Data Privacy & Cybersecurity

ICO Upholds FOI Complaint Against NHS Trust

The ICO has upheld a Freedom of Information (FOI) complaint against South London & Maudsley NHS Foundation Trust for a delayed response. The Trust is required to provide a substantive response to the complainant within 30 calendar days.

ICO Upholds FOI Complaint Against NHS Trust

The UK's Information Commissioner's Office (ICO) has upheld a Freedom of Information (FOI) complaint against South London & Maudsley NHS Foundation Trust for a delayed response. The Trust is now required to provide a substantive response to the complainant within 30 calendar days.

ICO Upholds FOI Complaint Against Pentraeth Council

The ICO has upheld a Freedom of Information complaint against Pentraeth Council for failing to respond to a request within the statutory 20 working days. The Council has been ordered to respond to the complainant within 30 calendar days.

Garante Privacy Sanctions Aldilapp, Halts Non-Compliant Cameras

The Italian Garante Privacy has sanctioned Aldilapp and its distributors for non-compliant digital cemetery services, halting the use of non-compliant cameras. The authority also approved a delegation management platform and expressed global concerns regarding AI-generated intimate content.

NIST Report on Challenges in Monitoring Deployed AI Systems

The National Institute of Standards and Technology (NIST) has published a report detailing challenges in monitoring deployed artificial intelligence (AI) systems. The report, based on practitioner workshops and literature review, identifies gaps and opportunities for innovation in post-deployment AI monitoring methodologies.

Computational Materials for Aviation Additive Manufacturing Qualification

NIST has published guidance on computational materials approaches for the qualification and certification of metal additive manufacturing in the aviation sector. This document, authored by researchers from NASA and other institutions, provides insights into process-intensive materials.

CNIL Closes Order Against KASPR Following GDPR Violations

The CNIL has closed an order against KASPR, originally issued on December 5, 2024, which included a €240,000 fine for GDPR violations related to data collection from LinkedIn. KASPR has demonstrated compliance with the corrective measures, leading to the closure of the order and the non-liquidation of a potential daily penalty.

AEPD Archives Proceedings Against Orange Spain Regarding Portability

The Spanish Data Protection Agency (AEPD) has archived proceedings against Orange Spain concerning a data portability issue. A consumer filed a complaint alleging unauthorized portability of their fixed-line number, leading to service suspension and subsequent restoration. The AEPD closed the case after reviewing the evidence and Orange's response.

AEPD Fines ORNITOLÓGICA DE ANDALUCÍA FOA 131,801 Euros for GDPR Violation

The Spanish Data Protection Agency (AEPD) has issued a resolution imposing a fine of 131,801 euros on ORNITOLÓGICA DE ANDALUCÍA FOA for a data breach. The violation involved the mass emailing of personal data, including names and national identification numbers, to federated associations and individuals.

Dutch Data Protection Authority Warns of AI Agent Security Risks

The Dutch Data Protection Authority (AP) has issued a warning regarding the significant security risks associated with AI agents like OpenClaw. The AP advises users and organizations against using these experimental systems, particularly with sensitive data, due to potential data breaches and account takeovers.