fbpx

Download free GDPR compliance checklist!

Category Archives for "Other"

German DPA investigates WhatsApp Terms of Use

The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has brought proceedings against Facebook Ireland Ltd. which aims to issue an immediately executable order requesting not to collect any data from WhatsApp users to process it for their own purposes.

The case stems for WhatsApp’s new terms of use announced earlier this year. Terms of use contain extensive passages with which the service is granted the right to share user data with other Facebook companies. The HmbBfDI is responsible for Facebook in Germany, as the German branch of Facebook is based in Hamburg.

Source: Dringlichkeitsverfahren gegen Facebook

Google Faces Complaint in France Over Android Advertising Tool

Google’s Android advertising tool is the target of a complaint in France by privacy activist Max Schrems, accusing the tech giant of violating European Union rules by failing to get users’ consent.

Google’s software creates an advertising identifier on people’s phones without their knowledge, Noyb, a group set up by Schrems, said in a statement on Wednesday. The complaint was filed with France’s data protection watchdog CNIL.

Source: Google Faces Complaint in France Over Android Advertising Tool – Bloomberg

Italian DPA fines Fastweb $5.3M under GDPR for aggressive telemarketing

The Italian Data Protection Authority announced a fine of €4.5 million (U.S. $5.3 million) against telecommunications company Fastweb for misusing customer data for telemarketing purposes.

Fastweb was viewed as a repeat offender in Garante’s judgment after being sanctioned under laws other than the GDPR in 2012 and 2018 for similar telemarketing violations. Another aggravating factor listed is the continued presence of the vulnerabilities in the customer database.

Garante has ordered Fastweb to strengthen security measures to prevent unauthorized access to its databases, overhaul its telemarketing practices to include enrolled customers only, and discontinue use of data obtained by third parties that did not first gain user consent.

Source: Italian DPA fines Fastweb $5.3M under GDPR for aggressive telemarketing | Article | Compliance Week

MEPs rue lack of GDPR sanctions issued by Irish data authority

MEPs have said that “a lack of political will and resources” had resulted in a laggard approach to enforcement of the EU’s general data protection regulation (GDPR), singling out in particular the lack of sanctions dished out by the Irish data protection authority.

To date, the Irish DPC has issued six fines for GDPR breaches. These include three against Tusla, the country’s Child and Family Agency, a €65,000 penalty issued against Cork University Maternity Hospital, a €70,000 fine for University College Dublin, and, in the first fine for a cross-border case, a €450,000 charged levied against Twitter for falling short of data breach notification obligations.

Source: MEPs rue lack of GDPR sanctions issued by Irish data authority – EURACTIV.com

Dutch privacy watchdog fines Booking.com €475K

Hotel booking site Booking.com got hit with a €475,000 fine for being late to report a data breach, the company’s lead EU privacy regulator announced Wednesday.

The fine, imposed by the Dutch data protection authority because the company is legally established in Amsterdam, came after criminals stole the personal data of more than 4,000 Booking.com customers — obtaining the credit card details of nearly 300 victims.

The website received the penalty for missing a 72-hour deadline to report the breach to the regulator, which it did on February 4, 2019 — almost a month after it suffered the breach.

Source: Dutch privacy watchdog fines Booking.com €475K – POLITICO

Microsoft says Ireland should have ‘a bigger voice’ on EU regulation

Microsoft would like Ireland to have “a bigger voice” in influencing European regulation on technology issues, according to the company’s senior European policy director.

He said that countries which favour “light regulation rather than heavy regulation have become a little less vocal” since Brexit and that Ireland’s voice was now “critical” in striking a balance.

He said that Microsoft has been in discussions with Irish Government ministers over the last week to raise its voice on a number of tech-related issues.

Source: Microsoft says Ireland should have ‘a bigger voice’ on EU regulation – Independent.ie

EU Data Privacy Watchdogs Urged to Sort Out ‘Public Squabbles’

European Union privacy regulators must sort out their “public squabbles” over the enforcement of the bloc’s data-protection rules or its executive body may consider moving to a more centralized model to target violations.

Tensions have been building for months among national data protection watchdogs over the amount of time their Irish colleagues are taking to complete probes on big U.S. tech companies, including Facebook Inc. and Apple Inc.

Jourova’s comments follow a spat that erupted last week between the Irish watchdog and a European Parliament committee that’s been working on draft resolutions targeting data protection commissioner Helen Dixon’s office for not acting fast enough.

Source: EU Data Privacy Watchdogs Urged to Sort Out ‘Public Squabbles’ – Bloomberg

TikTok privacy policy update surprises users with more personalized ads

Starting April 15, the TikTok’s personalized ads policy is changing — as are users’ options to opt out of them, it seems.

Currently, you can opt out of receiving personalized ads on TikTok. Those ads are based on your “interests,” as inferred by the things you watch and look up on the app itself. According to a notice TikTok users are starting to see on their feeds, however, it appears that this personalization will soon be mandatory.

Source: TikTok privacy policy update surprises users with more personalized ads – Vox

UK Government and ICO Agree on Procedure for Future Adequacy Decisions

On March 19, 2021, the Secretary of State for Digital, Culture, Media & Sport signed a Memorandum of Understandingwith the UK Information Commissioner’s Office (ICO) with respect to new UK adequacy assessments following the UK’s departure from the European Union.

The Memorandum of Understanding sets out how DCMS and third countries will negotiate adequacy decisions, referred to under the MoU as “adequacy regulations”. These permit the free transfer of personal data collected in the UK to the relevant “adequate” jurisdiction.

Source: UK Government and ICO Agree on Procedure for Future Adequacy Decisions

French Data Privacy Watchdog Opens Probe Into Clubhouse

France’s data privacy watchdog said Wednesday that it had opened an investigation into Clubhouse, the US audio chat app that has become a social media hit.

The inquiry will seek to determine if European data protection rules apply to the app’s parent company, Alpha Exploration, the CNIL said in a statement, adding that it could take punitive measures if Clubhouse does not respect the legislation.

The CNIL said it was unclear how Clubhouse, which appears to have “no corporate entity within the European Union”, was using members’ personal information, and how secure the data was.

Source: French Data Privacy Watchdog Opens Probe Into Clubhouse

1 2 3 101
>