fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " right to be forgotten "

Right to delete is coming to Australia

Shadow Assistant Treasurer Stephen Jones said his party secured a “breakthrough commitment” from the government that would see the Consumer Data Right (CDR) gain the ability have consumer information deleted.

This new legislation will give Australian consumers an “off switch” when it comes to data sharing. Off switch would mean that a consumer will have the power to determine when a company should no longer hold their data.

Source: Labor thinks the right to delete is coming for Australia’s CDR after winter break | ZDNet

Italian DPA Issues Judgment Concerning ‘Right to be Forgotten’

On July 22, 2019, the Italian supervisory authority for data protection (Garante) issued a judgment involving the so-called “right to be forgotten”.

The Garante held that, in accordance with Article 21 of the GDPR, the data subject has the right to object to the processing of personal data on the grounds of his or her particular situation.

On that basis, Google is required to stop the processing of the personal data unless it can demonstrate compelling legitimate grounds.

Furthermore, the Garante made clear that the principles of data protection apply to any information concerning an identified or identifiable natural person. Thus “right to be forgotten” applies to any searches, not exclusively to searches by individual’s name.

Source: Italian Supervisory Authority Issues Judgment Concerning ‘Right to be Forgotten’

Amazon now lets you tell Alexa to delete your voice recordings

You’ll now be able to say, “Alexa, delete everything I said today.”

Amazon stores recordings of every request you’ve made to an Alexa device (theoretically, to help improve the voice recognition service and other features). Despite this being largely unnecessary, Amazon doesn’t provide a way to disable the long-term storage of voice recordings or have them deleted on a regular basis.

Full article: Amazon now lets you tell Alexa to delete your voice recordings – The Verge

Canada’s Federal Court sidesteps constitutional questions in Google ‘right to be forgotten’ case

Google LLC was handed a setback this month in a case over the so-called “right to be forgotten” when Canada’s Federal Court adjudicator ruled that it won’t delve into the thorny constitutional questions wrapped up in the matter.

Instead, the Federal Court will judge two specific points related to Canada’s privacy law, in a reference case brought forward by federal privacy commissioner Daniel Therrien.

The right to be forgotten does not currently exist in Canada as it does in Europe, where people can contact search engines and request that links be removed from search results related to a person’s name, if they feel that the information is “inadequate, irrelevant, or no longer relevant.”

Source: Federal Court sidesteps constitutional questions — for now — in Google ‘right to be forgotten’ case | Financial Post

Facebook Promised A Clear History Tool. Where Is It?

Last May, Facebook promised to create a “Clear History” function it said would give users more control over their data. Nine months later it’s nowhere to be found and sources say it’s a key example of the company’s “reactionary” way of dealing with privacy concerns.

Full article: Former Facebook Employees Say The Company’s Prioritization Of Privacy Is About Optics

Dutch surgeon wins landmark ‘right to be forgotten’ case

A Dutch surgeon formally disciplined for her medical negligence has won a legal action to remove Google search results about her case in a landmark “right to be forgotten” ruling.

The doctor’s registration on the register of healthcare professionals was initially suspended by a disciplinary panel because of her postoperative care of a patient. After an appeal, this was changed to a conditional suspension under which she was allowed to continue to practise.

Google and the Dutch data privacy watchdog, Autoriteit Persoonsgegevens, initially rejected attempts to have the links removed on the basis that the doctor was still on probation and the information remained relevant.

Source: Dutch surgeon wins landmark ‘right to be forgotten’ case | Technology | The Guardian

EU court advised to limit scope of ‘right to be forgotten’

Search engines should not be forced to alter their search results for users outside of the EU when complying with ‘right to be forgotten’ requests made under EU data protection laws, a senior adviser to the EU’s highest court has said.

Full article: EU court advised to limit scope of ‘right to be forgotten’

‘Right to be forgotten’ by Google should apply only in EU, says court opinion

The “right to be forgotten”, which enables claimants to request the removal of links to irrelevant or outdated online information about them, should not be enforceable globally, the European court of justice (ECJ) has found in a preliminary opinion.

The controversial power, requiring search engines to prevent access to material on the internet, should be enforceable only in the EU and not worldwide, the court’s advocate general, Maciej Szpunar, said. Final judgments by the ECJ usually endorse initial opinions.

Full article: ‘Right to be forgotten’ by Google should apply only in EU, says court opinion | Technology | The Guardian

The majority of businesses are failing to comply with GDPR

Some 70% of businesses worldwide failed to address requests made from individuals seeking to obtain a copy of their personal data as required by GDPR (General Data Protection Regulation) within the one-month time limit set out in the regulations, reveals new research from Talend, a global leader in cloud data integration solutions.

Source: The majority of businesses are failing to comply with GDPR

How to comply with the right to erasure

Now that the General Data Protection Regulation has come into force, organizations need to be able to process requests to erase the personal data of individuals. To establish this capability, changes to a variety of policies and procedures across the organization need to be implemented.

For one, the systems, applications and databases need to be calibrated to allow the easy identification and deletion of data related to the requesting individual. Then, policies and procedures need to be in place for the data protection officer and other stakeholders to follow the full lifecycle of the data erasure request. Finally, the DPO should maintain oversight of the effectiveness of every step of the way to the deletion and communicate timely to the data subject.

Full article: How to comply with the right to erasure (if you haven’t already!)

1 2 3 5
>