fbpx

Download free GDPR compliance checklist!

Tag Archives for " websites "

He Created the Web. Now He’s Out to Remake the Digital World.

Three decades ago, Tim Berners-Lee devised simple yet powerful standards for locating, linking and presenting multimedia documents online. He set them free into the world, unleashing the World Wide Web.

Now Mr. Berners-Lee believes the online world has gone astray. Too much power and too much personal data, he says, reside with the tech giants like Google and Facebook — “silos” is the generic term he favors, instead of referring to the companies by name. Fueled by vast troves of data, he says, they have become surveillance platforms and gatekeepers of innovation.

But Mr. Berners-Lee is taking a different approach: His answer to the problem is technology that gives individuals more power.

Full article: He Created the Web. Now He’s Out to Remake the Digital World. – The New York Times

Firefox to ship ‘network partitioning’ as a new anti-tracking defense

Firefox 85, scheduled to be released next month, in January 2021, will ship with a feature named Network Partitioning as a new form of anti-tracking protection.

The feature is based on “Client-Side Storage Partitioning,” a new standard currently being developed by the World Wide Web Consortium’s Privacy Community Group. Network Partitioning will allow Firefox to save resources like the cache, favicons, CSS files, images, and more, on a per-website basis, rather than together, in the same pool.

Source: Firefox to ship ‘network partitioning’ as a new anti-tracking defense | ZDNet

Belgian DPA to Take Down Websites Infringing GDPR

Belgian Data Protection Authority signed a cooperation agreement with DNS Belgium. The purpose of the cooperation agreement is to allow DNS Belgium to suspend “.be” websites that are linked to infringements of the GDPR.

The “Notice and Action” procedure is only available for infringements that cause very serious harm and are committed by natural or legal persons who deliberately infringe the law or who continue data processing activity despite a prior order by the Investigation Service or the Litigation Chamber of the Belgian DPA to suspend, limit, freeze (temporarily) or end the processing activity.

Source: Belgian DPA to Take Down Websites Infringing GDPR | Privacy & Information Security Law Blog

Apple declined to implement 16 Web APIs in Safari due to privacy concerns

Apple said this week that it declined to implement 16 new web technologies (Web APIs) in Safari because they posed a threat to user privacy by opening new avenues for user fingerprinting.

Apple claims that the 16 Web APIs above would allow online advertisers and data analytics firms to create scripts that fingerprint users and their devices.

Source: Apple declined to implement 16 Web APIs in Safari due to privacy concerns | ZDNet

GDPR Subverted by Cookie Consent Tools

New study suggests that many websites are navigating around GDPR by tailoring the design of their cookie consent tools and using dark patterns to provide a misleading veneer of a consent agreement.

According to the researchers, the study illustrates “the extent to which illegal practices prevail, with vendors of CMPs turning a blind eye to — or worse, incentivising — clearly illegal configurations of their systems.”

Source: GDPR Subverted by Cookie Consent Tools, Study Reveals – CPO Magazine

Facebook’s new privacy tool lets you manage how you’re tracked across the web

Mark Zuckerberg’s long-promised “Clear History” button is finally launched globally.

Facebook has been determined to give people privacy controls while they’re on the social network. On Tuesday, it rolled out a long-promised tool designed to give them control beyond the social network.

While it had slow rollouts around the world, starting last August, it should be available now to the 2.4 billion people who use Facebook every month, Zuckerberg said.

Source: Facebook’s new privacy tool lets you manage how you’re tracked across the web – CNET

Cookie consent tools are being used to undermine EU privacy rules

Most cookie consent pop-ups served to internet users in the European Union — ostensibly seeking permission to track people’s web activity — are likely to be flouting regional privacy laws, a new study by researchers at MIT, UCL and Aarhus University suggests.

“The results of our empirical survey of CMPs [consent management platforms] today illustrates the extent to which illegal practices prevail, with vendors of CMPs turning a blind eye to — or worse, incentivising — clearly illegal configurations of their systems,” the researchers argue, adding that: “Enforcement in this area is sorely lacking.”

Full article: Cookie consent tools are being used to undermine EU privacy rules, study suggests | TechCrunch

Web feature developers need to pay more attention to privacy and security

Web feature developers are being warned to step up attention to privacy and security as they design contributions.

Writing in a blog post about “evolving threats” to Internet users’ privacy and security, the W3C standards body’s technical architecture group (TAG) and Privacy Interest Group (PING) set out a series of revisions to the W3C’s Security and Privacy Questionnaire for web feature developers.

Full article: Web feature developers told to dial up attention on privacy and security | TechCrunch

Bavarian DPA investigates Blood Donation Service for website tracking

The Bavarian Data Protection Authority (BayLDA) is currently scrutinising the website of the blood donation service of the Bavarian Red Cross as part of a focused data protection review.

The reason for this was the use of tracking tools on the website of the blood donation service. In particular, the BayLDA will look at whether sensitive data about the users’ health has been used by Facebook.

If tracking tools are used, quite a number of data protection requirements must be observed. This is not as simple as merely informing the user about the tracking tools in simple terms; the website operator must also ensure that they legally integrate the tracking tools, i.e. that a legal basis allows the integration or that the users have given their consent in advance.

Source: Blood Donation Service under high scrutiny

Bavarian Data Protection Authority announces possible fines after website search

At the beginning of February, the Bavarian Data Protection Authority (DPA) participated in the Safer Internet Day (SID) 2019 and searched 40 websites of large companies based in Bavaria.

The DPA reviewed cyber security and user tracking practices with the finding that in the DPA’s view none of the 40 companies provided for GDPR-compliant practices on their websites. As a result, the DPA announced it is considering fines under the GDPR.

Source: Germany: Bavarian Data Protection Authority announces possible fines after sobering result of website search

>