Discover and read the best of Twitter Threads about #dataprotection

Most recents (24)

Some bit of tough love on IP protection in Kenya. I have heard of companies requiring their IT depts or hired devs to develop unhackable apps. To say this is ludicrous is an understatement because tech nerdistry alone can't protect your company's IP #CyberSecurity
IMO, IP protection should be hinged on the following key pillars
~ sound legal advice/support
~ BYOD policy
~ data privacy/protection policy
~ skilled IT staff
~ sober C-suite

Companies ought to start by seeking proper legal advice. I understand there are lawyers that......
focus solely on intellectual property. A BYOD policy is equally important because companies tend to focus on outsiders misappropriating their IP when studies have shown employees pose an even greater threat. Corporate espionage ring a bell?
Read 11 tweets
Time to pay close attention to #China & #India's comprehensive #DataProtection bills. Why? Because they are coming probably by the end of 2021, they are giving 'data subject' rights to app 2.7 billion people & they legislate DP where the US is absent: 1/ linkedin.com/posts/iapp---i…
In this panel that opened the #GPS2021 online sessions for @PrivacyPros, I explore with Barbara Li and Malavika Raghavan @teninthemorning some of the context & background leading to these two legislative developments in China and India, as well as the burning topics of ... 2/
...data localization, international data transfers, private rights of action and enforcement. There was so much more to talk about - we promise to be back with a follow-up and a deeper dive into individual data subject rights and other practical topics. Why the time pressure? 3/
Read 5 tweets
Modern #data platforms are emerging as the answer to the holy grail: creating a truly data-driven organization. With this, “how” we use data has changed.

Many vendors today brand themselves as the be-all and end-all... but this isn’t true. 🙅
It’s impossible to work today with a single modern data platform from one vendor! A modern #data platform is a collection of tools and processes. 🧰

In this thread, I’ll break down what a modern data platform means in practice today. 2/n
Today, data platforms have basic building blocks that look something like this. 👇 3/n

towardsdatascience.com/the-building-b…
Read 9 tweets
#Datacracy | Being #GDPR compliant doesn't necessarily make companies ready for India's upcoming data protection laws

businessinsider.in/tech/news/indi…

#dataprotection

By @pabsgill Image
@pabsgill India is ready to take a stab at formulating its first laws to govern data & it is using the European Union’s General Data Protection Regulations (#GDPR) as the template. For companies operating in India, this could end up being a stick in the mud.

#Datacracy #dataprotection
@pabsgill While #GDPR and India’s Personal Data Protection Bill (#PDP) are similar in many ways, the differences between them mean that a company which is compliant in Europe may not necessarily be compliant under the PDP.

#Datacracy #dataprotection
Read 10 tweets
#Datacracy | India’s new #DataProtectionBill makes a good show of user rights — but can it deliver on its promises?

businessinsider.in/tech/news/indi…

@internetfreedom

By @pabsgill
@internetfreedom @pabsgill India’s Personal #DataProtectionBill, 2019 is likely to be placed in front of Parliament sometime this month. The underlying goal of the proposed laws is to assign rights to users over the collecting, storage and usage of their information.

#Datacracy @internetfreedom
@internetfreedom @pabsgill When it comes to #dataprivacy it looks like users have every option available to them except for the one they want — control over their data. This includes knowing who’s collecting data, where it’s being stored, how it’s being used and what can be done if it's misused instead.
Read 12 tweets
Again!! 11 Crore Indian Cardholder's Cards Data Including personal details & KYC soft copy(PAN, Aadhar etc) allegedly leaked from a company's Server in India. 6 TB KYC Data and 350GB compressed mysql dump.
@RBI @IndianCERT #InfoSec #dataprotection #Finance ImageImageImageImage
This happened 2nd time this year. Hacker claiming that he was having access in company's server since Jan 2021 to till today. They also posted some DB structures with sample. Hope someone will take responsablity for this breach. @RBI should investigate this issue. ImageImageImageImage
We all are using Credit Debit cards online on daily basis. Companies should take responsablity of users data strongly. there should be a data leak disclosure policy too. ImageImageImageImage
Read 4 tweets
On facebook's data privacy. I have never installed facebook or instagram on my android test phone yet zuckerberg and co won't leave me alone. How do i know, because i proxied web traffic through a mitm tool and caught fb sending data about my phone to its data centers. Here's how
Facebook leverages its sdk installed across diverse apps to create and maintain profiles of consumers even if they don't use any of its apps. In my case, the culprit is an English Premier League app. Data sent to facebook datacenters includes phone orientation in 3d space - x,y,z
Battery stats, rooted/non-rooted, GDPR applicability - no in my case, my location, app with fb sdk, time, phone model, consent status - of course this rides on consent granted to app with fb sdk. Sneaky imho, among other data points. Where is all this data sent to,
Read 8 tweets
#DataPrivacyDay
Today on #DataPrivacyDay, @SFLCin is bringing you some tips and quick fixes to help protect your privacy online.
#DataPrivacyDay2021 #PrivacyAware #privacy #cybersafety #dataprivacy
We as a generation use #SocialMedia almost obsessively. Most of us have accounts on social media websites like #Facebook, #Instagram & #Twitter.
#SocialSecurity #cybersecuritytips #PrivacyAware
We also keep hearing about various #Hacking, #Phishing attempts and in times like these it is important to understand the basics of social media privacy settings to secure yourself from such attempts.
#PrivacyAware
Read 14 tweets
Trading in #cryptocurrency? 3.5 Lakh Users data including me leaked From @buyucoin. The leaked data contains Name, Email, Mobile, bank account numbers, PAN Number, Wallets Details etc. Again didn't informed to affected users by company.
Story - inc42.com/buzz/data-of-3…
#InfoSec

Such an irresponsible statements by @buyucoin. I am your registered and #KYC Verified user. You leaked my own data too. Please change your statement ASAP. What if someone used my account in any illegal activity. Please Inform your users Right Now. #InfoSec
BuyUcoin Cryptocurrency User Data Allegedly Affecting Lakhs of People Leaked on the Dark Web..
#InfoSec #DataLeak #dataprivacy #GDPR

gadgets.ndtv.com/internet/news/…
Read 4 tweets
15 Jan 2021, If you are using @WhatsApp Web, your Mobile Number and Messages are being index by @Google again. Don't know why WhatsApp is still not monitoring their website and google. This is 3rd time.
#Infosec #Privacy #infosecurity #GDPR #Whatsapp #Privacy #Policy #Google ImageImage
This time, @WhatsApp is actually using a “Robots.txt” file and a “disallow all” setting, so they are instructing @Google not to index anything. Google is still Indexing.
#InfoSec
Mobile Number and Messages on WhatsApp Web Is Being Indexed by Google Again. @Techna @billtoulas
technadu.com/whatsapp-web-i…
#InfoSec
Read 8 tweets
Your @WhatsApp groups may not be as secure as you think they are. WhatsApp Group Chat Invite Links, User Profiles Made Public Again on @Google Again.
Story - gadgets.ndtv.com/apps/news/what…
#Infosec #Privacy #Whatsapp #infosecurity #CyberSecurity #GDPR #DataSecurity #dataprotection ImageImage
Whatsapp also allows users to generate rich preview links of group chat invites that eventually may allow search engine crawlers to identify the links and then index them for future searches. This issue was apparently fixed by Whatsapp last year after becoming public.
Whatsapp Statement on this -
gadgets.ndtv.com/apps/news/what… Image
Read 5 tweets
DHSC's privacy notice for COVID testing has been updated to make it clear your result could be shared with police. gov.uk/government/pub… #covid19uk

Also PHE's #contacttracing privacy notice. contact-tracing.phe.gov.uk/help/privacy-n…

Recent regs. legislation.gov.uk/uksi/2020/1045…
HSJ says DHSC has agreed an MOU with police but I think that just tightens procedural compliance. hsj.co.uk/7028653.article #covid19uk #dataprotection

Sch 21 of the Coronavirus Act anticipated some sharing of results, even before new regs on self-isolation. legislation.gov.uk/ukpga/2020/7/s…
Apparently NHS Digital is the "national data guardian" now. Has anybody told the actual National Data Guardian? hsj.co.uk/7028653.article #covid19uk #NHSdata #datasharing
Read 4 tweets
I'll summarize our study on app vendors' responses to Subject Access Requests ("What data do you have on record about me?"), which was presented at #ares2020 – and received the Best Paper Award 🥳. @ARES_Conference #sar #apps #privacy #gdpr #dataprotection 1/18
Link to paper (open access): dl.acm.org/doi/abs/10.114…. This was a 4-year longitudinal study (2015–2019) and joint work of Jacob Kroeger (@JWI_Berlin), Jens Lindemann (@unihh) and myself (@uni_bamberg_of). 👀 Watch our 15-min talk on vimeo (vimeo.com/444158701). 2/18
Background: EU citizens can ask companies about what personal data they process according to Art. 15 GDPR. We performed an undercover study with 225 vendors of popular iOS and Android apps to figure out how vendors process such SARs. 3/18
Read 19 tweets
Look what can happen while you spend an hour or so enjoying yourself chewing the fat with #DataProtection colleagues...

Whatever's in that #RussiaReport must be *really* devastating...

Read 5 tweets
Hi, @ICOnews! Your advice to pubs, etc. on #collecting customers' details is (at this point in time) incorrect, where it says they are "#required" 👇 ico.org.uk/global/data-pr…

Until the appropriate Minister issues #Regulations, e.g. under section 45C of #PHA1984, the Government... Image
...has "#required" nothing; it is simply making a #request.

In other words, #collecting such details is entirely #voluntary on the part of the pub/bar/whatever - and #providing their details is entirely voluntary on the part of the customer.

Later in your advice, you use...
...the phrase "#encouraged to collect", which is (until #Regulations are laid for each nation) more accurate.

However, in listing people's #DataProtection #Rights, you omit to mention the most relevant one, i.e. their #RightToObject to #processing!

That you suggest pubs, etc...
Read 6 tweets
Margaret's blog refers to @NHSDigital's #DataProtectionNotice for the #COVID19 #GPES extract, but somehow omits to mention that people's #Type1 objections (#OptOuts) WILL be upheld: Image
And also that, according to digital.nhs.uk/coronavirus/gp…, actually *enhanced* #InformationGovernance processes - involving both @TheBMA & @rcgp - will be in place for data #access, which "may" include respecting #NDOP on a "case by case basis": ImageImage
Meanwhile, @NHSEngland/@NHSX in their notice to health & care professionals (while notably failing to mention #Type1s...) confirms patients STILL have the right to #OptOut of having a #SummaryCareRecord, and that existing #SCR #OptOuts will be respected:
nhsx.nhs.uk/documents/11/C… Image
Read 6 tweets
This 👇

On #hospitals, @NHSEngland maintains/publishes a list of NHS Hospital #Trusts, each of which may have several actual hospitals (which TBF are linked):

england.nhs.uk/publication/nh…

Though it doesn't seem to have updated the #OGL version on data.gov.uk since 2015.
As the statutory regulator, you'd hope @CareQualityComm would have a complete and up-to-date list of #CareHomes - but all its site appears to allow you to do is search for individual ones:

cqc.org.uk/what-we-do/ser…

Which, as a public #register, is less than helpful...
Mind you, speaking of statutory regulators, it's pretty appalling that @ICOnews - the #DataProtection regulator itself! - publishes a #register, supposedly under #OGL, that contains a whole *bunch* of #PersonalData it doesn't even bother to redact...
ico.org.uk/about-the-ico/…
Read 3 tweets
🔴
"Data-access requests that most Chinese mobile applications make outnumber their non-Chinese alternatives."

My Extensive analysis of Mobile applications+devices of Chinese firms & the possibilities of Data harvesting.

indiatoday.in/business/story…

#dataprotection #TikTok #Mitron
Ever wondered how many permissions you grant when you install a Chinese app on your mobile handsets?

When data is regarded as the vital fuel for the digital economy, data-access requests that most Chinese mobile applications make outnumber their non-Chinese alternatives.
Either available on the Google Play Store or Apple's App Store, these applications usually list permissions they require for installation.

A comparative analysis of Play Store information reveals startling facts about the volume of data Chinese applications seek from their users
Read 34 tweets
Since 2016 the French security services, the SGDSN, raised significant concerns over the growing dominance of CCP connected vehicles systems, especially those that will be paired to #5G networks with Chinese hardware. Now their fears are coming to pass: techwireasia.com/2020/05/huawei…
Background: Since 2014 #Huawei has been engaging several European car manufactures to explore rolling out Huawei GPS technology for both autonomous vehicles, connected vehicles and GPS assisted navigation.
In 2016 French car manufacturer Groupe PSA signed a deal with Huawei called "Push to Pass" strategy for 2016 - 2021. #Huawei technology would allow car manufacturers will be able to track, in real-time, the location of a vehicle, and retain the data. A major #DataProtection issue
Read 9 tweets
My notice to @NICMeity for compliance of legal provisions in #PrivacyPolicy of @SetuAarogya . #NIC as #bodycorporate must ensure #dataprotection & strict liability. #datasecurity as per IT Act & Rules must be updated in Policy before making #AarogyaSetu mandatory 1/10 @viraggupta
In #PrivacyPolicy of @SetuAarogya as per cl. 2(a) & 2(c usage of data restricted for Government of India. However, cl 2(b) & 2(d), having no mention of GOI. Due to this lapse, if #data goes to foreign #TechGiants, it may create big risk to #nationalsecurity #RighttoLife 2/10
As per clause 3(b) of the Privacy Policy, data will be retained on #mobile device. Hence, data can also be accessed by Mobile cos. As per cl. 1(b), the @SetuAarogya will use #Bluetooth and #location data. So, such data can also be accessed by #Telecom companies. 3/10 @TRAI
Read 10 tweets
1/9) Since everyone keeps asking me, here’s my TLDR on why blockchain-enabled immunity passports, certificates, or credentials for #COVID19 (ala the CCI covidcreds.com) are such a bad idea from a legal POV (leaving aside the technical & public health concerns for now).
2/9) Immunity passports, certificates, or credentials of any kind have the potential to interfere with fundamental rights of privacy & data protection; freedoms of association, assembly, & movement; the right to work & education; and otherwise limit our freedom & autonomy.
3/9) A measure that would interfere with our fundamental rights must be prescribed by law, necessary, and proportionate to achieve legitimate aims (bit.ly/2xDa6Sc).
Read 9 tweets
9 EASY STEPS 📌

you should be taking right now to protect yourself, your accounts and your privacy against #phishing attacks.

#Thread 👇 (1/14)
We’re all living with extra precautions due to the reality of #COVID19 but, unfortunately, that’s not the only threat we’re dealing with.

Cybercrimes are occurring more frequently in the past few weeks, so we’re sharing a list of precautions you all should follow.

(2/14)
If these feel pretty obvious to you — AWESOME! 🤩 But it might be a good time to remind your family and friends to be careful.

(3/14)
Read 14 tweets
On this #AprilFoolsDay, recounting some instances from #Parliament which had us fooled in the last one year:

1. Delaying discussing #FinanceBill for almost a week and then passing it without discussion in #LokSabha, because #Parliament had to be shut due to #COVID outbreak
2. On last day of curtailed #BdgetSession in #RajyaSabha, 7 Money Bills were returned in 5 hours, with 2 Appropriation Bills and all 154 clauses and 5 schedules of Finance Bill put to vote together without any discussion and cleared in 5 minutes

#AprilFoolsDay
3. Sending #DataProtection Bill to specially constituted Joint Parliament Committee headed by a BJP MP instead of already existing Standing Committee headed by an Opposition MP

#AprilFoolsDay instances from #Parliament
Read 9 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!