fbpx

Download free GDPR compliance checklist!

Tag Archives for " EU "

EU Commission puts emphasis on encryption

The European Commission has begun taking more decisive steps toward secure, encrypted communications. But while all of these steps may be positive, not all of them are identical.

The EU has a patchy history when it comes to data leaks, so it comes as no surprise that it is attempting to enhance its level of cybersecurity. The use of Signal has mainly been adopted for normal communication outside of critical or sensitive exchanges, suggesting the EU is taking cybersecurity seriously across even the less vulnerable channels.

Full article: The story behind the Commission’s new emphasis on encryption – EURACTIV.com

Employers accused of abusing EU data privacy rules to hinder trade unions

The EU’s General Data Protection Regulation (GDPR) is being misused by employers across Europe as trade unions are denied access to information required to recruit and organise workers, a new study has found.

The trends highlighted in ETUC’s report bring to light the recent challenges for trade unions to mobilise their networks as a result of workplaces refusing access to employee data under the pretext that it is forbidden by the GDPR. In this vein, the report brings to attention cases in a range of EU member states including Spain, Luxembourg and Belgium.

Source: Employers accused of abusing EU data privacy rules to hinder trade unions – EURACTIV.com

Brave files GDPR complaint against Google 

Brave has filed a GDPR complaint v Google for infringing the GDPR “purpose limitation” principle. Enforcement would be tantamount to a functional separation of Google’s business.

The purpose limitation principle requires that organizations must scrupulously ring fence data for specific purposes. These purposes must be made clear, and be very specific. However, Google’s purposes are so vaguely defined as to have no meaning or limit. The result is an internal data free-for-all that infringes the GDPR’s purpose limitation principle.

Source: Formal GDPR complaint against Google’s internal data free-for-all

EU Presidency releases revised draft ePrivacy Regulation

The Presidency of the Council of the European Union released revised text of the proposed ePrivacy Regulation (Regulation concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications and Repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications)).

Draft ePrivacy Regulation introduces further clarifications in Recital 12 with regard to machine-to-machine and Internet of Things services. It also  modifies Articles 6 to 8.

Read the Draft ePrivacy Regulation.

 

EU DPAs Issue Green and Red Lights for Processing Health Data During the COVID-19 Epidemic

As Europe is grappling with an exponential increase in COVID-19 cases, some European Data Protection Authorities issued public interest guidance on the limits of collecting, sharing and using personal data relating to health in these exceptional circumstances.

Particular areas of concern are related to the breadth of measures that employers can legally take to monitor the health of their employees, as well as the collection of health data by government agencies. Overall, regulators highlight that data protection law is by no means a barrier to public health, but advise organizations against “systematic and generalized” monitoring and collection of data related to health of their employees outside official requests and measures of public health authorities.

Source: EU DPAs Issue Green and Red Lights for Processing Health Data During the COVID-19 Epidemic

How Europe’s AI strategy is getting it right

The European Commission’s new White Paper may be the most ambitious yet realistic government strategy for AI we have seen.

Privacy guarantees and construction of a technological and data-driven economy are not in a zero-sum equation. The Commission’s new strategy recognizes that “building an ecosystem of trust is a policy objective in itself, and should give citizens the confidence to take up AI applications and give companies and public organizations the legal certainty to innovate using AI.”

Source: How Europe’s AI strategy is getting it right – EURACTIV.com

EU publishes revised draft ePrivacy Regulation

The Presidency of the Council of the European Union on 21 February 2020 published revised text of the proposed ePrivacy Regulation (Regulation concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications and Repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications)).

New draft introduces the possibility to process metadata for legitimate interests, as well as to use the processing and storage capabilities of terminal equipment, and to collect information from end-users’ terminal equipment when it is necessary for the purpose of the legitimate interests pursued by the service provider, except when such interest is overridden by the interests or fundamental rights and freedoms of the end-user. That is big change compared to existing regulation requiring user’s consent.

Draft ePrivacy Regulation

Lack of big tech GDPR decisions looms large in EU watchdog’s annual report

Ireland’s Data Protection Commissioner – the lead European Union privacy regulator for most of big tech – has put out its annual report which shows another major bump in complaints filed under the bloc’s updated data protection framework, underlining the ongoing appetite EU citizens have for applying their rights.

But what the report doesn’t show is any firm enforcement of EU data protection rules vis-a-vis big tech. The report leans heavily on stats to illustrate the volume of work piling up on desks in Dublin. But it’s light on decisions on highly anticipated cross-border cases involving tech giants including Apple, Facebook, Google, LinkedIn and Twitter.

Read more: Lack of big tech GDPR decisions looms large in EU watchdog’s annual report | TechCrunch

Google users in UK to lose EU data protection

Google is planning to move its British users’ accounts out of the control of European Union privacy regulators, placing them under U.S. jurisdiction instead.

The shift, prompted by Britain’s exit from the EU, will leave the sensitive personal information of tens of millions with less protection and within easier reach of British law enforcement.

Source: Exclusive: Google users in UK to lose EU data protection – sources – Reuters

European Commission publishes data strategy, AI white paper

On Wednesday, the commission released its EU data strategy. The document outlines the commission’s five-year plan for “policy measures and investments to enable the data economy.”

The commission based its strategy on four pillars, one of which is a cross-sectoral governance framework for data access and use. The other pillars include investments in data and “strengthening Europe’s capabilities and infrastructures for hosting, processing and using data, interoperability,” empowering citizens to exercise their data rights and establishing “common European data spaces in strategic sectors and domains of public interest.”

In conjunction with the release data strategy, the commission also published a white paper on AI. The white paper covers the policy options the EU could implement to promote the increased use of AI while addressing the risks associated with the technology.

Source: European Commission publishes data strategy, AI white paper

1 2 3 109
>