fbpx

Download free GDPR compliance checklist!

Tag Archives for " ePrivacy "

Google Faces Complaint in France Over Android Advertising Tool

Google’s Android advertising tool is the target of a complaint in France by privacy activist Max Schrems, accusing the tech giant of violating European Union rules by failing to get users’ consent.

Google’s software creates an advertising identifier on people’s phones without their knowledge, Noyb, a group set up by Schrems, said in a statement on Wednesday. The complaint was filed with France’s data protection watchdog CNIL.

Source: Google Faces Complaint in France Over Android Advertising Tool – Bloomberg

EU’s Vestager has ‘reservations’ about online privacy proposals

Margrethe Vestager, the executive vice-president of the European Commission, said on 19 March that she has “reservations” about a proposal from the Portuguese EU Presidency to unblock negotiations on the ePrivacy regulation.

“We have some reservations about the Council agreement because it seems that part of that agreement [based on a proposal from Portugal] is not fully in line with the General Data Protection Regulation and for us it is very important that the two laws are aligned,” she said.

Vestager stressed that “it would become a very confusing situation if there was a General Data Protection Regulation and ePrivacy legislation without the two laws being aligned.

Source: EU’s Vestager has ‘reservations’ about online privacy proposals – EURACTIV.com

French data protection watchdog casts doubt on Apple’s privacy compliance

Apple has put privacy at the heart of its sales pitch to users, but an internal document from France’s data regulator suggests the iPhone maker’s own targeted advertising practices may be problematic.

According to the 13-page confidential note seen by POLITICO, France’s CNIL data protection authority cast doubt on Apple’s compliance with EU privacy rules. Last week, the country’s competition authority ruled in Apple’s favor in a case over its new anti-tracking tool.

“Apple’s advertising processing requires consent when it involves reading or writing data on the user’s device,” the CNIL wrote. “Apple’s practices suggest a lack of consent collection.”

Source: French data protection watchdog casts doubt on Apple’s privacy compliance – POLITICO

Google Will Not Run FLoC Origin Tests In Europe Due To GDPR Concerns

Google will not make FLoC-based cohorts available for testing in countries where GDPR and the ePrivacy Directive are in effect. At least for now.

During a meeting of the Improving Web Advertising Business Group (IWABG) at the World Wide Web Consortium on Tuesday, Michael Kleber, a Google engineer, acknowledged that FLoCs might not be compatible with European privacy law.

Specifically, Google will not proceed with FLoC testing in Europe due to concerns over which entity will serve as the data controller and which will serve as the data processor in the creation of cohorts.

Source: Google Will Not Run FLoC Origin Tests In Europe Due To GDPR Concerns (At Least For Now) | AdExchanger

EU ministers want EU-wide data retention.

The great majority of EU justice ministers on March 15 once again called a new Europe-wide collection of traffic and location data of the entire population (data retention).

In the course of the ePrivacy reform, the EU Council wants to create legal loopholes in order to circumvent several rulings of the Court of Justice on the disproportionality of such data retention. Justice Commissioner Reynders said that the EU Commission first wanted to set out what would be possible according to the ECJ rulings. After that it remained to be seen whether a common position can be found.

Source: EU ministers want EU-wide data retention. Breyer: Never again surveillance state! | European Pirate Party

ePrivacy Regulation update: Comparison of the three EU drafts

On 10 February 2021, the Council of the European Union (Council) agreed its negotiating mandate for the proposed Regulation on Privacy and Electronic Communications (ePR), which will replace the current ePrivacy Directive 2002/58/EC (ePD).

The European Parliament (EP) adopted its negotiating mandate in October 2017, based on the original proposal from the European Commission in January 2017. The European institutions will now seek to agree the final text of the ePR by means of the trilogues (insterinstitutional negotiations) process. Hogan Lovells’s article sets out the significant areas of divergence across the three proposals.

Read full article: ePrivacy Regulation update: Comparison of the three EU drafts – Hogan Lovells Engage

France seeks to bypass EU top court on data retention

In October, the Court of Justice of the European Union ruled that national data retention rules, including France’s, were not compliant with EU law, but that such schemes could be allowed in the face of serious security risks.

Now the French government has asked the country’s highest administrative court — the Council of State — not to follow the EU ruling. France said that the EU top court should not rule on matters related to security, which remains a national competence.

Source: France seeks to bypass EU top court on data retention – POLITICO

Ireland’s DPA publishes Annual Report 2020

In its second full year overseeing and regulating the GDPR in Ireland, the Data Protection Commission  (DPC) has published its 2020 Annual Report, highlighting key observations, emerging guidance, and large scale inquiries and decisions of 2020.

Primary areas of focus for the DPC in 2020 included enforcement (under both GDPR & ePrivacy), breach notifications, data transfers (including an increase in BCR applications) and increased focus on the lead supervisory authority (or ‘One-Stop Shop’) regulatory mechanism.

Full article: Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda – Privacy Matters

CJEU rules electronic communication location data must only be used in investigations of ’serious crime’

Location data drawn from electronic communications must only be used by law enforcement investigations involving ‘serious crimes’ and to prevent ‘serious threats to public security’, the European Court of Justice (CJEU) has ruled.

In its decision, the court said that, unless it’s for a serious crime or in the interest of public safety, countries are prohibited from obtaining location data under the European Union’s 2002 Privacy and Electronic Communications Directive.

Source: CJEU rules electronic communication location data must only be used in investigations of ’serious crime’ | News | GRC World Forums

EU ePrivacy Regulation takes a big leap forward to adoption

The Council of the EU has made a surprise announcement that it has approved its negotiating position on the ePrivacy Regulation (i.e. the successor to the ePrivacy Directive), which will further reform EU cookie consent and communications content and metadata rules in the EU.

The process now is that the ePrivacy Regulation will be negotiated in trilogue negotiations between the Council of the EU and the European Parliament, with the European Commission facilitating / brokering those negotiations.

Source: EU ePrivacy Regulation takes a big leap forward to adoption | Fieldfisher

1 2 3 15
>