fbpx

Download free GDPR compliance checklist!

Tag Archives for " compliance "

Research reveals that most websites are not compliant with GDPR and ePrivacy Directive

Research has found that only 11.8% of consent management platforms (CMPs) meet the minimal requirements under GDPR and Europe’s eDirective regulations regarding cookies and consent.

A study conducted by researchers at MIT CSAIL, Denmark’s Aarhus University and University College London, analysed how prevalent CMP designs impact people’s consent choices.

Full article: #Privacy: Research reveals that most websites are not compliant with GDPR

Cookie consent tools are being used to undermine EU privacy rules

Most cookie consent pop-ups served to internet users in the European Union — ostensibly seeking permission to track people’s web activity — are likely to be flouting regional privacy laws, a new study by researchers at MIT, UCL and Aarhus University suggests.

“The results of our empirical survey of CMPs [consent management platforms] today illustrates the extent to which illegal practices prevail, with vendors of CMPs turning a blind eye to — or worse, incentivising — clearly illegal configurations of their systems,” the researchers argue, adding that: “Enforcement in this area is sorely lacking.”

Full article: Cookie consent tools are being used to undermine EU privacy rules, study suggests | TechCrunch

ICO Delays British Airways and Marriott GDPR Fines

Further to the publication of the ICO’s notices of intention to fine British Airways and Marriott in July 2019, the ICO has recently issued a statement delaying the issuance of both GDPR fines which had originally been expected by the end of 2019.

The ICO’s initial notices of intention to fine had stated that British Airways would face a fine of £183m ($228m) and Marriott, a fine of £99m ($123m). ICO will now have until March 31, 2020 to finalize the penalties imposed on both British Airways and Marriott, which were the result of two high-profile data breaches and subsequent ICO investigations.

Source: ICO Delays British Airways and Marriott GDPR Fines

CES 2020: The hottest product is privacy

Several of the biggest tech companies attending CES, the closely watched trade show in Las Vegas this week, are putting a special emphasis on user privacy.

Google announced on Tuesday that it has added two new voice commands for people to better control their privacy when using its voice assistant. Facebook announced a new version of its “Privacy Checkup” tool with the goal of walking users through their key privacy settings. Ring, the home security and video doorbell company owned by Amazon, announced an update to its app.

Apple is also returning to CES this year for the first time since former CEO John Sculley debuted the Newton personal digital assistant in 1992. But the company isn’t at the show to unveil a new product. It’s coming to talk privacy.

Source: CES 2020: The hottest product is privacy – CNN

Most companies not yet compliant with CCPA

The California Consumer Privacy Act (CCPA) became effective on January 1, 2020, but according to major news sources most companies are not yet compliant or prepared for the impact CCPA will have.

The use of third-party data is threatened by the CCPA as it will greatly affect what data can be used for targeting purposes. This means first-party data still reigns supreme and for brands, managing customer relationships is more important now than ever before.

Source: #Privacy: Most companies not yet compliant with CCPA

First Ever UK GDPR Penalty is €325k for London Pharmacy

The first ever General Data Protection Regulation (GDPR) penalty in the United Kingdom has been sanctioned against a London-based pharmacy by the Information Commissioner’s Office (ICO).

ICO has fined Doorstep Dispensaree €325,000 (UK£275,000) by the Information Commissioner’s Office (ICO) in relation to its ‘cavalier attitude to data protection’. This decision was taken after it was discovered that that Burnt Oak Broadway, Edgware based pharmacy placed 500,000 medical documents that included sensitive information in unsecured and unlocked containers, disposal bags and in a cardboard box.

Source: First Ever UK GDPR Penalty is €325k for London Pharmacy – Compliance Junction

Twitter and Microsoft show data privacy is moving from sticking point to selling point

A couple of tech heavyweights are making data privacy part of their branding, hoping to stay ahead of regulations.

Twitter thinks a strong position on data privacy could be advantageous. Distrust of social media platforms has never been so widespread, and in the current environment, it’s not crazy to decide that winning on trust can make a real long-term difference to user numbers and bottom line. Microsoft is another heavyweight positioning itself to benefit from a commitment to user data privacy.

Full article: Twitter and Microsoft show data privacy is moving from sticking point to selling point | VentureBeat

European tech regulator despairs over lack of enforcement

The world’s toughest privacy law proves toothless in the eyes of many critics.

More than 18 months after the European Union began implementing the world’s toughest privacy law, the bloc’s ability to rein in Big Tech is increasingly in doubt amid growing frustration over a lack of enforcement actions and weak cooperation on investigations.

side from a €50 million fine that France’s privacy regulator imposed on Google in January, there have been no fines or remedies levied at a U.S. giant since the GDPR came into effect. And the two nations most directly responsible for policing the tech sector — Ireland and Luxembourg, where the largest tech firms have their European headquarters — have yet to wrap up a single investigation of any magnitude concerning a U.S. firm.

Full article: ‘We have a huge problem’: European tech regulator despairs over lack of enforcement – POLITICO

Brazil fines Facebook $1.6 million over improper data sharing

Brazil announced that it had fined Facebook $1.6 million over improperly sharing user data with Cambridge Analytica.

In issuing the fine, the Department of Consumer Protection said the data of 443,000 Facebook users was “misused” by developers of the Facebook app “thisisyourdigitallife.”

The agency ruled the data was used “for questionable purposes and without the represented parties being able to demonstrate any modifying fact that that number was actually smaller.”

Source: Brazil fines Facebook $1.6 million over improper data sharing | TheHill

U.S., EU Enforcers Target Big Tech, Children’s Privacy in 2020

European and U.S. regulators are likely to ramp up enforcement of privacy laws this year, especially children’s privacy, and wrap up probes of big technology companies.

The scrutiny creates a risk for tech companies, including Facebook and Google, that regulators will seek fines or force changes in how they process data as children flock to their platforms.

Source: U.S., EU Enforcers Target Big Tech, Children’s Privacy in 2020 (1)

>