#gdpr

#gdpr

IAB Europe criticized EDPB for creating legal uncertainty and making abstract assumptions about personalized advertising. [ more ]

Data Protection Commission of Ireland participating in EDPB's 2024 Coordinated Enforcement Framework on right of access under GDPR.

Questionnaire to 30 data controllers in Ireland as part of a larger EEA-wide effort on EDPB access guidelines. [ more ]

Over 17,000 data breach notifications received by CNIL since 2018

Half of the violations reported within 10 hours. [ more ]

The AEPD temporarily suspended Worldcoin due to concerns about biometric data.

The Madrid High Court declined to grant an injunction, prioritizing public interest. [ more ]

ICO opens consultation on 'consent or pay' models

Importance of understanding 'consent' in 'consent or pay' models [ more ]

Popup solicitations for targeted ads in Europe count as personal information.

Real-Time Bidding (RTB) conflicts with GDPR and ePrivacy Directive. [ more ]

Complaints filed against Meta's 'pay or OK' model by European Consumer Organisation members.

Complaints will be consolidated by data protection authorities and referred to Ireland's Data Protection Commission. [ more ]

Consumer groups in the EU are using data protection law to challenge Meta's 'fake choice' between paying or consenting to data collection.

Noyb and BEUC are leading the legal complaints against Meta for violating EU data protection regulations by not allowing users to freely give consent for data processing. [ more ]

Organizational policies for GDPR compliance included in TechRepublic Premium bundle.

Bundle available for $29 with a combined value of $134 or free with Premium subscription. [ more ]

Meta accused of creating 'smokescreen' with ad-free tier for a fee

Consumer groups criticize Meta for collecting 'gargantuan' amounts of data [ more ]

Consumer groups file complaints against Meta for illegal data collection through subscription model.

Meta's 'Subscription for no ads' aimed at compliance with EU regulations. [ more ]

Meta Platforms Inc. facing complaints in Europe for data collection without proper consent

Consumer organizations accusing Meta of violating GDPR by offering ad-free versions for a fee [ more ]

Helen Dixon is leaving her role as the Irish Data Protection Commissioner after 10 years.

Dixon's legacy includes her principled approach, strategic enforcement, and global impact in transforming the DPC. [ more ]

The European Parliament is expected to vote on the Artificial Intelligence Act in spring.

The AI Act includes a debiasing exception to the ban on using sensitive data under the General Data Protection Regulation. [ more ]

GDPR led EU firms to reduce data storage and processing, making them less data-intensive.

Compliance with GDPR increased data costs by an average of 20%, impacting data-intensive industries more. [ more ]

EU debate over 'pay or OK' consent model under GDPR

Challenges around informed consent and opt-out options under 'pay or OK' model [ more ]

Germany's Federal Ministry of the Interior has approved a draft amendment of the Federal Data Protection Act.

The amendment includes a credit scoring regulation that prevents companies from discriminating against consumers based on certain personal information. [ more ]

Under Article 17 of the UK GDPR, individuals have the right to request the erasure of their personal data, also known as the 'right to be forgotten'.

There has been a significant increase in requests to delete personal data from the internet due to the exponential growth of data generation and the collection of personal data by companies without individuals' knowledge. [ more ]

Uber fined 10 million euros by Dutch data protection authority for failing to disclose data retention period and sharing data with non-EU countries.

Uber also accused of obstructing EU drivers' right to privacy. [ more ]

The demand for privacy professionals and privacy-focused companies is growing due to the rise of artificial intelligence and data-driven industries.

The number of LinkedIn members with privacy-related job titles has increased in the last five years, with privacy engineers and chief privacy officers seeing significant growth. [ more ]

Under the GDPR, organizations must have lawful grounds to process personal data for analytics purposes.

Data analytics can be divided into two layers: raw data and metadata. [ more ]

France's data protection watchdog fined Amazon €32 million for breaching workers' rights.

Amazon's practices included an intrusive monitoring system and illegal surveillance of employees. [ more ]

France's privacy watchdog has fined Amazon's French warehouse business 32 million euros for using an intrusive system to monitor worker performance.

The system allowed managers to track employees so closely that it resulted in multiple breaches of EU privacy rules. [ more ]

Amazon has been fined 32 million euros in France for excessive surveillance of its warehouse workers.

The CNIL found that Amazon's monitoring system, which measured interruptions in activity, led workers to have to justify each break or interruption, violating their privacy and rights. [ more ]

A credit card company in the Netherlands was fined €150,000 for failing to perform a proper data protection impact assessment (DPIA).

The company was required to perform a DPIA because the processing met two of the nine conditions set out in the EDPB Guidelines on DPIAs. [ more ]

France's data privacy watchdog, the CNIL, has fined Amazon €32 million over its employee surveillance system.

The surveillance system tracked employee inactivity and required them to justify every break or interruption. [ more ]

France's data protection authority, the CNIL, has published a draft guide for conducting transfer impact assessments (TIAs) for data transfers outside the EEA.

The guide recommends that data controllers understand the laws in the receiving country, identify any supplemental measures, and reevaluate the level of data protection needed. [ more ]

Regulatory bodies are constantly creating and revising laws that govern businesses, and it's important to have a strategy for compliance.

Non-compliance with industry regulations can result in steep fines and penalties. [ more ]

Belgium has taken over the Presidency of the Council of the European Union with a focus on protecting, strengthening, and preparing for challenges like the ongoing war at Europe's borders, climate emergency, and mistreatment of the rule of law in member states.

2024 will see the implementation of many finalized laws from the previous year, leading to a more complex data privacy and governance environment for organizations. [ more ]

Icelandic municipalities fined for data processing violations at primary schools

Persónuvernd fined five municipalities a combined ISK12.8 million over alleged data processing violations [ more ]

A group of Spanish media outlets have sued Meta for €550 million ($596 million) for violating EU privacy regulations.

The lawsuit accuses Meta of disregarding the EU General Data Protection Regulation (GDPR) and contributing to its dominant advertising position across the EU. [ more ]

A coalition of companies including American Express, Humana, IBM, Pfizer, UPS, and Walmart have launched the Data & Trust Alliance to develop standards for describing the origin, history, and legal rights to data.

Microsoft has been added as a non-voting observer to OpenAI's board, indicating its importance as an investor and a move to stabilize the organization's operations and leadership.

The disclosure of a law firm's use of AI in its workflow to clients has mixed opinions, with some legal professionals wary of disclosing specific tools used while others argue for transparency in adapting to AI technology.

Compliance of large language models with the EU's GDPR and the 'right to be forgotten' remains unclear, leaving AI companies waiting for regulatory action.

AI paired with human attorney knowledge presents unprecedented opportunities for small law firms, according to Thomson Reuters. [ more ]

Data privacy regulations are rapidly developing worldwide, with GDPR in the EU and CCPA in California leading the way.

The variety of privacy laws creates challenges for the ad industry, as they differ in requirements for data collection and opt-in/opt-out options.

Marketers face difficulties in targeting audiences, tailoring messages, and measuring ad effectiveness due to data privacy regulations. [ more ]

Consent management platforms (CMPs) are crucial for businesses striving to comply with GDPR and other privacy regulations.

CMPs balance effective marketing strategies with data privacy compliance.

CMPs allow businesses to uphold user preferences while staying compliant and create tailored marketing strategies based on ethically sourced data. [ more ]

Meta is facing a complaint for breaching European data protection law over its ad-tracking practices.

Privacy group Noyb is calling for an investigation into Meta's data processing and a fine to deter other companies from following a similar approach. [ more ]

The Brussels Privacy Symposium is an annual event that brings together policymakers, researchers, civil society, and industry representatives to discuss privacy research and scholarship.

This year's symposium focused on the EU Data Strategy Architecture and the role of the GDPR in shaping Europe's digital future. [ more ]

The UK's Information Commissioner's Office (ICO) is appealing against a tribunal's decision that it isn't authorized to fine Clearview AI for alleged privacy violations.

Clearview AI was fined £7.5 million ($9.3 million) by the ICO for unlawfully collecting UK citizens' biometric data.

The ICO believes that the law was misinterpreted and that Clearview AI should not be shielded from the scope of UK GDPR. [ more ]