fbpx

Download free GDPR compliance checklist!

Tag Archives for " law "

IBM calls for regulation on facial recognition tech instead of bans

IBM wants the US government to regulate facial recognition technology, instead of banning it outright. “Precision regulation” can restrict potentially harmful uses while still allowing for innovation, the company said Tuesday in a white paper posted online.

Facial recognition has faced backlash from privacy advocates and lawmakers, and a handful of cities have banned the municipal use of the technology. In July, Microsoft asked the federal government to regulate facial recognition before it gets more widespread. Still, the technology is on track to become pervasive in airports and shopping centers, and some companies like Amazon are selling it to police departments.

Source: IBM calls for regulation on facial recognition tech instead of bans – CNET

The Senate’s secret algorithms bill doesn’t actually fight secret algorithms

In the case of the Filter Bubble Transparency Act, it’s not just spin; it’s an example of how badly defined buzzwords can make it impossible to address the internet’s problems. The bill is named after Eli Pariser’s 2011 book The Filter Bubble, which argues that companies like Facebook create digital echo chambers by optimizing content for what each person already engages with.

The FBTA aims to let people opt out of those echo chambers. Large companies would have to notify users if they’re delivering content — like search results or a news feed — based on personal information that the user didn’t explicitly provide.

However, the FBTA doesn’t make platforms explain exactly how their algorithms work. It doesn’t prevent them from using arcane and manipulative rules, as long as those rules aren’t built around certain kinds of personal data. And removing or disclosing a few factors in an algorithm doesn’t make the overall algorithm transparent.

Full article: The Senate’s secret algorithms bill doesn’t actually fight secret algorithms – The Verge

Legislation Would Force Google and Rivals to Disclose Search Algorithms

Senate lawmakers are teeing up a bill that would require search engines to disclose the algorithms they apply in ranking internet searches amid growing concern over their use of personal data and give consumers an option for unfiltered searches.

Search engines such as Alphabet Inc.’s Google unit use a variety of measures to filter results for individual searches, such as the user’s browsing activity, search history and geographical location.

Source: Legislation Would Force Google and Rivals to Disclose Search Algorithms – WSJ

Regulating Facial Recognition Tech – Where Are We Now?

While there are clearly now multiple efforts to curtail the use of facial recognition technology (FRT) in the public realm, the reality is that the genie is already out of the bottle and there is no way to put it back.

The efforts above range from limited bans within the public sector, to reviews of new implementations of the tech, to specific court cases against police use of FRT. In short, it’s a patchwork of efforts, and there are huge gaps between them. Many examples also tend to focus on State-backed projects, rather than in the private sector – which is also experimenting with the tech, often in the public domain.

Meanwhile, the technology and its use is still rapidly spreading around the world, and there remains as yet no fully tested national position on its use in countries such as the US and UK.

Full article: Regulating Facial Recognition Tech – Where Are We Now? – Artificial Lawyer

EU Council releases revised draft ePrivacy Regulation

On 30 October, 2019, the Presidency of the Council of the European Union released revised text of the proposed ePrivacy Regulation (Regulation Concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications and Repealing Directive 2002/58/EC).

The revised draft ePrivacy Regulation includes further clarifications to the scope of its application as well as several alternative options. In addition, further modifications are  introduced in the text, including in Article 2(2)(f), where the changes would specify that the processing upon receipt by a third party or end-user entrusted for the purpose of protecting the end-user’s terminal equipment would be outside the scope of the ePrivacy Regulation, and in Article 6a(2) where the new text specifies that the supervisory authority should be consulted, if necessary, in line with Article 36(1) of the General Data Protection Regulation (GDPR).

The Draft ePrivacy Regulation will be discussed during the Working Party on Telecommunications and Information Society (‘WP TELE’) meeting on 7 November 2019.

You can read the Draft ePrivacy Regulation here.

Finland eyes ePrivacy agreement before year’s end

The Presidency of the EU Council is expected to propose yet another iteration of the ePrivacy text for the next meeting of the Working Party on Telecommunications and Information Society Nov. 7.

Ever since the European Commission first presented its plans to overhaul the ePrivacy law in January 2017, the file has been mired in lobbying and conflicting positions of EU member states.

Source: Finland eyes ePrivacy agreement before year’s end

Senators introduce bill to let users take their data between social networks

Three prominent tech critics in the Senate will introduce new legislation Tuesday requiring social media giants to give consumers ways to move their personal data to another platform at any time.

The bill’s goal is to loosen the grip social media platforms have on consumers through the long-term collection and storage of their data.

Source: Senators introduce bill to let users take their data between social networks – Axios

This Is What the Future of A.I. Regulation Could Look Like

The German Data Ethics Commission has produced a series of recommendations for regulating algorithms and artificial intelligence. Its ideas will likely influence new EU rules.

The commission insisted that algorithmic systems should be designed safely, to respect people’s rights and freedoms, protect democracy, be secure, and avoid bias and discrimination.

It said systems presenting a significant risk of harm, such as those that show different people different prices based on their profiles, should in some cases require licensing. And systems with an “untenable potential for harm”—killer robots, for example—should be banned outright.

Source: This Is What the Future of A.I. Regulation Could Look Like | Fortune

EDPB Issues Final Guidelines on ‘Necessary for the Performance of a Contract’ Legal Basis

The European Data Protection Board has issued issued final guidelines on the “necessary for the performance of a contract” legal basis for processing data under the General Data Protection Regulation (GDPR).

To use this legal basis, you need to show:

  • The processing is carried out in the context of a valid contract with the individual.
  • The purpose for the processing in question is clearly specified and communicated to the relevant individual, in line with the company’s purpose limitation and transparency obligations (even if not in the body of the contract).
  • The processing needs to be objectively necessary to achieve this particular purpose.
  • There are no realistic, less intrusive processing alternatives.

Source: EDPB Issues Final Guidelines on ‘Necessary for the Performance of a Contract’ Legal Basis

EBF publishes proposals on Cyber incident reporting

In order to ensure that financial institutions are able to quickly and effectively report cyber incidents without at the same time sacrificing a proper incident management and recovery process, The European Banking Federation (EBF) published its proposals on cyber incident reporting.

In particular EBF makes the following proposals for supervisors and regulators:

  • Establish a central reporting and coordination hub in each Member State;
  • Harmonise reporting thresholds and create a common taxonomy for cyber security incidents;
  • Foster public-private real-time collaboration between regulators, supervisors, law enforcement, financial institutions and other cross-sectoral infrastructure actors;
  • Further involve national CERTs in information sharing;
  • Introduce a regular bi-directional information flow between regulators/ supervisors and the industry.

Full report: EBF position on Cyber incident reporting

1 2 3 116
>