fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " privacy policies "

Longer Privacy Policies Are Better?

Everyone knows that most consumers don’t read privacy policies because they’re too long and confusing. Right?

But maybe that’s the wrong way to think about it. Privacy policies are useless from a consumer perspective regardless of whether they’re long or short, said Justin Brookman, director of privacy and technology policy at Consumer Reports.

Full article: Longer Privacy Policies Are Better – And Other Surprising Takeaways From The FTC’s PrivacyCon | AdExchanger

Openly Operated wants to make privacy policies actually mean something

Openly Operated is a set of guidelines for auditing how apps and web services deal with user data, like a combination of a report card and a seal of approval. But it’s also a bid to change the terms of the privacy debate.

An OO-certified app or site must meet three criteria. First, it needs to demonstrate “a basic level of transparency” by making its code and infrastructure — among other things — public and fully documented. Second, it needs to lay out its policy in the form of “claims with proof,” establishing what user data is collected, who can access it, and how it’s being protected. Third, those claims must be evaluated by an OO-certified auditor who then makes the audit results public.

Source: Openly Operated wants to make privacy policies actually mean something – The Verge

Lithuanian DPA launches investigation into D-Link

In response to publicly available information, the Lithuanian data protection authority – State Data Protection Inspectorate – launched an self-initiated inquiry into the allegedly inappropriate processing of personal data by D-Link.

It is feared that D-Link equipment user passwords, browsing history or other information can be accessed by third countries’ servers through D-Link’s devices, allowing profiling and identification of consumers.

State Data Protection Inspectorate also noted that D-Link’s processing activity potentially amounts to a violation of the General Data Protection Regulation’s (GDPR) transparency principle.

Source: State Data Protection Inspectorate Launches D-Link Research | State Data Protection Inspectorate

The New York Times analysed 150 Privacy Policies of popular services

The New York Times analysed 150 Privacy Policies of popular services. The average policy took 18 minutes to finish and required a college-level reading ability.

Despite efforts like the General Data Protection Regulation (GDPR) to make policies more accessible, there seems to be an intractable tradeoff between a policy’s readability and length. Even policies that are shorter and easier to read can be impenetrable, given the amount of background knowledge required to understand how things like cookies and IP addresses play a role in data collection.

As data collection practices become more sophisticated (and invasive), it’s unlikely that privacy policies will become any easier to comprehend.

Read full article: Opinion | We Read 150 Privacy Policies. They Were an Incomprehensible Disaster. – The New York Times

Dutch DPA Issues Guidelines on Privacy Policies Following Investigation

On April 17, 2019, the Dutch Data Protection Authority issued six recommendations for companies, to be taken into account when drafting privacy policies.

The published recommendations follow the Dutch DPA’s investigation of companies’ privacy policies. The investigation focused on companies that process sensitive personal data, including health data and data related to individuals’ political beliefs.

Full article: Dutch DPA Issues Guidelines on Privacy Policies Following Investigation | Privacy & Information Security Law Blog

EDPS: We need to talk about terms and conditions

Terms of service are generally designed to safeguard a service provider against legal challenges.

These terms are not like a memorandum of understanding, trade agreement or a contract established jointly by two more or less equal parties. Rather, they are laid down by the service provider and not open to negotiation. In the EU there are rules protecting the consumer against unfair terms.

Full article: We need to talk about terms and conditions | European Data Protection Supervisor

Dutch DPA Issues Guidelines on Privacy Policies Following Investigation

On April 17, 2019, the Dutch Data Protection Authority, the Autoriteit Persoonsgegevens (the “Dutch DPA”) issued six recommendations (in Dutch) for companies, to be taken into account when drafting privacy policies.

The published recommendations follow the Dutch DPA’s investigation of companies’ privacy policies. The investigation focused on companies that process sensitive personal data, including health data and data related to individuals’ political beliefs.

Source: Dutch DPA Issues Guidelines on Privacy Policies Following Investigation

Notice and Choice Are No Longer a Choice

How many applications do you have on your phone? Average people have around 80. For each of those applications, you gave the company behind it your consent to use your data, and likely in a variety of ways. It’s nearly impossible to remember what personal data use you consented to for each one.

Watch Nuala’s illustrative opening statement for more on why we must move beyond the “notice and choice” model for personal privacy protections.

Source: Notice and Choice Are No Longer a Choice

Berlin court rules against Apple data protection guidelines

The Court of Appeal in Berlin has ruled that the data protection guidelines used by Apple in 2011 were partially inadequate. The ruling came in a lawsuit filed by the Federation of German Consumer Organizations (VZBV) against Apple Sales International, which operated the online Apple Store in Germany until 2012.

Source: Berlin court rules against Apple data protection guidelines – Telecompaper

Google Takes New Policy Approach Amid Growing Global Threats

Alphabet Inc.’s Google is reorganizing its approach to global policy, including the addition of resources to emerging markets, according to a person familiar with the moves, which come as the internet giant faces new threats and regulations around the world.

Full article: Google Takes New Policy Approach Amid Growing Global Threats – Bloomberg

1 2 3 9
>