EU data protection
EU data protection

London marketing company fined 100,000 for making 80,000 'aggressive and unwanted' calls

Elderly and vulnerable individuals were targeted in over 1.4 million exploitative marketing calls, prompting fines and enforcement actions by the ICO. [ more ]

gdpr

Iapp

1 day ago

IAB Europe responds to EDPB opinion on pay or consent

IAB Europe criticized EDPB for creating legal uncertainty and making abstract assumptions about personalized advertising. [ more ]

TechCrunch

Adtech giants like Meta must give EU users real privacy choice, says EDPB | TechCrunch

Adtech giants like Meta may face regulatory challenges with 'consent or pay' models under GDPR guidelines. [ more ]

www.euractiv.com

EU data protection body says Meta's 'pay or OK' model is not OK

The European Data Protection Board opposed Meta's 'pay or okay' business model as non-compliant with EU data privacy rules. [ more ]

TechCrunch

EU privacy body adopts view on Meta's controversial 'consent or pay' tactic | TechCrunch

Meta faces pressure to reform its surveillance advertising model in Europe due to EU data protection regulations. [ more ]

Iapp

EDPB to address 'pay or consent' at next plenary

The European Data Protection Board will discuss Meta's advertising subscription model and enforcement of GDPR. [ more ]

TechCrunch

As AI accelerates, Europe's flagship privacy principles are under attack, warns EDPS | TechCrunch

Industry lobbyists are attacking key principles of the GDPR like minimization and purpose limitation.

The upcoming elections in the EU could result in a shift in the approach towards data protection laws, potentially impacting the high standard of data protection in the bloc. [ more ]

moregdpr

Future of Privacy Forum

1 day ago

Maryland Online Data Privacy Act Goes to Governor Wes Moore

On April 6, the Maryland Senate concurred with House amendments to SB 541, the Maryland Online Data Privacy Act (MODPA), sending the bill to Governor Moore for signature.

Queerty

1 day ago

Here's why hundreds of Grindr users in the UK are suing the app

Lawsuit against Grindr in the UK for sharing sensitive user data with third parties without consent. [ more ]

www.theguardian.com

2 days ago

Minister urges MPs and peers to back Rwanda bill as likely final day of debate begins

Government pressing for unamended passage of the Rwanda bill despite opposition attempts for changes in asylum scheme. [ more ]

data-protection

Iapp

A view from Brussels: Behavioral advertising is an unstoppable current

Large online platforms may struggle to comply with requirements for valid consent if only offering a choice between data processing for advertising or paying a fee. [ more ]

Engadget

EU criticizes Meta's 'privacy for cash' business model

The European Data Protection Board (EDPB) emphasizes that people should not have to choose between giving their data or paying for privacy on major online platforms. [ more ]

Iapp

Thoughts on behavioral advertising, Meta and privacy

Targeted advertising criticism leads to legal challenges for companies like Meta. [ more ]

Iapp

EDPS presents annual report

Emphasis on adaptability in digital and regulatory advancements for 2023

Need for human-centric policies in AI development for privacy and data protection [ more ]

Iapp

IAPP GPS 2024: Localization, adequacy define current data transfer landscape

Data localization requirements are a key barrier to international data transfers.

Localization requirements vary across jurisdictions based on policy rationales. [ more ]

iapp.org

EU parliamentary elections: The process and potential digital policy impacts

EU Elections in June 2024 will impact the European Commission and Council of the EU.

IAPP Managing Director analyzes how EU elections will influence digital policy matters. [ more ]

moredata-protection

Iapp

Will the EU AI Act work? Lessons learned from past legislative initiatives, future challenges

The EU AI Act, a pioneering legislation, merges technical product safety with fundamental rights protection, sparking debates on its effectiveness and uniqueness. [ more ]

Investing.com Australia

5 days ago

european-data-protection-board

EU Regulators criticise Meta's subscription model, citing "binary choice" By Proactive Investors

EDPB and EU Court reject Meta's ad-free subscription model for tracking users without true consent. [ more ]

@micshasan

...

Iapp

EDPB opinion on legality of pay-or-consent models in EU GDPR context

Large online platforms' pay-or-consent models may not comply with GDPR consent requirements. [ more ]

Iapp

EDPB opinion on legality of pay-or-consent models in EU GDPR context

Large online platforms' pay-or-consent models may not comply with GDPR consent requirements. [ more ]

TechCrunch

Meta's 'consent or pay' tactic must not prevail over privacy, EU rights groups warn | TechCrunch

Civil society groups urge EDPB not to endorse Meta's 'consent or pay' tracking tactic bypassing EU privacy regulations. [ more ]

Iapp

moreeuropean-data-protection-board

Norway's DPA monitoring testing of publisher's consent solution

Datatilsynet monitoring Schibsted's consent solution testing

Wait for EDPB decision on pay-or-consent model [ more ]

Theregister

EU tells Meta it can't paywall privacy

Large online platforms should not give users a binary choice between paying for service or consenting to personal data use for targeted advertising. [ more ]

ComputerWeekly.com

Lords to challenge controversial DWP benefits bank account surveillance powers | Computer Weekly

Members of the House of Lords are pushing back against new legislation giving the DWP power to monitor bank accounts for benefit recipients without suspicion of wrongdoing. [ more ]

Iapp

EU questions DSA compliance of TikTok Lite

The European Commission requested a risk assessment from TikTok for compliance with the Digital Services Act. [ more ]

Iapp

Corrected text of EU AI Act released

The corrigendum of the EU Artificial Intelligence Act has been released.The document corrects and clarifies language in the act and is required before it can fully come into effect.

Iapp

IAF looks to the privacy industry's future

Denham emphasizes the need for privacy industry professionals to broaden assessments and think creatively to navigate evolving challenges. [ more ]

Data Matters Privacy Blog

EU Formally Adopts Cyber Law for Connected Products | Data Matters Privacy Blog

The EU Parliament passed the EU Cyber Resilience Act (CRA) to ensure connected products are resilient against cyber threats and comply with essential cybersecurity requirements. [ more ]

Iapp

ICO seeks input on accuracy of generative AI

The U.K. Information Commissioner's Office is soliciting feedback on the impact of accurate training data on AI models to avoid misinformation. [ more ]

iapp.org

A view from Brussels: All eyes on viable US federal privacy bill

The American Privacy Rights Act (APRA) is a bipartisan federal privacy bill with increased odds of success. It aims to preempt state privacy laws and introduce a private right of action. [ more ]

Iapp

European Parliament agrees to new GDPR procedural rules

New procedural rules adopted by European Parliament.

Harmonizing data flows among EU member states and enhancing cooperation of data protection authorities. [ more ]

Iapp

Netherlands' DPA reminds entities to report data breaches

The Autoriteit Persoonsgegevens handled over 25,000 data breach reports impacting 20 million individuals in 2023.

Institutions are mandated to notify individuals if their data is potentially compromised in a cyberattack. [ more ]

Privacy International

The EU Migration Pact: a dangerous regime of migrant surveillance

The New Pact on Migration and Asylum expands criminalisation and digital surveillance of migrants.

The Pact normalizes immigration detention, increases racial profiling, enables pushbacks, and returns individuals to risky countries. [ more ]

Iapp

The 1974 film 'The Conversation' highlights surveillance concerns today

The film 'The Conversation' remains relevant today due to the surprising acceptance of modern surveillance levels.

The information the main character in the film works to uncover is now freely available online. [ more ]

Privacy International

PI seeks to inform report on AI and racial discrimination of the UN Special Rapporteur on racism

AI applications can promote human rights if implemented responsibly.

There is evidence of AI applications having a detrimental impact on human rights and exacerbating existing inequalities and discriminatory practices. [ more ]

ComputerWeekly.com

Greek government fined over AI surveillance in refugee camps | Computer Weekly

The Greek Ministry of Migration and Asylum received a hefty fine for violating data protection rules in deploying surveillance systems at refugee camps.

The Centaur and Hyperion systems were found to breach GDPR regulations, with concerns raised about backpedaling into compliance after implementation. [ more ]

Iapp

CNIL publishes first AI data protection recommendations

France's data protection authority issues recommendations for AI use and data protection compliance.

Focus on legal and technical aspects including a legal basis for processing personal data with AI and testing reuse of data. [ more ]

@micshasan

...

Iapp

A view from Brussels: Privacy professionals face 'complex future'

The 'Brussels effect' in global privacy regulations was a key focus at the IAPP Global Privacy Summit 2024.

Challenges and uncertainties persist for organizations trying to navigate new data-governance legislation and its implications. [ more ]

Iapp

IAPP GPS 2024: Looking toward AI enforcement future

Preliminary enforcement actions have impacted AI companies.

The EU GDPR heavily influences AI regulation and enforcement globally. [ more ]

Iapp

A view from Brussels: Privacy professionals face 'complex future'

The 'Brussels effect' in global privacy regulations was a key focus at the IAPP Global Privacy Summit 2024.

Challenges and uncertainties persist for organizations trying to navigate new data-governance legislation and its implications. [ more ]

Iapp

France looks to expand Intelligence Law

French Parliament supports bill expanding Intelligence Law for 'foreign influence' surveillance.

Privacy experts raise concerns about lack of transparency in surveillance algorithms. [ more ]

Iapp

Security community mourns the death of Ross Anderson

Ross Anderson was a pioneer in security economics, emphasizing the social and economic responsibility of security and privacy operations.

Anderson highlighted the need to rethink privacy protection strategies in the face of advancing technologies and large database designs. [ more ]

Iapp

IAPP GPS 2024: Organizations, regulators face growing digital governance complexity

Privacy professionals and regulators are urged to play a more significant role in addressing challenges in the digital landscape.

The focus is shifting towards a comprehensive concept of digital governance, encompassing personal data, AI, surveillance, cybersecurity, and more. [ more ]

euronews

Is the credibility of the European institutions at stake?

European institutions facing credibility issues due to corruption scandals and doubts about upholding democratic values.

Efforts to address reputation issues through an ethics body and rule changes are deemed insufficient by experts. [ more ]

London Business News | Londonlovesbusiness.com

Why is Apple falling so much?

Apple fined 1.84 billion euros by EU for hindering rival music streaming services from informing users about cheaper options outside App Store.

EU emphasizes fair competition, fines Apple for violating competition laws by abusing dominant market position. [ more ]

Iapp

German Ministry announces Health Data Use Act enactment

Iapp

IAPP publishes seventh edition of 'Privacy Law Fundamentals'

Solove and Schwartz published 7th edition of 'Privacy Law Fundamentals'.

The book covers key provisions, leading cases, agency enforcement actions. [ more ]

Iapp

Finland's DPA issues guidance on the positive credit information register

The Office of the Data Protection Ombudsman in Finland issued guidance on the positive credit information register.

Residents in Finland cannot refuse the processing of their data or request its deletion in the positive credit information register. [ more ]

Privacy International

GPS tagging of migrants UNLAWFUL, UK authority finds after PI complaint

The UK's Data Protection Authority found the GPS tagging of migrants arriving via irregular routes unlawful.

The complaint was based on extensive anonymous testimonies highlighting the negative impact of tagging on individuals' privacy, family life, and health.

The Information Commissioner's Office issued an Enforcement Notice and formal warning to the UK's borders and immigration ministerial department. [ more ]

Privacy International

Key highlights of our results from 2023

Privacy International challenges companies to change business practices

PI contributed to significant impact through challenging governments and corporations. [ more ]

Iapp

IAPP launches 2024 Governance Survey

Privacy landscape is evolving rapidly, impacted by new laws, enforcement, and technological advancements.

Compliance and good governance are vital and interconnected, but fiscal and organizational constraints add complexity to organizations in addressing compliance burdens. [ more ]

Iapp

Google to delete user data to settle 'incognito' privacy lawsuit

Google will delete data from incognito browsing due to a U.S. lawsuit settlement.

Users will be able to block third-party cookies by default in Incognito mode. [ more ]

euronews

Does the European Union have the resources to match its ambitions?

Calls for EU institutional reform are increasing.

Enlargement and contemporary challenges driving EU reform discussions. [ more ]

Iapp

Microsoft gives privacy commitments to Azure OpenAI Service, Copilot users

Customers' data privacy commitments discussed for Azure OpenAI Service and Copilot

Maintaining control and access controls integration emphasized for organizational data [ more ]

Iapp

A view from Brussels: EDPS sends signal on data transfers

The European Data Protection Supervisor issued orders against the European Commission related to data flows with Microsoft 365 outside the EU/EEA.

Corrective measures include Microsoft ensuring data disclosure compliance with EEA standards. [ more ]

Iapp

futureofprivacy 3 weeks ago

CNIL opens public consultation for MFA under GDPR

The CNIL opened a public consultation for complying with GDPR on MFA.

Data controllers need to understand the necessity and compliance principles of MFA. [ more ]

Is your organization building experiences in virtual worlds? Learn what lessons to keep in mind. 🤖🚨

Take a deeper dive into lessons learned from recent FTC actions, guidance on #youthprivacy, safety, & #advertising in immersive spaces in FPF’s brief: https://t.co/xccfYBFLCo

Future of Privacy Forum

Youth Privacy in Immersive Technologies - Future of Privacy Forum

Companies are expanding into virtual spaces for brand experiences and products, collecting more data and raising risks for young people.

FTC and self-regulatory bodies are focusing on privacy, safety, and advertising regulations in immersive spaces. [ more ]

Iapp

European Commission concludes DMA workshops

Iapp

International Association of Privacy Professionals

Iapp

Global AI Governance Law and Policy: Jurisdiction Overviews

Jurisdictions worldwide are developing AI governance laws to address risks and opportunities

IAPP provides resources and community engagement for AI governance professionals [ more ]

gcluley 3 weeks ago

In October 2023, the British Library suffered "one of the worst cyber incidents in British history."

It has now published a detailed, transparent report into what happened - with great advice for other organisations tackling a ransomware attack.

https://t.co/Br6Yn27DC2

Exponential-e Ltd.

1 month ago

Ransomware: lessons all companies can learn from the British Library attack

The British Library faced a major cyber incident with data encryption and exfiltration by Rhysida ransomware gang.

British Library refused to pay ransom, emphasizing adherence to the UK's policy against such payments. [ more ]

Iapp

Evolving privacy law 'exciting' for IAPP Westin Scholar

Regulation often lags behind technology advancements, creating a patchwork of privacy laws.

Opportunity for professionals from various sectors to collaborate on privacy law evolution. [ more ]

Iapp

DSA, electronic ID wallets take priority in EU children's privacy work

Telecommunications ministers prioritize Digital Services Act and digital identity wallets

Focus on online protection for children and young adults [ more ]

EFDPO - European Federation of Data Protection Officers

1 month ago

EFDPO Conference. 28 & 29 May 2024, Berlin * EFDPO - European Federation of Data Protection Officers

The event covers topics such as enforcement actions on DPOs, GDPR toolbox for controllers, and EU cybersecurity regulations.

Experts like Thomas Spaeing, Erwin Rigter, and Dr. Christoph Bausewein will share insights on data protection, GDPR, and cybersecurity. [ more ]

Iapp

UK, US sanction alleged hackers for role in 14-year campaign

Alleged Chinese state-backed hackers indicted for 14-year campaign targeting foreign entities.

U.S. and U.K. governments issue sanctions against alleged hackers and their front company. [ more ]

ComputerWeekly.com

Ransomware gang leaks data stolen from Scottish NHS board | Computer Weekly

Inc Ransom claimed to have stolen three terabytes of data from NHS Scotland, including sensitive medical reports and patient letters.

NHS Dumfries and Galloway acknowledged a cyber attack, with a small data dump disclosed and ongoing efforts to limit any data sharing. [ more ]

www.theguardian.com

Ex-Boris Johnson ethics adviser Lord Geidt found to have broken Lords rules

euronews

Amazon needs to comply with ad database under platform rules; court

The EU's highest court rejected interim measures requested by Amazon in a case involving compliance with EU platform rules for online advertising. [ more ]

www.theguardian.com

Concern over rise in requests for UK to share intelligence despite torture risks

The number of requests for UK ministerial approval of intelligence-sharing with a real risk of torture has doubled in a year.

Critics question the effectiveness of the UK's policy on torture and call for reform. [ more ]

The Globe and Mail

Amazon loses court fight to suspend EU tech rules' ad clause

EU court rejects Amazon's request to suspend online advertising requirement under DSA.

Balancing of EU interests over Amazon's material interests in tech rules. [ more ]

www.theguardian.com

You've got to be joking': Mandelson dismisses prospect of UK rejoining EU

Peter Mandelson dismisses return to EU

Focus on building closer ties with the EU [ more ]

TechCrunch

Amazon will have to publish an ads library in EU after all | TechCrunch

Amazon must provide ad transparency information publicly.

EU's highest court rules against Amazon's challenge to DSA designation. [ more ]

Theregister

Qilin says it attacked The Big Issue, leaked sensitive data

Iapp

IAB seeks streamlined adtech privacy compliance with Diligence Platform

Iapp