fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " regulation "

Finland eyes ePrivacy agreement before year’s end

The Presidency of the EU Council is expected to propose yet another iteration of the ePrivacy text for the next meeting of the Working Party on Telecommunications and Information Society Nov. 7.

Ever since the European Commission first presented its plans to overhaul the ePrivacy law in January 2017, the file has been mired in lobbying and conflicting positions of EU member states.

Source: Finland eyes ePrivacy agreement before year’s end

Senators introduce bill to let users take their data between social networks

Three prominent tech critics in the Senate will introduce new legislation Tuesday requiring social media giants to give consumers ways to move their personal data to another platform at any time.

The bill’s goal is to loosen the grip social media platforms have on consumers through the long-term collection and storage of their data.

Source: Senators introduce bill to let users take their data between social networks – Axios

This Is What the Future of A.I. Regulation Could Look Like

The German Data Ethics Commission has produced a series of recommendations for regulating algorithms and artificial intelligence. Its ideas will likely influence new EU rules.

The commission insisted that algorithmic systems should be designed safely, to respect people’s rights and freedoms, protect democracy, be secure, and avoid bias and discrimination.

It said systems presenting a significant risk of harm, such as those that show different people different prices based on their profiles, should in some cases require licensing. And systems with an “untenable potential for harm”—killer robots, for example—should be banned outright.

Source: This Is What the Future of A.I. Regulation Could Look Like | Fortune

EDPB Issues Final Guidelines on ‘Necessary for the Performance of a Contract’ Legal Basis

The European Data Protection Board has issued issued final guidelines on the “necessary for the performance of a contract” legal basis for processing data under the General Data Protection Regulation (GDPR).

To use this legal basis, you need to show:

  • The processing is carried out in the context of a valid contract with the individual.
  • The purpose for the processing in question is clearly specified and communicated to the relevant individual, in line with the company’s purpose limitation and transparency obligations (even if not in the body of the contract).
  • The processing needs to be objectively necessary to achieve this particular purpose.
  • There are no realistic, less intrusive processing alternatives.

Source: EDPB Issues Final Guidelines on ‘Necessary for the Performance of a Contract’ Legal Basis

EBF publishes proposals on Cyber incident reporting

In order to ensure that financial institutions are able to quickly and effectively report cyber incidents without at the same time sacrificing a proper incident management and recovery process, The European Banking Federation (EBF) published its proposals on cyber incident reporting.

In particular EBF makes the following proposals for supervisors and regulators:

  • Establish a central reporting and coordination hub in each Member State;
  • Harmonise reporting thresholds and create a common taxonomy for cyber security incidents;
  • Foster public-private real-time collaboration between regulators, supervisors, law enforcement, financial institutions and other cross-sectoral infrastructure actors;
  • Further involve national CERTs in information sharing;
  • Introduce a regular bi-directional information flow between regulators/ supervisors and the industry.

Full report: EBF position on Cyber incident reporting

U.S. Using Trade Deals to Shield Tech Giants From Foreign Regulators

The Trump administration has begun inserting legal protections into recent trade agreements that shield online platforms like Facebook, Twitter and YouTube from lawsuits, a move that could help lock in America’s tech-friendly regulations around the world even as they are being newly questioned at home.

The administration’s push is the latest salvo in a global fight over who sets the rules for the internet. While the rules for trading goods have largely been written — often by the United States — the world has far fewer standards for digital products. Countries are rushing into this vacuum, and in most cases writing regulations that are far more restrictive than the tech industry would prefer.

Source: U.S. Using Trade Deals to Shield Tech Giants From Foreign Regulators – The New York Times

Centrist Democratic Lawmakers Back Pro-Business Privacy Law

A group of more than 100 centrist Democratic House lawmakers is throwing its weight behind a privacy bill that has been praised by alliances of software and internet giants.

The bill would allow consumers to opt out of the collection, storage and sharing of their data. It would require companies to get consumers to approve any use of sensitive data such as financial or health information and oblige companies to furnish “plain language” privacy policies.

Source: Centrist Democratic Lawmakers Back Pro-Business Privacy Law – Bloomberg

Amazon Calls for Government Regulation of Facial Recognition Tech

Amazon said it believes that governments should act to regulate the use of facial recognition technology to ensure it is used appropriately.

The company said it will back US federal privacy legislation “that requires transparency, access to personal information, ability to delete personal information, and that prohibits the sale of personal data without consent.”

Source: Amazon Calls for Government Regulation of Facial Recognition Tech | SecurityWeek.Com

Andrew Yang proposes that your digital data be considered personal property

The 2020 Democratic presidential candidate Andrew Yang published his latest policy proposal: to treat data as a property right. Announcing the proposal on his website, Yang lamented how our data is collected, used, and abused by companies, often with little awareness or consent from us.

“This needs to stop,” Yang says. “Data generated by each individual needs to be owned by them, with certain rights conveyed that will allow them to know how it’s used and protect it.”

Full article: Andrew Yang proposes that your digital data be considered personal pro

Amazon is writing facial recognition law

Amazon’s Chief Executive Jeff Bezos said the company’s public policy team is working on proposed regulations around facial recognition, a fledgling technology that has drawn criticism of the technology giant’s cloud computing unit.

Critics have pointed to technology from Amazon and others that struggled to identify the gender of individuals with darker skin in recent studies. That has prompted fears of unjust arrests if the technology is used by more law enforcement agencies to identify suspects.

Source: Amazon CEO says company working on facial recognition regulations – Reuters

>