ARTICLE
10 March 2014

Global Data & Privacy Update - 13.02.14

CC
Clyde & Co

Contributor

Clyde & Co is a leading, sector-focused global law firm with 415 partners, 2200 legal professionals and 3800 staff in over 50 offices and associated offices on six continents. The firm specialises in the sectors that move, build and power our connected world and the insurance that underpins it, namely: transport, infrastructure, energy, trade & commodities and insurance. With a strong focus on developed and emerging markets, the firm is one of the fastest growing law firms in the world with ambitious plans for further growth.
This article presents a summary of the most recent developments in the global data & privacy protection landscape.
United Kingdom Privacy

Data theft hits Barclays

A database containing the personal information of 27,000 customers of Barclays' Financial Planning Services unit has been stolen and sold on to "rogue City traders", according to a report by the Mail on Sunday. The client information dates from 2008 and includes detailed financial information such as earnings, savings and mortgages, as well as passport numbers, hobbies and psychometric test results. According to a whistle-blower, files could be sold for GBP 50 each. The bank is investigating and has said it will contact affected customers as soon as possible. The FCA and the ICO have also been notified.

UK companies lagging behind on cyber security

Research commissioned by BT, which surveyed 500 IT decision makers in companies located in seven different countries, found that only 17% of UK business leaders see cyber security as a priority, whilst in the US the figure is 41%. US companies are also better prepared to combat IT security threats. The vast majority of US directors and senior decision makers are given cyber security training, yet in the UK only 37% receive such support.

City of London police and UK banks in cyber prevention partnership

The organisations have been working together in order to thwart criminals' attempts to hack into bank accounts, with police using anti-terrorist techniques to identify suspect bank accounts. They then alert the banks as to which accounts should be closed. Twenty thousand bank accounts thought to have been used to steal funds have been identified since April 2013, which the British Bankers' Association estimates to have prevented the theft of GBP 173.9 million from customers.

ICO fines government department GBP 185,000

The Department of Justice for Northern Ireland was awarded the monetary penalty after a filing cabinet containing the personal information of victims of a terrorist incident was sold at auction. The personal data lost included information on injuries suffered, the amount of compensation awarded, and confidential ministerial advice. The ICO investigation found that staff had been provided with limited instructions on how to handle personal data securely.

New Turkish internet privacy law sparks violent protests

The bill, which was passed last week, allows Turkey's telecommunications authority to block websites which are deemed to violate privacy or to be "insulting", without first seeking a court order. Internet service providers will also be forced to store information on web users' activities for two years, and to supply this information to the authorities on request and without notifying users. Prime Minister Recep Tayyip Erdogan has said that the legislation will make the internet "more safe and free". The bill has received widespread criticism, including from the European Commission, which stated that the law "needs to be revised in line with European standards".

California Senate restricts collection of personal data online

An amendment to the Song-Beverly Credit Card Act, SB 383, was passed by the California Senate, extending application of the Act to online credit card transactions involving electronic downloadable content. Merchants will only be able to gather personal information such as zip codes and addresses during online transactions involving these products in certain, restricted circumstances. In the 2013 case of Apple Inc v Superior Court it had been found that the original Song-Beverly Act did not apply to this type of online transaction. The position relating to other types of online credit card transactions remains unclear.

Japan bombarded by 12.8 billion cyber attacks in 2013

The country's National Institute of Information and Communications Technology (NICT) said that the attacks included phishing campaigns, DDoS (Distributed Denial of Service) attacks, and hacktivism, and that the state and government-run organisations were the most common targets. The number of hacks has more than doubled since 2005 and most attacks are thought to come from China, the US, Russia or Brazil.

Osaka facial recognition experiment raises privacy concerns

A government-affiliated organisation is to run a two-year experiment in Japan's Osaka Station. This will involve monitoring the movements of people passing through by way of a facial recognition system featuring 90 cameras, which will track chosen individuals for a week. The project organisers aim to gain more information about how the station is used and say that only some characteristics of a person's face are collected. Critics note the risk of a privacy infringement, and that "individuals could be identified if the data is correlated with...social media photos".

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More