GDPR

Digital Innovation and its impact on Privacy Law

The speed of digital innovation and the emergence of technologies such as facial recognition and fingerprint authentication has brought with it privacy and cybersecurity concerns. In the recent months, after the killing of George Floyd, law enforcement authorities in the United States deployed powerful surveillance tools to monitor and track the protests against systemic racism and police brutality. Drones were [...]

By | 14th July, 2020|4IR, Cybersecurity, Data Protection, GDPR, IT Law, PPM Attorneys, Privacy Law, Technology Law|

POPIA is vital for 4IR law

The fourth industrial revolution (“4IR”) is causing significant changes to the way we live, interact and do business. This is the future of technology, where objects, machines and various other devices connect with each other in a secure, networked environment. 4IR is being driven by intelligent machines that can perform complex tasks automatically by communicating with other machines, with little [...]

THE “NEDBANK BREACH”: WHAT IF THE PROTECTION OF PERSONAL INFORMATION ACT WAS IN FORCE?

Nedbank has handled the data breach its direct marketing services supplier - Computer Facilities (Pty) Ltd – suffered last week, reasonably well. This is evident from how they appear to have investigated it, to their frank, factual and informative press release. Apart from some reputational damage and a few million rand in forensics, legal and public relations agency fees, Nedbank [...]

By | 11th March, 2020|4IR, Cybersecurity, Data Protection, GDPR, PPM Attorneys, Privacy Law, Technology Law|

Tips for implementing effective privacy training in your organisation

Human error is the primary cause of personal data breaches[1]. The consequences of a data breach can be detrimental to a company and includes, not only direct damages and sanctions, but also substantial reputational harm. The mere occurrence of, as well as the costs and consequences of data breaches and data incidents could be drastically reduced by having appropriate awareness [...]

By | 28th January, 2020|4IR, Cybersecurity, Data Protection, GDPR, PPM Attorneys, Privacy Law|

Holding thumbs that SA’s Protection of Personal Information Act becomes effective on 1 April 2020!

Reports have been circulating, over the past two days, that South Africa's Protection of Personal Information Act, 2013 ("POPIA") could become law on 1 April 2020. These are certainly credible reports, as the Information Regulator has indeed written to President Cyril Ramaphosa, requesting that POPIA be made effective from the new (national government) financial year. The Information Regulator's Chairperson - [...]

Use of Facial recognition in schools sanctioned under GDPR

Biometrics is often presented as the most ergonomic and effective way of organising access control.  And this is probably the case! Local Swedish authorities reported that teachers were spending 17,000 hours a year reporting on attendance[1].  Given this shocking statistic, facial recognition at the classroom entrance could well be a very attractive option… The Swedish Data Protection Authority (the “Swedish [...]

By | 3rd September, 2019|4IR, Data Protection, GDPR, PPM Attorneys, Privacy Law|

Biometrics in the work place: how to stay compliant

Biometrics is often presented as an ergonomic and effective alternative to using too many passwords that are too difficult to remember. Biometrics authentication (or realistic authentication) can be used very conveniently by employers used as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance[1] Biometric identifiers include, for example, [...]

By | 20th May, 2019|4IR, Cybersecurity, Data Protection, GDPR, IT Law, PPM Attorneys, Privacy Law|

GDPR ENFORCEMENT: A PENALTY OF 50 MILLION EUROS AGAINST GOOGLE LLC

On 21 January 2019, the French Data Protection Authority’s (the “CNIL” ) restricted committee imposed a record fine of 50 million euros to Google LLC (“Google”). The main ground for its decision was non-compliance with the General Data Protection Regulation (“GDPR”) for lack of transparency, inadequate information and lack of valid consent regarding ads personalization. This penalty is based on [...]

By | 19th March, 2019|Data Protection, GDPR, IT Law, PPM Attorneys, Privacy Law|

Why the GDPR probably doesn’t apply to Liberty and its data breach

Background Liberty Group (“Liberty”) released a communication on 18 June 2018, advising that “it has been subjected to illegal and unauthorised access to its IT infrastructure”.  The data that was the subject of the breach seemed to be “largely emails and possibly attachments”. About three weeks before that, on 25 May 2018, a new European Union law - the General [...]

By | 9th January, 2019|Data Protection, GDPR, Privacy Law, Regulatory and Governance|

Five Tips to a Successful Relationship with the GDPR

Have you ever downloaded an app on your phone and looked at the permissions that the app requests.  I mean I just want to play Tetris, why do you need permission to access my contact list and messages, or know what I ate for dinner? With the new the General Data Protection Regulation (“GDPR”), a move to the age of [...]

By | 9th January, 2019|Compliance Law, Cybersecurity, Data Protection, GDPR, Information Security, Privacy Law|