fbpx

Download free GDPR compliance checklist!

Tag Archives for " compliance "

Irish regulator reaches preliminary decision in Twitter privacy probe

Twitter may be the first big technology firm to face a fine by the EU’s lead regulator under the region’s tougher data protection rules after it submitted a preliminary decision in a probe into the social media firm to other member states.

The Twitter ruling relates to a 2019 probe into a bug in its Android app, where some users’ protected tweets were made public. Twitter is the subject of two of the 20 other inquiries the DPC had open into big tech firms at the end of 2019.

The DPC is not commenting on the substance of the preliminary Twitter decision at this point, Deputy Commissioner Graham Doyle told Reuters.

Source: Irish regulator reaches preliminary decision in Twitter privacy probe – EURACTIV.com

As the GDPR turns 2, Big Tech should watch out for big sanctions

Get ready to see the EU’s landmark privacy regulation flex its muscles as it prepares for a fight.

The GDPR’s quiet first two years give a false impression of the impact the law has had on the global stage. The legislation has raised the EU’s profile among regulators and lawmakers around the world and inspired similar regulations in Brazil and India, as well as in California, home to many of the tech giants. Tech companies have had to change their privacy policies and disclosures not only in Europe but around the world, since it doesn’t make sense to observe two sets of privacy standards.

And industry watchers say more moves are coming. The regulators are just taking the time to make sure these sanctions stick.

Source: As the GDPR turns 2, Big Tech should watch out for big sanctions – CNET

GDPR enforcement held back by lack of resources

Enforcement of EU data privacy rules is being stifled by a lack of resources across national authorities, according to a new study published on 25 May, on the second anniversary of the EU’s landmark general data protection regulation (GDPR).

The report, published by the advocacy group Access Now, finds that due to a significant disparity in the funding of national data protection authorities, larger firms could try and use their economic wherewithal to potentially circumvent privacy provisions laid out in the GDPR.

Source: GDPR enforcement held back by lack of resources, report says – EURACTIV.com

Court Tells Grandma To Delete Photos Of Grandkids On Facebook For Violating The GDPR

Dutch court has said that a grandmother must delete photos of her grandkids that she posted to Facebook and Pinterest, because it violates the GDPR.

A mother of three underage children (plaintiff) filed a claim in the Court to cease the posting of her children’s photos by their grandmother (defendant) on social media. The plaintiff argued that the defendant had not obtained a consent from her or her ex-partner – the legal representatives of one of the children concerned.

Source: Court Tells Grandma To Delete Photos Of Grandkids On Facebook For Violating The GDPR | Above the Law

Twitter and WhatsApp could face EU data privacy sanctions

Twitter and Facebook’s WhatsApp are in the firing line as Europe’s leading privacy watchdog for US tech giants edges closer to delivering its first major sanctions under the region’s tough data-protection rules.

The Irish Data Protection Commission said on May 22 that it finalised a draft decision linked to a data breach at Twitter and has asked its peers across the European Union for their sign-off.

The regulator said it has also completed a draft decision in a probe of WhatsApp’s transparency around data sharing. The Facebook service will be asked to give its comments on any proposed sanctions before EU counterparts can weigh in.

Source: Twitter and WhatsApp could face EU data privacy sanctions – The National

NZ police used unapproved facial recognition software to search for suspects

An unapproved police trial of controversial facial recognition software conducted dozens of searches for suspects in NZ.

Police did not have any of the necessary clearance from their bosses, the government or the Privacy Commissioner to test American software Clearview AI. Police conducted a short trial between February and March, but decided not to use the technology.

Clearview, which is used by hundreds of law enforcement agencies in the United States and around the world, is effectively a searchable database of billions of images lifted from the internet that can easily identify people once their photos are uploaded.

Source: Police used unapproved facial recognition software to search for suspects | Stuff.co.nz

Apple whistleblower blasts company over ‘violating fundamental rights’

Thomas le Bonniec revealed last year that while working for Apple he overheard Siri users’ private moments including drug deals and people having sex.

Although Apple apologized and suspended the program last year, le Bonniec is calling on privacy regulators to punish the tech giant. “It is worrying that Apple (and undoubtedly not just Apple) keeps ignoring and violating fundamental rights and continues their massive collection of data,” he writes.

Full article: Apple whistleblower blasts company over ‘violating fundamental rights’ – Business Insider

Norwegian DPA launches investigation into Disqus

The Norwegian data protection authority has launched an investigation into Disqus for allegedly collecting information about Norwegians through comment areas of websites without proper information.

DPA noted that in accordance with the General Data Protection Regulation (GDPR), data processing must be legal and transparent and that, in light of this, collecting data without providing prior information is problematic. DPA stated that it has sent a letter to Disqus requesting answers on the investigated practices.

Source: Requires statement from Disqus | Inspectorate

Austrian ministry could face GDPR penalty after publishing personal data online

Austrians’ personal data has been publicly accessible on the Ministry of Economy’s website since 2009. One could simply go to the website, enter a name in the search field and find a person’s address and date of birth, as well as the date of tax returns.

The liberal party NEOS and NGO epicenter.works call it the “biggest data protection scandal of the Second Republic.” NEOS is considering legal action and a GDPR expert thinks it could be successful.

Source: Austrian ministry could face GDPR penalty after publishing personal data online – EURACTIV.com

Google’s Coronavirus Test Sites May Be Scooping Up People’s Sensitive Information

In the two months since Verily rolled out the testing sites in California, advocates and lawmakers have been warning the Alphabet subsidiary may not be in compliance with California’s strict new privacy law that requires companies to give detailed, clear information to consumers on what kind of information it’s collecting.

Mary Stone Ross, an Oakland-based consumer privacy expert, said Verily is not complying with the letter of the law because it does not list on its website every category of personal information it collects from users, referencing the exact language used in the law.

More broadly problematic is the fact that there seems to be little oversight of the company. For example, the California privacy law passed in January is not going to be fully enforced until July.

Source: Google’s Coronavirus Test Sites May Be Scooping Up People’s Sensitive Information – VICE

1 2 3 62
>