Cyber Risk & Data Privacy

Subscribe to Cyber Risk & Data Privacy via RSS

This decision confirms that it is sufficient that the allegedly infringing content is accessible online from a certain Member State, for the courts situated in that territory to have jurisdiction.

In Pez Hejduk v EnergieAgentur, NRW GmbH, Case C-441/13 (22 January 2015) the CJEU considered the question as to where a copyright owner can bring proceedings for infringement when a third party makes work available online for viewing and downloading without consent.Continue Reading Online copyright infringement – where can you sue?

The Data Protection Commissioner, Helen Dixon, spoke at the Society for Computers and Law’s ‘The Evolution and Reform of Data Protection’ event this morning. The Commissioner gave an overview of the activities of the Office of the Data Protection Commissioner (ODPC) in 2014 and set out the aims of the ODPC for the year ahead.Continue Reading Data Protection Commissioner reviews 2014 and sets out plans for 2015

The Department of Education and Skills is currently creating an individualised database of primary school students; the Primary Online Database (POD). The POD will gather personal data and sensitive personal data about pupils, such as information about ethnic and cultural background, religion, medical conditions, students with special needs and students’ Personal Public Service Numbers (PPSN). The POD will be shared with other state bodies, including the Central Statistics Office, the Department of Social Protection, the Department of Public Expenditure and Reform and the Revenue Commissioners. Continue Reading A permanent record (or at least until you turn 30)

The Circuit Court has dismissed Mr Shatter’s appeal against the Data Protection Commissioner’s (the DPC) decision that he breached the Data Protection Acts 1988 and 2003 (the DPAs), by disclosing Mr Wallace’s personal information on RTE’s Prime Time. 

The Court found that Mr Shatter, in his personal capacity, did not have standing to bring the appeal, and furthermore that it had not been shown that the DPC’s decision was vitiated by any serious or significant error or series of errors.Continue Reading Circuit Court dismisses Shatter’s appeal against Data Protection Commissioner

The Private Security Authority (PSA) has published a public consultation document which proposes regulating the Private Investigator Sector. The consultation follows the recent prosecutions of private investigators by the Data Protection Commissioner (DPC), for illegally obtaining people’s personal information (see my previous blog here).Continue Reading Consultation launched on regulation of private investigators

In recent years there has been an explosion of mobile applications (apps), with 1,600 new apps reportedly being added to app stores daily. Along with the increasing popularity of apps, there has been an increase in privacy concerns amongst Data Protection Authorities (DPAs) and consumers.Continue Reading Global DPAs urge app marketplaces to make links to privacy policies mandatory

There has been much debate during 2014 about the effectiveness of the US Safe Harbour regime. Many EU commentators have queried its effectiveness, pointing in particular to the lack of enforcement over the years by the Federal Trade Commission (FTC), the body which effectively is charged with dealing with complaints that companies are not in compliance with their public representations of adherence to the Safe Harbour principles.
Continue Reading SnapChat Signs Up to 20 Years of Data Protection Audits

On 11 December 2014, the Court of Justice of the European Union (CJEU) ruled that domestic use of CCTV surveillance should be strictly limited, and that the exemption in article 3(2) of the Data Protection Directive 95/46/EC for "personal or household activity" does not permit the use of domestic CCTV that also records any public space.Continue Reading CJEU restricts use of CCTV surveillance for domestic purposes

On November 23rd, Symantec, the American antivirus company, announced the discovery of a piece of software called Regin, which it had found lurking on computers and stealing data in Ireland, Russia, Saudi Arabia and several other countries. Its sophistication and stealth led Symantec to conclude that it must have been created by a nation-state.

The Regin software appears to have been lurking on some computer systems from as long ago as 2008 and Symantec said it was unusually low-key, meaning it could be used on a target for several years before being noticed. Symantec have described the purpose of Regin

Continue Reading Regin – State Sponsored Hacking

 A Ministerial Order (S.I. 541/2014) has been passed commencing Part 3 of the Criminal Justice (Mutual Assistance) Act 2008 (the Act), from 1 December, 2014. The Act provides for various forms of mutual legal assistance to foreign law enforcement authorities. 

 Part 3 concerns requests for mutual assistance between Ireland and other Member States of the EU for interception of telecommunications messages for the purposes of criminal investigations. It gives effect to Article 17 to 22 of the Convention on Mutual Assistance in Criminal Matters between the Member States of the European Union, 2000.Continue Reading Interception of Telecommunications Messages