fbpx

Download free GDPR compliance checklist!

Category Archives for "Other"

No grace period after Schrems II Privacy Shield ruling, warn EU data watchdogs

European data watchdogs have issued updated guidance in the wake of last week’s landmark ruling striking down a flagship transatlantic data transfer mechanism called Privacy Shield.

In an FAQ on the Schrems II judgement, the European Data Protection Board (EDPB) warns there will be no regulatory grace period.

Source: No grace period after Schrems II Privacy Shield ruling, warn EU data watchdogs | TechCrunch

EDPB clarifies Brexit obligations for holders of Binding Corporate Rules which have the UK ICO as their lead authority

On July 22, 2020, the European Data Protection Board (EDPB) released an information note on Binding Corporate Rules (BCRs), which provides guidance for groups of undertakings/enterprises which have the UK Information Commissioner’s Office (ICO) as their competent supervisory authority.

As a consequence of Brexit, BCR holders having the ICO as their BCR Lead Supervisory Authority (SA) need to identify a new BCR Lead SA in the EEA  and must amend their BCRs before the end of the Brexit transition period.

Source: EDPB clarifies Brexit obligations for holders of Binding Corporate Rules which have the UK ICO as their lead authority

TikTok under scrutiny in Australia over security, data concerns

Australia is scrutinising the popular Chinese-owned social media TikTok platform for any risks it may pose to users from around potential foreign interference and data privacy issues.

Owned by Bytedance, TikTok opened an office in Australia in recent weeks. Offices of both the Home Affairs and Attorney-General are discussing TikTok’s operations. Prime Minister Scott Morrison said his government was “having a good look” at TikTok, which has also fallen under U.S. scrutiny for “national security risks”.

Source: TikTok under scrutiny in Australia over security, data concerns – Reuters

What Privacy Shield organizations should do in the wake of ‘Schrems II’

The Court of Justice of the European Union issued its decision in “Schrems II” Thursday, a landmark decision that invalidates the EU-U.S. Privacy Shield arrangement.

Fortunately, the CJEU did not invalidate the European Commission’s standard contractual clauses for transfers to data processors. However, the rationale behind the court’s ruling on Privacy Shield (which focused on concerns about U.S. law and practice on government surveillance) would suggest that companies will need to evaluate their use of SCCs.

So, what now?

Full article: What Privacy Shield organizations should do in the wake of ‘Schrems II’

South Korean regulator fines TikTok over mishandling child data

The Korea Communications Commission (KCC), the country’s telecommunications watchdog, said it has fined the company 186 million won — around $155,000 — for failing to protect users’ private data.

The Korea Communications Commission said the Chinese company collected the data of children without consent from their legal guardians.

Source: South Korean regulator fines TikTok over mishandling child data | ZDNet

EC issues data advice as Brexit approaches

The European Commission (EC) is urging businesses and public bodies to take all necessary steps to ensure compliance of any personal data transfers between the UK European Union after the Brexit transition ends on 31 December.

“Compliance can be achieved by having appropriate safeguards in place as foreseen by the General Data Protection Regulation [GDPR], including binding corporate rules or through specific derogations,” the EC said in a document to help companies and others to prepare for the changes after the transition period.

Source: EC issues data advice as Brexit approaches

Facebook allows pseudo-science ads target cancer patients

Being targeted by those who traffic in false promises feels like a “slap in the face”.

Pseudoscience companies tap directly into their fears and isolation, offering a sense of control, while claiming their products can end our pain. They exploit emotions to offer phony alternatives.

Source: Opinion | I Have Cancer. Now My Facebook Feed Is Full of ‘Alternative Care’ Ads. – The New York Times

UK and Aussie privacy watchdogs to investigate Clearview AI

Privacy authorities in the UK and Australia have announced a joint investigation into Clearview AI, a US firm which provides facial recognition technologies.

The investigation will aim to understand whether the data scraping activities of Clearview AI are legal with respect to the Australian Privacy Act 1988 and the UK Data Protection Act 2018.

Source: UK and Aussie privacy watchdogs to investigate Clearview AI – Telecoms.com

The Netherlands DPA imposes EUR 830,000 fine for access request fees

On the 6 th of July 2020, the Dutch Data Protection Authority  published its decision to impose a fine of 830,000 EUR on Stichting Bureau Krediet Registratie (BKR).

BKR keeps an electronic file of the loans and debts people have in the Netherlands, stored in a central database. The fine has been imposed due to the fact that BKR’s procedure for data subjects to obtain access to their personal data was not in line with GDPR.

Source: The Netherlands – DPA imposes EUR 830,00 fine for access request fees

Police take too much data from victims’ phones, says watchdog

Police are extracting “excessive amounts of personal data” from the mobile phones of victims and witnesses during investigations and are in danger of discouraging the public from reporting crime, the Information Commissioner’s Office (ICO) has warned.

In a critical study of data extraction policies, the ICO concludes that procedures are inconsistent across forces in England and Wales and calls for a new statutory code of practice to provide “greater clarity”.

Source: Police take too much data from victims’ phones, says watchdog | Police | The Guardian

1 2 3 92
>