Data

Subscribe to Data via RSS

Domino’s Pizza has suffered a security breach by a group of online professional hackers who accessed the online databases and servers of Domino’s Pizza customers in France and Belgium. The hackers claim to have downloaded over 600,000 customer’s records (592,000 relating to French customers and 58,000 relating to Belgian customers) which include names, addresses, phone numbers, passwords, delivery instructions and even favourite toppings.

In an unusual twist the hackers demanded a payment of €30,000 to be paid directly to them in exchange for the stolen information failing which they would publish the personal data online. The hackers posted further information and threats on a Twitter account that has since been suspended. Domino’s France released a statement on Twitter saying that although its data is encrypted, it has fallen victim to "professionals" who were able to "decode the cryptographic system for the passwords".Continue Reading Domino’s Pizza Data Exposure

The EU’s Article 29 Working Party has adopted an Opinion on Anonymisation Techniques (Opinion 05/2014).  The Opinion analyses the effectiveness and limits of existing anonymisation techniques, and provides recommendations for use of these techniques in light of the residual risk of identification inherent in each of them.Continue Reading Working party publishes Opinion on Data Anonymisation Techniques

The Court of Justice of the European Union (CJEU) has ruled that the Data Retention Directive 2006/24/EC (Directive) is invalid.

The Irish High Court (in Digital Rights Ireland Ltd v Minister for Communications, Marine and Natural Resources & Ors C-293/12) and the Austrian Constitutional Court (in Kärntner Landesregierung, Michael Seitlinger, Christof Tschohl and others, C 594/12), asked the CJEU to examine the validity of the Directive.Continue Reading CJEU rules that the Data Retention Directive is invalid

Election candidates in the upcoming May local and European Parliament Elections have all recently received correspondence from the Data Protection Commissioner reminding them of their obligations with regards to communicating with the electorate.  Candidates were made aware that should any complaints be received by the office of the Data Protection Commissioner they will be investigated, with appropriate action taken.

Candidates and political parties must adhere to the clear statutory guidelines as set out the in the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011, particularly in relation to the use of SMS, phone and e-mail in sending electoral messages. Continue Reading Restrictions on electronic direct marketing- politically correct?

The European Parliament has passed a resolution in response to the U.S. National Security Agency (NSA) surveillance scandal.  The resolution calls for the suspension of the U.S. – EU Safe Harbour Framework immediately, unless the U.S. satisfies the concerns of the EU Parliament.  

However, the Parliament’s resolution does not affect the validity of the Safe Harbour Framework. Only the Commission can renegotiate the Safe Harbour Framework. Last year, the Commission issued 13 recommendations to improve the functioning of the Safe Harbour scheme, and called upon U.S. authorities to remedy these issues by summer 2014 (see

Continue Reading Calls for Suspension of Safe Harbour

On 12 March 2014, the European Parliament voted in favour of the revised draft EU Data Protection Regulation.  To become law the proposed Regulation must be adopted by the EU Council using the "ordinary legislative procedure".  The EU Council is due to meet in June 2014.

Background

The proposed Regulation was originally presented by the European Commission on 25 January 2012.  It has been the subject of voracious debate both in Brussels and across the EU, and has been subject to much re-drafting.   
 Continue Reading European Parliament Approves Draft EU Data Protection Regulation