fbpx

Download free GDPR compliance checklist!

Tag Archives for " Ireland "

Facebook postpones launch of dating app

Facebook has been forced into an embarrassing postponement of its new dating service all across Europe 36 hours before Valentine’s Day after Ireland’s Data Protection Commission stepped in.

The regulatory body, which oversees Facebook’s operation across the EU, sent agents to the social media giant’s offices in Dublin because Facebook had not informed the regulatory body of the launch.

Source: Hours from Valentine’s Day, Helen Dixon says no to Facebook’s European dating service rollout – Independent.ie

Human Error Not Cybersecurity is Leading GDPR Data Breach Trend

Human error is the main data breach trend under the new GDPR regime not cybersecurity incidents according the Irish Data Protection Commission (DPC).

The DPC has detailed the data breach trends it has observed during the first year of GDPR and unauthorised disclosure tops the list accounting for 83 percent of all reported breaches.

During the first year of GDPR, beginning on the 25 of May 2018, the Irish Data Protection Commission received 5,818 data breach notifications. The DPC notes that approximately 4 percent of all reported breaches were deemed to have not meet the definition of a ‘personal data breach’ when GDPR is applied.

Source: Human Error Not Cybersecurity is Leading GDPR Data Breach Trend

Tinder’s handling of user data is now under GDPR probe in Europe

Dating app Tinder is the latest tech service to find itself under formal investigation in Europe over how it handles user data.

Ireland’s Data Protection Commission (DPC) has today announced a formal probe of how Tinder processes users’ personal data; the transparency surrounding its ongoing processing; and compliance with obligations with regard to data subject right’s requests.

Source: Tinder’s handling of user data is now under GDPR probe in Europe – TechCrunch

Irish DPA investigates Google’s processing of location data

The Data Protection Commission (DPC) – Irelands data protection authority -, in its role as Lead Supervisory Authority for Google, started a formal investigation into Google’s practices to track the location of users and the transparency surrounding that processing.

The investigation follows a series of complaints by several national consumer groups across the EU. Consumer organisations argue that the consent to “share” users’ location data was not freely given and consumers were tricked into accepting privacy-intrusive settings. Such practices are not compliant with the EU’s data protection law GDPR.

DPC will establish whether Google has a valid legal basis for processing the location data of its users and whether it meets its obligations as a data controller with regard to transparency.

Source: Data Protection Commission launches Statutory Inquiry into Google’s processing of location data and transparency surrounding that processing | 04/02/2020 | Data Protection Commission

Europe’s First Big Privacy Crackdown on Big Tech Is Coming Next Year

The Irish Data Protection Commission was due to give its draft decision on a WhatsApp privacy case in December, but it’s now pushed back into early January.

The draft decision was expected to say how big a fine WhatsApp owner Facebook was liable to pay—under the law, potential fines run as high as 4% of global annual revenues. However, a procedural complaint by WhatsApp’s lawyers has now shoved that decision into next year.

Source: GDPR: Europe’s First Big Privacy Crackdown on Big Tech Is Being Delayed By WhatsApp’s Procedural Concerns | Fortune

Data Protection Commissioner investigating micro-targeting on social media

The Data Protection Commissioner Helen Dixon has said her office is conducting a number of investigations into the micro-targeting of individuals on large social media platforms as it raised issues of compliance with new General Data Protection Regulation rules.

Current investigations are open into the use of platforms, data brokers, and ad exchanges. Micro-targeting individuals with specific content has the potential of amplifying the harmful effects of disinformation. Commissioner hopes to conclude all investigations by next year.

Source: Data Protection Commissioner investigating micro-targeting on social media

Data Protection Commission engaging with Revolut as a “matter of urgency”

The Irish Data Protection Commission (DPC) has said that it will be engaging with financial technology company Revolut as “a matter of urgency” over their new privacy policy and cookies policy changes Revolut announced this week.

Revolut’s new privacy policy means that users will have their data shared with social media and analytics companies for marketing purposes and also with credit bureaus, unless they actively opt-out.

Source: Data Protection Commission engaging with Revolut as a “matter of urgency” over privacy changes | JOE is the voice of Irish people at home and abroad

Irish data protection commissioner set to issue decisions on Twitter and Whatsapp probes by end of year

The Irish data protection commissioner expects to issue decisions on investigations into Twitter and Whatsapp by the end of the year, a spokeswoman has said.

However, the effect of any sanction or fine, if issued, would not occur for “months” after that due to statutory examination processes.

Helen Dixon’s office concluded its investigation several weeks ago and is formulating draft decisions, possibly with the inclusion of a sanction, fine or regulatory order for Whatsapp and Twitter to change their own processes.

Source: Irish data protection commissioner set to issue decisions on Twitter and Whatsapp probes by end of year – Independent.ie

Ireland publishes note on data breach trends

Ireland’s Data Protection Commission has published information note on data breach trends from the first year of the General Data Protection Regulation (GDPR).

The total number of breach notifications received by the DPC during that time amounted to 5,818. Of all breach notifications received by the DPC, approximately 4% have been classified a ‘non-breaches’ and did not meet the definition of a personal data breach.

a total of 13% failed to satisfy the requirement of notification to the DPC ‘without undue delay’ (normally within 72 hours), as required under the provisions of GDPR.

Source: Data Breach Trends from the First Year of the GDPR

Is Ireland breaching EU rules by underfunding data regulator?

Ireland provided the Data Protection Commission with significantly less funding than it needs at a time when it is struggling to cope with the extra work it got landed with following the introduction of GDPR last year.

Not only does this put the Government potentially at risk by leaving the commission without proper resources, but it also could be against the law. Data protection consultant Daragh O’Brien of Irish company Castlebridge Associates certainly thinks so. He has filed a complaint to the European Commission, suggesting the State has probably breached its obligations under GDPR, the Law Enforcement Directive and the EU Charter of Fundamental Rights.

Source: Is Ireland breaching EU rules by underfunding data regulator?

>