Included in this issue of Data & Privacy News: UK Government signs Council of Europe Convention 108 in Strasbourg; Report reveals 37 incidents of data breach by the Ministry of Defence in 2017 and Facebook reduces number of uses affected by data breach following investigation


UK Government signs Council of Europe 108 in Strasbourg

The UK Government has become one of the first signatories to the modernised version of the Council of Europe's Convention 108.

Originally adopted by members of the Council of Europe in 1981, the Convention is the only legally binding international agreement on data protection. It is open to all countries that meet the required standards and that want to show a commitment to robust data protection rules. 

The modernised Convention, which comes into force following ratification by at least 5 member states, will increase protections for individuals' personal data, strengthen transparency and accountability and require countries to notify any security breaches. 

Report reveals 37 incidents of data breach by Ministry of Defence in 2017

A report by Sky News has revealed that the Ministry of Defence and its partners were exposed to 37 incidents of cyber security breaches in 2017 when they failed to protect military and defence data.

Reports were censored to conceal the outcome of the security incidents, however those uncovered include information labelled with the 'SECRET' classification, which was left at risk to physical operations in which spies could have accessed them and data exposed to nation-state level cyber risks.

Facebook reduces number of users affected by data breach following investigation

Facebook has cut the number of affected users reported in the September data breach from 50 million to 29 million, after investigators reviewed activity on accounts that may have been accessed.

The social media platform will be contacting affected users over the coming days to inform them of any information that was stolen. 

Of the 29 million users, 14 million had their profile details such as birth dates and recent search history taken, whilst the other 15 million were limited to name and contact details. 

Cyber security experts have warned that the stolen information may be used to target phishing scams. 

Key contacts

Helena Brown

Helena Brown

Partner, Head of Data
Edinburgh, UK

View profile
Ross McKenzie

Ross McKenzie

Partner, Commercial Services
Aberdeen

View profile