Data Protection News Update 08 January 2024

United Kingdom

Britain’s got some of Europe’s toughest surveillance laws. Now it wants more

  • Technology companies and privacy advocates are lining up against a proposed amendment to the U.K. Investigatory Powers Act.
  • TechUK wrote a letter to the Home Secretary James Cleverly asserting that the amendment could “hinder technological advancements aimed at improving consumer privacy, integrity and security.”
  • The group also stated that the act undermines the sovereignty of other nations as it empowers the Home Office to issue notices that prevent tech companies from updating their products if it could potentially hamper information-sharing with intelligence agencies.

ICO statement in response to parliamentarians’ letter on facial recognition technology 

  • The U.K. Information Commissioner’s Office released a response to a letter from the U.K. Parliament’s Justice and Home Affairs Committee related to inquiries about live facial recognition.
  • This is after the committee opened an investigation into the use of such technologies in December 2023.
  • The ICO states it recognizes “benefits in helping to prevent and detect crime” but added that they are “fully aware of the potential harms.”

United States

23andMe, the DNA-Testing Company, Blames Its Users for Data Breach

  • DNA testing company 23andMe told customers a data breach affecting 6.9 million users was the result of customers reusing the same passwords for different websites.
  • In a letter written to a lawyer representing 23andMe users in a class-action lawsuit against the company over the breach, 23andMe’s lawyers state that “the incident was a result of users’ failure to safeguard their own account credentials, for which 23andMe bears no responsibility.”
  • 23andMe has faced multiple lawsuits stemming from the breach, with plaintiffs accusing the company of failing to protect their personal data.


Data Processing in the health field: repositories to simplify your procedures

  • France’s data protection authority, the Commission nationale de l’informatique et des libertés, released a guidance on health data processing and storage standards.
  • The purpose of this guidance is to highlight the importance of compliance with the EU General Data Protection Regulation and also focus on showcasing additional measures taken to ensure that health data is protected.


Malaysia’s new database plan runs into privacy concerns amid recent hacks, data leaks

  • Malaysia’s new population tracking database raised privacy concerns after the Minister of Economy Rafizi Ramli claimed a loophole in the system could increase the threat of identity theft.
  • The Central Database called “Padu” is an effort led by the Economics Ministry to bring together information held by various ministries and government agencies into one, allowing the government a clearer picture of its 33.5 million population.
  • Deputy international trade minister Ong Kian Ming revealed a weakness in the system allows for anyone with a person’s identity card number and postcode to register as that person.
  • The public has called for the registration process to be suspended pending a proper fix.


More Posts

Send Us A Message