contains the passage in which LfDIBW suggests that correct reference to other DPA’s guidance will protect from a fine – even if LfDIBW disagrees to that guidance.
Denmark: DPA: Technical specification for encryption of email
( Published by the DPA on 20-09-2018)
In July, the Data Inspectorate announced a sharper practice with regard to encryption of e-mail. On the basis of a number of inquiries, the Authority has now prepared a text that concretises the tightening technically.
https://www.datatilsynet.dk/emner/persondatasikkerhed/transmission-af-personoplysninger-via-e-mail/
Link to press release: ttps://www.datatilsynet.dk/presse-og-nyheder/nyhedsarkiv/2018/sep/teknisk-konkretisering-ift-kryptering-af-e-mail/
Romania: DPA fines hotel 15,000 EUR for not protecting list of breakfast guests
The operator of WORLD TRADE CENTER BUCHAREST SA was sanctioned with a fine in the amount of 71.028 lei, the equivalent of 15.000 euro.
The breach of personal data security was that a printed paper list used to check breakfast customers and containing personal data of 46 clients housed at the hotel’s WORLD TRADE CENTER BUCHAREST SA was photographed by unauthorized people outside the company, which led to the disclosure of the personal data of some clients through online publication.
The operator of WORLD TRADE CENTER BUCHAREST SA has been sanctioned because it has not taken steps to ensure that its employees who have access to personal data only process their application, according to the law.
https://www.dataprotection.ro/index.jsp?page=O_noua_amenda_GDPR&lang=ro
50 Ways to Leak Your Data: An Exploration of Apps’ Circumvention of the Android Permissions System
HHS: HIPAA De-Identification (Safe Harbor, Expert, FAQs)
Guidance Regarding Methods for De-identification of Protected Health Information in Accordance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule
CreditVidya’s Sai Baba app Was Made To Spy On Your Phone For Credit Ratings
ICO: Intent to fine Mariott International 99 million GBP
Spain DPA: AEPD paper on anonymisation (k-anonymity)
Stellungnahme des Hessischen Beauftragten für Datenschutz und Informationsfreiheit zum Einsatz von Microsoft Office 365 in hessischen Schulen
Zulässigkeit der Transkribierung und Auswertung von Mitschnitten der Sprachsoftware “Alexa” durch Amazon
Wissenschaftliche Dienste, Deutscher Bundestag
https://www.bundestag.de/resource/blob/650728/3f72e6abc1c524961e5809002fe20f21/WD-10-032-19-pdf-data.pdf
Research Service of the German Bundestag reviews the lawfulness of transcribing and evaluating recordings of Amazon’s Smart Assistant Alexa.
Summary in English by Dr. Piltz https://www.linkedin.com/pulse/opinion-research-service-german-parliament-amazon-alexa-piltz/