fbpx

Download free GDPR compliance checklist!

Category Archives for "Other"

ICO Publishes Final Version of Its Age Appropriate Design Code

On January 21, 2020, the UK Information Commissioner’s Office (ICO) published the final version of its Age Appropriate Design Code, which sets out the standards that online services need to meet in order to protect children’s privacy.

The code lists 15 standards that organizations must meet, including requirements to (1) take into consideration the best interests of children, (2) refrain from using children’s personal data in ways that are detrimental to their wellbeing, and (3) ensure that settings are “high privacy” by default.

Source: ICO Publishes Final Version of Its Age Appropriate Design Code

The Future of UK Data Protection

As with anything Brexit-related, the UK government is facing a dilemma in relation to data protection law.

Shall we follow the direction of travel of the past 25 years and opt for the continuity and certainty provided by the GDPR or shall we use the departure from the EU to make radical changes to the regulation of data uses and privacy?

Read full article: The Future of UK Data Protection

Italy fines gas company EUR 11.5 million for unsolicited telemarketing

The Italian Supervisory Authority imposed two fines on Eni Gas and Luce (Egl), totalling EUR 11,5 million, concerning respectively illicit processing of personal data in the context of promotional activities and the activation of unsolicited contracts.

The first fine of EUR 8,5 million relates to unlawful processing in connection with telemarketing and teleselling activities – advertising calls made without the consent of the contacted person or despite that person’s refusal to receive promotional calls, or without triggering the specific procedures for verifying the public opt-out register; the absence of technical and organisational measures to take account of the indications provided by users; longer than permitted data retention periods; and the acquisition of the data on prospective customers from entities (list providers) that had not obtained any consent for the disclosure of such data.

The second fine of EUR 3 million concerns breaches due to the conclusion of unsolicited contracts for the supply of electricity and gas under ‘free market’ conditions – many individuals learned about the conclusion of a new contract only on receiving the letter of termination of the contract with the previous supplier or else the first Egl bills.

Source: THE ITALIAN SUPERVISORY AUTHORITY FINES ENI GAS E LUCE EUR 11.5 MILLION – On account of unsolicited telemarketing and contracts

Facebook is ordered to hand over data about thousands of apps that may have violated user privacy

A Massachusetts judge rejected the tech giant’s earlier attempt to withhold the evidence from state officials investigating its privacy practices.

Massachusetts revealed it was probing Facebook over its data-collection practices in September, an investigation that stemmed from the company’s entanglement with Cambridge Analytica.

Source: Massachusetts court orders Facebook to hand over data on apps that may have violated users’ privacy – The Washington Post

Cookie consent tools are being used to undermine EU privacy rules

Most cookie consent pop-ups served to internet users in the European Union — ostensibly seeking permission to track people’s web activity — are likely to be flouting regional privacy laws, a new study by researchers at MIT, UCL and Aarhus University suggests.

“The results of our empirical survey of CMPs [consent management platforms] today illustrates the extent to which illegal practices prevail, with vendors of CMPs turning a blind eye to — or worse, incentivising — clearly illegal configurations of their systems,” the researchers argue, adding that: “Enforcement in this area is sorely lacking.”

Full article: Cookie consent tools are being used to undermine EU privacy rules, study suggests | TechCrunch

Fresh Cambridge Analytica leak ‘shows global manipulation is out of control’

Company’s work in 68 countries laid bare with release of more than 100,000 documents.

The documents reveal a much clearer idea of what actually happened in the 2016 US presidential election, which has a huge bearing on what will happen in 2020. Documents also contain material that suggests the Cambridge Analytica was working for a political party in Ukraine in 2017 even while under investigation and describe how the firm helped develop a “sophisticated infrastructure of shell companies that were designed to funnel dark money into politics”.

Source: Fresh Cambridge Analytica leak ‘shows global manipulation is out of control’ | UK news | The Guardian

Data privacy predictions for 2020: Six industry experts have their say

The issue of data privacy has risen dramatically over the past few years, from a fringe concept to a major regulatory concern, particularly with the creation of GDPR. But what predictions do experts have for data privacy in 2020?

Read predictions experts across technology made for 2020, from new regulations to emerging business practices shaping data privacy: Data privacy predictions for 2020: Six industry experts have their say

First Ever UK GDPR Penalty is €325k for London Pharmacy

The first ever General Data Protection Regulation (GDPR) penalty in the United Kingdom has been sanctioned against a London-based pharmacy by the Information Commissioner’s Office (ICO).

ICO has fined Doorstep Dispensaree €325,000 (UK£275,000) by the Information Commissioner’s Office (ICO) in relation to its ‘cavalier attitude to data protection’. This decision was taken after it was discovered that that Burnt Oak Broadway, Edgware based pharmacy placed 500,000 medical documents that included sensitive information in unsecured and unlocked containers, disposal bags and in a cardboard box.

Source: First Ever UK GDPR Penalty is €325k for London Pharmacy – Compliance Junction

Twitter and Microsoft show data privacy is moving from sticking point to selling point

A couple of tech heavyweights are making data privacy part of their branding, hoping to stay ahead of regulations.

Twitter thinks a strong position on data privacy could be advantageous. Distrust of social media platforms has never been so widespread, and in the current environment, it’s not crazy to decide that winning on trust can make a real long-term difference to user numbers and bottom line. Microsoft is another heavyweight positioning itself to benefit from a commitment to user data privacy.

Full article: Twitter and Microsoft show data privacy is moving from sticking point to selling point | VentureBeat

European tech regulator despairs over lack of enforcement

The world’s toughest privacy law proves toothless in the eyes of many critics.

More than 18 months after the European Union began implementing the world’s toughest privacy law, the bloc’s ability to rein in Big Tech is increasingly in doubt amid growing frustration over a lack of enforcement actions and weak cooperation on investigations.

side from a €50 million fine that France’s privacy regulator imposed on Google in January, there have been no fines or remedies levied at a U.S. giant since the GDPR came into effect. And the two nations most directly responsible for policing the tech sector — Ireland and Luxembourg, where the largest tech firms have their European headquarters — have yet to wrap up a single investigation of any magnitude concerning a U.S. firm.

Full article: ‘We have a huge problem’: European tech regulator despairs over lack of enforcement – POLITICO

>