiltrated data may have included “contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history,…
cyber security, Exploits, GDPR, Global Security News, penetration testing, security testing
Lessons Learned from the Legal Aid Agency Data Breach
The MoJ (Ministry of Justice) has disclosed that the LAA (Legal Aid Agency) suffered a data breach last month, in which criminals accessed data relating to hundreds of thousands of people, dating back to 2010. Exfiltrated data may have included “contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history,…
cyber security, Exploits, GDPR, Global Security News, penetration testing, security testing
Lessons Learned from the Legal Aid Agency Data Breach
The MoJ (Ministry of Justice) has disclosed that the LAA (Legal Aid Agency) suffered a data breach last month, in which criminals accessed data relating to hundreds of thousands of people, dating back to 2010. Exfiltrated data may have included “contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history,…
Application Security, Cloud Security, Cyberlaw, Cybersecurity, Data Privacy, Data Security, DevOps, EU GDPR, Featured, GDPR, GDPR (General Data Protection Regulation), GDPR compliance, gdpr eu, Global Security News, Governance, Risk & Compliance, Humor, Incident Response, Industry Spotlight, Most Read This Week, Network Security, News, online surveillance, Popular Post, privacy, remote work, remote work cyber security, Remote Work Cybersecurity, remote work enviornment, remote work productivity, Remote Work Security, remote worker management, remote workers, remote workforce, Remote Workforce Security, remote working, remote working risks, S3, S3 bucket, S3 buckets, SB Blogwatch, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Spyware, storage bucket, Threats & Breaches, vulnerabilities, WorkComposer
200,000 Workers’ PII at Risk in WorkComposer S3 SNAFU
Don’t say ‘spyware’—21 million screenshots in one open bucket. The post 200,000 Workers’ PII at Risk in WorkComposer S3 SNAFU appeared first on Security Boulevard.
AI, Elon Musk, Europe, GDPR, Global Security News, Government & Policy, Grok, Social, X, xAI
Ireland’s data regulator investigates X’s use of European user data to train Grok
Ireland’s data regulator, the Data Protection Commission (DPC), said Friday that it has opened an investigation into Elon Musk’s X over the social media platform’s use of personal data collected from European users to train Grok. The DPC will investigate how X processes personal data “comprised” in publicly accessible posts by European users for the…
AI, Artificial Intelligence, ChatGPT, GDPR, Global Security News, Law & order, Podcast, The AI Fix
The AI Fix #43: I, for one, welcome our new robot overlords!
In episode 43 of The AI Fix, our hosts discover a robot that isn’t terrifying, a newspaper shuns journalists in favour of AI, Graham watches a robot dog learn to stand, an AI computer programmer develops a familiar attitude, and New York tries to stop its humans arming their robots. Graham worries about AI vomit,…
GDPR, Global Security News, Meta, privacy, Social
Meta settles UK ‘right to object to ad-tracking’ lawsuit by agreeing not to track plaintiff
A human rights campaigner, Tanya O’Carroll, has succeeded in forcing social media giant Meta not to use her data for targeted advertising. The agreement is contained in a settlement to an individual challenge she lodged against Meta’s tracking and profiling back in 2022. O’Carroll had argued that a legal right to object to the use…
AI, Europe, GDPR, Global Security News, openai, privacy
ChatGPT hit with privacy complaint over defamatory hallucinations
OpenAI is facing another privacy complaint in Europe over its viral AI chatbot’s tendency to hallucinate false information — and this one might prove tricky for regulators to ignore. Privacy rights advocacy group Noyb is supporting an individual in Norway who was horrified to find ChatGPT returning made-up information that claimed he’d been convicted for…
Cybersecurity, data, Data Privacy, GDPR, Global Security News, privacy laws, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X
Data Entanglement, AI and Privacy: Why the Law Isn’t Ready
As data continues to fuel AI’s evolution, the fight for privacy will become more complex and more urgent than ever before. The post Data Entanglement, AI and Privacy: Why the Law Isn’t Ready appeared first on Security Boulevard.
Cybersecurity, data, EU, Europe, Featured, GDPR, Global Security News, NCC, News, privacy, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, social media, Spotlight, TikTok
TikTok’s Project Clover Evolves With PETs, Data Access Controls
The popular and controversial Chinese social media app TikTok is pushing forward with Project Clover, a €12 billion, 10-year initiative aimed at bolstering the protection of European user data. The post TikTok’s Project Clover Evolves With PETs, Data Access Controls appeared first on Security Boulevard.
AI, data protection, deepseek, GDPR, Global IT News, Global Security News, Government & Policy, privacy
Ireland and Italy send data watchdog requests to DeepSeek: ‘The data of millions of Italians is at risk’
The jury is still out on whether the Chinese AI upstart DeepSeek is a game changer or part of an elaborate plan by its hedge fund parent company to short Nvidia and other tech stocks. Whichever it might be (maybe both?), DeepSeek and its large language model have made some major waves. And now, it’s…
AI, data protection, deepseek, GDPR, Global IT News, Global Security News, Government & Policy, privacy
Italy sends first data watchdog request to DeepSeek: ‘The data of millions of Italians is at risk’
The jury is still out on whether the Chinese AI upstart DeepSeek is a game changer or possibly part of an elaborate plan by its hedge fund parent company to short Nvidia and other tech stocks. Whichever it might be (maybe both?), DeepSeek and its large language model has made some major waves. Now, it’s…
GDPR, Global Security News
GDPR fines hit €1.2 billion in 2024 on 8.3% more breach reports
Corporation violations of GDPR rules resulted in total fines of €1.2 billion in 2024, according to a report from international law firm DLA Piper. This sum represents a 33% decrease compared to 2023, breaking a seven-year run of increasing fines year over year. One reason for the decline, according to DLA Piper, is that a…
Cybersecurity, Data Privacy, european commission, GDPR, Global IT News, Global Security News, Security
EU court fines European Commission for breaching its own data privacy laws
The EU court said the bloc’s executive authority violated a citizen’s rights by transferring some of his personal data to the U.S. without proper safeguards. © 2024 TechCrunch. All rights reserved. For personal use only.
free, GDPR, Global Security News, privacy, Training
Free Coventry University Course to Help Everyone Protect their Online Privacy
Now everyone can learn what privacy means, how your privacy is impacted when using the web and mobile apps, and how to protect your privacy online thanks to a free course from Coventry University. The UK university has worked closely with experts including Pat Walshe at PrivacyMatters to create an informative online course, offering participants…
free, GDPR, Global Security News, privacy, Training
Free Coventry University Course to Help Everyone Protect their Online Privacy
Now everyone can learn what privacy means, how your privacy is impacted when using the web and mobile apps, and how to protect your privacy online thanks to a free course from Coventry University. The UK university has worked closely with experts including Pat Walshe at PrivacyMatters to create an informative online course, offering participants…
free, GDPR, Global Security News, privacy, Training
Free Coventry University Course to Help Everyone Protect their Online Privacy
Now everyone can learn what privacy means, how your privacy is impacted when using the web and mobile apps, and how to protect your privacy online thanks to a free course from Coventry University. The UK university has worked closely with experts including Pat Walshe at PrivacyMatters to create an informative online course, offering participants…
free, GDPR, Global Security News, privacy, Training
Free Coventry University Course to Help Everyone Protect their Online Privacy
Now everyone can learn what privacy means, how your privacy is impacted when using the web and mobile apps, and how to protect your privacy online thanks to a free course from Coventry University. The UK university has worked closely with experts including Pat Walshe at PrivacyMatters to create an informative online course, offering participants…
free, GDPR, Global Security News, privacy, Training
Free Coventry University Course to Help Everyone Protect their Online Privacy
Now everyone can learn what privacy means, how your privacy is impacted when using the web and mobile apps, and how to protect your privacy online thanks to a free course from Coventry University. The UK university has worked closely with experts including Pat Walshe at PrivacyMatters to create an informative online course, offering participants…