fbpx

Free tools and resources for Data Protection Officers!

Category Archives for "Other"

Belgian DPA: Requiring Customers to Allow Their ID Cards To Be Scanned To Receive Loyalty Cards Violates GDPR

Asking to read an electronic ID card as a condition for the provision of a service (issuing a rewards/loyalty card) is disproportionate and in violation of GDPR, says the Belgian data protection authority. The company was fined €10,000.

Source: Belgian DPA: Requiring Customers to Allow Their ID Cards To Be Scanned To Receive Loyalty Cards Violates GDPR

OTA Analysis Finds Most Organizations Not Ready For New Privacy Regulations

The Internet Society’s Online Trust Alliance (OTA), which identifies and promotes security and privacy best practices that build consumer confidence in the Internet, announced today the results of its latest report, “Are Organizations Ready for New Privacy Regulations?”.

OTA analyzed 29 variables in 1,200 privacy statements against common themes in three major privacy regulations: the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).

Source: OTA Analysis Finds Most Organizations Not Ready For New Privacy Regulations | Internet Society

EU and US issue joint statement on the Third Annual EU-U.S. Privacy Shield Review

U.S. Secretary of Commerce Wilbur Ross and EU Commissioner for Justice, Consumers, and Gender Equality Věra Jourová made the joint statement regarding the third annual joint review of the EU-U.S. Privacy Shield Framework.

Officials stated that Privacy Shield ensures that participating companies and relevant government authorities provide a high level of protection for the personal data of EU individuals. The Department of Commerce will revoke the certification of companies that do not comply with Privacy Shield’s vigorous data protection requirements.

The European Commission will publish a report on the functioning of the Privacy Shield. This report will conclude this year’s review process.

Source: Joint Press Statement from Commissioner Věra Jourová and Secretary of Commerce Wilbur Ross on the Third Annual EU-U.S. Privacy Shield Review | U.S. Department of Commerce

Terms, Conditions and Considerations Under the GDPR

With the recent major GDPR cases on Facebook and Google, DPOs at smaller companies are getting worried and challenged in ensuring terms and conditions and privacy notices are not mixed up.

With hundreds of policy templates to choose from one of the difficulties is writing a privacy policy that is not so long that no one can read it, nor so short that it doesn’t cover the bases, but striking the right balance between the unreadable and the unworkable is essential.

Full article: Terms, Conditions and Considerations Under the GDPR – CPO Magazine

Privacy Shield review goes on

US  Administration will host the third annual joint review of the European Union–United States Privacy Shield Framework in Washington, D.C.

This third annual review will bring together key American and European stakeholders to discuss the functioning, value, and integrity of the Privacy Shield Program, which facilitates compliance with European data protection and privacy requirements in support of transatlantic commerce.

Source: Statement from the Press Secretary on the European Union–United States Privacy Shield Framework | The White House

NIST Releases Draft Privacy Framework

On September 6, 2019, the National Institute of Standards and Technology (NIST) released a preliminary draft of its Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management.

Created in collaboration with private and public stakeholders, the voluntary Privacy Framework is intended to help organizations build and develop privacy foundations by integrating privacy considerations with their broader enterprise risk portfolio.

Source: NIST Releases Draft Privacy Framework

New Calculation Model for Data Protection Fines in Germany

In June, the conference of the German Data Protection Authorities (Datenschutzkonferenz) approved a concept for the calculation of GDPR fines.

“In a first step, the fine is calculated in daily rates derived from the worldwide company turnover of the previous year. The daily rate is multiplied by a factor which depends on the seriousness of the breach and is determined by the application of a scoring system. The sum is then reduced or increased depending on the degree of fault and on whether there have been any previous breaches. Three or more previous breaches can lead to a surcharge of 300 per cent. Mitigating factors will also be taken into account.”

Source: New Calculation Model for Data Protection Fines in Germany | Inside Privacy

US authorities impose $170m fine on YouTube for data privacy violation

YouTube has been hit with a record-breaking $170m (£139m) fine by regulators in the US for breaking children’s data privacy laws.

Authorities in New York will receive $34m of the landmark penalty. The Federal Trade Commission reached the settlement with Google, YouTube’s owner, after the video-streaming site was deemed to have collected data on children under the age of 13 without parental consents being in place, leading to youngsters receiving targeted advertising online.

Source: #privacy: USA authorities impose $170m fine on YouTube for data privacy violation

Build an Online Presence Without Giving Up Privacy

Every social network might as well be LinkedIn.

Every hiring manager will do a Google search on your name, most companies keep an eye on your social networks, and in several industries, you’re expected to have an online presence. With all this online performance, is it possible to retain some semblance of privacy?

Source: Opinion | Build an Online Presence Without Giving Up Privacy – The New York Times

YouTube Said to Be Fined Up to $200 Million for Children’s Privacy Violations

The Federal Trade Commission has voted to fine Google $150 million to $200 million to settle accusations that its YouTube subsidiary illegally collected personal information about children, according to three people briefed on the matter.

The case could have significant repercussions for other popular platforms used by young children in the United States.

The settlement would be the largest civil penalty ever obtained by the F.T.C. in a children’s privacy case. It dwarfs the previous record fine of $5.7 million for children’s privacy violations the agency levied this year against the owners of TikTok, a social video-sharing app.

Source: YouTube Said to Be Fined Up to $200 Million for Children’s Privacy Violations – The New York Times

1 2 3 79
>