Download free GDPR compliance checklist!

Tag Archives for " compliance "

Employers accused of abusing EU data privacy rules to hinder trade unions

The EU’s General Data Protection Regulation (GDPR) is being misused by employers across Europe as trade unions are denied access to information required to recruit and organise workers, a new study has found.

The trends highlighted in ETUC’s report bring to light the recent challenges for trade unions to mobilise their networks as a result of workplaces refusing access to employee data under the pretext that it is forbidden by the GDPR. In this vein, the report brings to attention cases in a range of EU member states including Spain, Luxembourg and Belgium.

Source: Employers accused of abusing EU data privacy rules to hinder trade unions – EURACTIV.com

Brave files GDPR complaint against Google 

Brave has filed a GDPR complaint v Google for infringing the GDPR “purpose limitation” principle. Enforcement would be tantamount to a functional separation of Google’s business.

The purpose limitation principle requires that organizations must scrupulously ring fence data for specific purposes. These purposes must be made clear, and be very specific. However, Google’s purposes are so vaguely defined as to have no meaning or limit. The result is an internal data free-for-all that infringes the GDPR’s purpose limitation principle.

Source: Formal GDPR complaint against Google’s internal data free-for-all

CNIL Unveils 2020 Inspection Strategy and Announces Cookie Investigations

On March 12, 2020, the French Data Protection Authority (the “CNIL”) released its annual inspection strategy for 2020.

The CNIL carries out approximately 300 inspections every year. These inspections are initiated (1) following complaints lodged with the CNIL; (2) in light of current topics in the news; (3) after the CNIL has adopted corrective measures ( e.g. , formal notices, sanctions) in order to verify whether the organization in question adopted the measures or remedied the situation; and (4) as part of the CNIL’s annual inspection strategy.

Source: CNIL Unveils 2020 Inspection Strategy and Announces Cookie Investigations

France issues first legal decision on facial recognition

The Administrative Court (TA) of Marseille has made its decision regarding the use of facial recognition technology at two French high schools.

In a hearing before the TA, with La Quadrature du Net, The Human Rights League, the FCPE and CGT Educ’Action des Alpes Maritimes, the installation of a facial recognition system at the entrance of two French high schools were discussed.

TA ruled against the installation of the technology, stating that its deployment violated the EU General Data Protection Regulation (GDPR), as students were not able to provide consent “to the collection of personal data in a free and informed manner.”

Additionally, the court ruled that the technology was a disproportionate measure to manage the high school, especially with other alternative measures being available and less detrimental to students’ rights.

Source: #Privacy: France issues first legal decision on facial recognition

Adtech giant Criteo is being investigated by France’s data watchdog

Adtech giant Criteo is under investigation by the French data protection watchdog, the CNIL, following a complaint filed by privacy rights campaign group Privacy International.

Privacy International has been campaigning for more than a year for European data protection agencies to investigate several adtech players and data brokers involved in programmatic advertising.

Source: Adtech giant Criteo is being investigated by France’s data watchdog | TechCrunch

Swedish Data Inspectorate investigates Clearview AI

Swedish supervisory authority – Datainspektionen – is conducting an investigation on possible use of facial recognition technology provided by US company Clearview AI by Swedish authorities.

Datainspektionen sent a number of questions to the Police, the Security Police, the Coast Guard, the Customs Administration, the Migration Agency and a number of other Swedish authorities. They want to know if any of the authorities are using Clearview AI and in such cases what legal basis they rely on.

Source: The Data Inspectorate initiates supervision on the basis of the Clearview AI – Data Inspection

Australian Watchdog launches action against Facebook

The Australian Information Commissioner has lodged proceedings against Facebook in the Federal Court, alleging the social media platform has committed serious and/or repeated interferences with privacy in contravention of Australian privacy law.

The Commissioner alleges that the personal information of Australian Facebook users was disclosed to the This is Your Digital Life app for a purpose other than the purpose for which the information was collected, in breach of the Privacy Act 1988.

Source: Commissioner launches Federal Court action against Facebook — OAIC

Fine for processing students’ fingerprints imposed on a school

The President of the Personal Data Protection Office imposed a fine of PLN 20 000 in connection with the breach consisting in the processing of biometric data of children when using the school canteen.

The school processed special categories of data (biometric data) of 680 children without a legal basis, whereas in fact it could use other forms of students identification.

Source: Fine for processing students’ fingerprints imposed on a school

Big tech ‘procedural queries’ delay decision on first data fines

A decision by the Ireland’s data protection watchdog – Data Protection Commissioner – on whether to issue the first fines against big tech companies has been delayed by “procedural queries” raised by the firms. These include issues around company information it will share with other EU regulators.

Data Protection Commissioner Helen Dixon said the regulator’s decision-making on whether to fine big tech firms over potential data breaches has been delayed by “a lot of procedural queries” around information sharing with other EU regulators as part of the Irish regulator’s EU-wide inquiries.

Source: Big tech ‘procedural queries’ delay decision on first data fines – watchdog

Facebook isn’t sharing all off-platform data with users

Facebook is now offering users a feature that lets them see what data it has collected about their activities beyond Facebook.

But Facebook “Download Your Information” feature only gives you part of the picture. Information about advertisers uploading lists with your personal information is limited in time and prevents users from exercising their rights

Source: No, Facebook’s is not telling you everything | PI

1 2 3 60