Discover and read the best of Twitter Threads about #dpo
Most recents (13)
#Edu22 #Edu22FR Today The French delegation 🇫🇷 is with @CUBoulder. "The University of Colorado Boulder is one of only 35 U.S. public research institutions in the Association of American Universities (@LaboratoireAAU )" colorado.edu 
@CUBoulder @LaboratoireAAU @tkoscielniak @laurent_flory @maite_sylla @VivierEmmanuel2 @johnaugeri @pvk @CSIESR @Unif_Num @cnlogicielle #Edu22 #Edu22FR Today The French delegation 🇫🇷 is with @CUBoulder. First presentation about UXstudents design #UXCenter and by 2 students + one colleague
.
.
@CUBoulder @LaboratoireAAU @tkoscielniak @laurent_flory @maite_sylla @VivierEmmanuel2 @johnaugeri @pvk @CSIESR @Unif_Num @cnlogicielle @VpNum @Amue_Com @LeCnam @NantesUniv @UPJV_Univ #Edu22 #Edu22FR Today The French delegation 🇫🇷 is with @CUBoulder. In attendance: Katherine Eggert, @CourtneyFell, Jon Leslie, @stanekcolo, Joe Thomas,
@RDMatthies, Emrys Baldonado (graduate student), Nathan Raczynski (student) @NathanRaczynski 🙏.
@RDMatthies, Emrys Baldonado (graduate student), Nathan Raczynski (student) @NathanRaczynski 🙏.
‼️THREAD:
Μία κατά λάθος ανάρτηση στη Διαύγεια ενός απόρρητου έργου του @migrationgovgr οδήγησε τους @Malichudis @IPapangeli @Balkanizator σε μια αποκάλυψη:
👉 έργα επιτήρησης προσφύγων αξίας 20 εκατ. ευρώ υλοποιήθηκαν παραβιάζοντας τον κανονισμό #GDPR.
bit.ly/diavgeia-kata-…
Μία κατά λάθος ανάρτηση στη Διαύγεια ενός απόρρητου έργου του @migrationgovgr οδήγησε τους @Malichudis @IPapangeli @Balkanizator σε μια αποκάλυψη:
👉 έργα επιτήρησης προσφύγων αξίας 20 εκατ. ευρώ υλοποιήθηκαν παραβιάζοντας τον κανονισμό #GDPR.
bit.ly/diavgeia-kata-…
Tα έργα #Υπερίων και #Κένταυρος, για τα οποία έχει ασκηθεί έντονη κριτική, αφορούν:
- ένα σύστημα ελέγχου εισόδου-εξόδου, με χρήση βιομετρικών/βιογραφικών δεδομένων,
- κι ένα ψηφιακό σύστημα διαχείρισης ασφάλειας, με χρήση καμερών, drones, και αλγορίθμων ανάλυσης συμπεριφοράς.
- ένα σύστημα ελέγχου εισόδου-εξόδου, με χρήση βιομετρικών/βιογραφικών δεδομένων,
- κι ένα ψηφιακό σύστημα διαχείρισης ασφάλειας, με χρήση καμερών, drones, και αλγορίθμων ανάλυσης συμπεριφοράς.
Ωστόσο, οι @Malichudis @IPapangeli @Balkanizator αποκαλύπτουν πως τα 2 κεντρικά στον σχεδιασμό του υπουργείου έργα:
- σχεδιάστηκαν,
- εντάχθηκαν στα 🇪🇺 ταμεία,
- υλοποιήθηκαν,
δίχως να ικανοποιούνται αναγκαίες προβλέψεις προστασίας προσωπικών δεδομένων.
bit.ly/diavgeia-kata-…
- σχεδιάστηκαν,
- εντάχθηκαν στα 🇪🇺 ταμεία,
- υλοποιήθηκαν,
δίχως να ικανοποιούνται αναγκαίες προβλέψεις προστασίας προσωπικών δεδομένων.
bit.ly/diavgeia-kata-…
JOAO PAULO DA SILVA PORTO
"#CloudComputing, em servidores fora do Brasil, será classificado como transferência internacional de #dados? (ex.: serviços de armazenamento em nuvem ofertados hoje pela @MicrosoftBr e @amazonBR , com servidores localizados no EUA)."
"#CloudComputing, em servidores fora do Brasil, será classificado como transferência internacional de #dados? (ex.: serviços de armazenamento em nuvem ofertados hoje pela @MicrosoftBr e @amazonBR , com servidores localizados no EUA)."
Fabiano Souza
"O uso de @whatsappsbr #WhatsApp ou similares, para troca de #dados com a empresa, principalmente quando envolve dados #sensíveis, é seguro? Apesar das facilidades desses apps, quais os #riscos e formas de #mitigação?"
"O uso de @whatsappsbr #WhatsApp ou similares, para troca de #dados com a empresa, principalmente quando envolve dados #sensíveis, é seguro? Apesar das facilidades desses apps, quais os #riscos e formas de #mitigação?"
TO ALL MALAWIAN SMALL BUSINESSES & TECH ENTREPRENEURS (AS WELL AS PROGRAMMERS, WEB HOSTS, GRAPHIC DESIGNERS)
Getting a .mw domain is very expensive and often not worth it. So here is my contribution towards solving that problem once and for all (THREAD)
@blongwe @wandaman @wizaj
Getting a .mw domain is very expensive and often not worth it. So here is my contribution towards solving that problem once and for all (THREAD)
@blongwe @wandaman @wizaj
Not for complaining or criticizing I went to SDNP in 2019 to find out why .mw domains are so expensive. Short answer: Chicken & Egg scenario. Not enough domains registered (only 6000) for price to be low like .com (millions registered) but price too high for most to register.
As long as people don't register price will not drop and as long as price is high $80 to $100 (approx K85,000) people are not going to register a .mw domain when a .com and others cost $10 to $20 max (approx K15,000). So round and around we go. #Malawi #CODB #datamustfall
I had to put 5 signatures on a #biometric pad in order to access a heath service.
No #privacy notice. No info from the operator.
No contextual information on #signature pad.
I was not able to understand what I was signing for each of them.
No alternative: sign or leave the queue!
No #privacy notice. No info from the operator.
No contextual information on #signature pad.
I was not able to understand what I was signing for each of them.
No alternative: sign or leave the queue!
A very frustrating and worrying situation
This is a bad attitude for a big company and don't comply with #GDPR at all.
As a #PrivacyPro, I will now touch base with the #DPO just to announce that I will file a complain to the local DPA.
This is a bad attitude for a big company and don't comply with #GDPR at all.
As a #PrivacyPro, I will now touch base with the #DPO just to announce that I will file a complain to the local DPA.
This creepy biometric signature is used by the front desk of heath service provided by @fsitaliane RFI , main Italian railways agency. Thousand of workers face the same shaming signature.
Yes, because you feel really uncomfortable giving free rein
Yes, because you feel really uncomfortable giving free rein
Hei, dress manufacturers @ColmarSport @Moncler @TweetCalzedonia You put active @RFID inside clothes. No one in shops removes them. In some cases are well hidden. REMOVE BEFORE USE warning is tiny
This is a @privacy violation and a @GDPR breach
Please inform DPO, if you have any.
This is a @privacy violation and a @GDPR breach
Please inform DPO, if you have any.
l tag RFID identificano univocamente un oggetto e il loro segnale può essere letto da chiunque sia attrezzato. basta poco.
Non è un antitacchieggio, dove i tag sono tutti identici, è un identificativo univoco
Non è un antitacchieggio, dove i tag sono tutti identici, è un identificativo univoco
Daily #GDPR fail, from #Milan County, restricted traffic zone website.
text #password stored in database
sending readable password in email
showing password on web pages with silly bullets (easy to hack)
16 digits Max for passwords
no gdpr #compliance on website
text #password stored in database
sending readable password in email
showing password on web pages with silly bullets (easy to hack)
16 digits Max for passwords
no gdpr #compliance on website
in the database there are:
- plates of my cars
- my transits in every restricted traffic area gate
- the exact time of my transits
- so many more data
...somebody can easily track my usual routes, my habits, my work...
I suppose the #DPO is on holiday.
This is crazy.
- plates of my cars
- my transits in every restricted traffic area gate
- the exact time of my transits
- so many more data
...somebody can easily track my usual routes, my habits, my work...
I suppose the #DPO is on holiday.
This is crazy.
DPO is not on holiday.
Somebody will take care.
Somebody will take care.
Wow, @Radio24_news ha una nuova APP. Molto bella.
Peccato che sia piena di tracker, non dichiarati nell'informativa privacy, senza chiedere alcun consenso e senza alcun modo di disattivarli.
Dati personali a gogo, in libertà, così, tanto non se accorge mai nessuno! #GDPR FAIL
Peccato che sia piena di tracker, non dichiarati nell'informativa privacy, senza chiedere alcun consenso e senza alcun modo di disattivarli.
Dati personali a gogo, in libertà, così, tanto non se accorge mai nessuno! #GDPR FAIL
Penso che la gente meriti almeno di essere informata che ogni volta che si la APP voi registrate esattamente
- cosa fa
- dov'è con precisione al metro
- dove va (tracciamento del percorso)
- che ogni utente viene profilato
- che i dati sono condivisi con Google, Facebook, Gigya
- cosa fa
- dov'è con precisione al metro
- dove va (tracciamento del percorso)
- che ogni utente viene profilato
- che i dati sono condivisi con Google, Facebook, Gigya
E' simpatico che i tracker siano aumentati dalla versione precedente a quest'ultima . . .
Sarebbe interessante sentire cosa ne pensa il #DPO di Radio24.
Sarebbe interessante sentire cosa ne pensa il #DPO di Radio24.
The Italian Foreign Ministry published an APP for safe travels #ViaggiareSicuri #Dovesiamonelmondo.
A very good idea, carried out with some data protection concerns.
The app has 3 trackers, 32 permissions.
It is a lot of data sharing and the privacy has errors and lack info.
A very good idea, carried out with some data protection concerns.
The app has 3 trackers, 32 permissions.
It is a lot of data sharing and the privacy has errors and lack info.
websites related to this services has more #dataprotection issues:
viaggiaresicuri.it
- NO SAFETY HEADERS
- NO HTTPS
- Google Analitics cookies
- 135 requests (36 insecure), many of them can be easily avoided.
- The server itself is located in USA
- privacy notice is lying
viaggiaresicuri.it
- NO SAFETY HEADERS
- NO HTTPS
- Google Analitics cookies
- 135 requests (36 insecure), many of them can be easily avoided.
- The server itself is located in USA
- privacy notice is lying
dovesiamonelmondo.it
NO SAFETY HEADERS
10 requests to 6 unique hosts.
Less than viaggiaresicuri, but a lot worst!
NO SAFETY HEADERS
10 requests to 6 unique hosts.
Less than viaggiaresicuri, but a lot worst!
1/2 In Rome's main train station, information display shows a huge cctv as a good news. The free Wi-Fi is also present as a goodies.
I'm not really happy with both and i'm surprised because there is no privacy info associated to these signs. #GDPR
I'm not really happy with both and i'm surprised because there is no privacy info associated to these signs. #GDPR
2/2 Other infos are related to gate checks, dae and police presence, but the focus is safety and security. Why data protection is not even quoted in information display? Maybe the answer is "Who cares except a dpo?"
#dpo #gdpr #privacy #surveillance
#dpo #gdpr #privacy #surveillance
3/ In Milan Main railway station there are the same commercials. CCTV are 340 only! ...so I feel less safe than in Rome? I don't think so. I don't rely on cctv for my safety.
1/4 Italian DPA confirmed today that the brand new website for the Italian Income Support is not #GDPR compliant.
Furthermore, the DPA rises many concerns regarding the whole legal framework and data processing scheme that undermines the possibility to run #redditodicittadinanza
Furthermore, the DPA rises many concerns regarding the whole legal framework and data processing scheme that undermines the possibility to run #redditodicittadinanza
2/4 Regarding website for new Income Support :
no privacy notice,
unfair data sharing with google and MS,
need for more data protection and privacy by design
data processors management
no privacy notice,
unfair data sharing with google and MS,
need for more data protection and privacy by design
data processors management
3/4 Regarding the legal framework and the decree itself:
data proliferation
excessive data processing
data sharing out of control
several legal violations
wrong legal basis for processing
several violations of third parties privacy
no privacy by design
no DPA prior consultation
data proliferation
excessive data processing
data sharing out of control
several legal violations
wrong legal basis for processing
several violations of third parties privacy
no privacy by design
no DPA prior consultation
The #EDPB published the *long awaited* draft #GDPR Territorial Scope #Guidelines today, which also have a section dedicated to the “legal representative” issue. Some takeaways below ⬇️ Thread time 1/14 edpb.europa.eu/sites/edpb/fil…
An “establishment” of a non-EU entity in the EU doesn't require a registered branch/subsidiary. Any stable arrangements will be taken into account 4 data protection law purposes.But merely the fact that the company’s website is accessible from the EU is not an "establishment"2/14
A processor in the EU is not deemed to be an “establishment” of the non-EU controller in the EU. The existence of the controller-processor relationship does not trigger the application of the #GDPR to the non-EU controller 3/14
New email #fraud masked as data subject right of #access: It changes text and is from many languages, from different sender and different domains. The links changes and it is just an old school email #grabbing. It just look for #DPO email and is related to #GDPR.
Are the DPO the best victim for an illicit email grabbing action? Are we so dumb?
2- Here some email that I have received in the last days. The first png is the landing page where you can see further details. Il looks funny to DPO.
