Data brokers need to reconsider the definition of sensitive data due to recent enforcement actions by the FTC.
The FTC considers browsing and location data as sensitive even without traditional identifiable information, focusing on what can be inferred from it. [ more ]
Will OpenAI and other LLM developers be able to weather the winds of privacy regulation?
AI developers face legal challenges over privacy violations, like OpenAI's ChatGPT complaint under GDPR for inaccuracies about a public figure's birthdate. [ more ]
ChatGPT's 'hallucination' issue hit with privacy complaint
OpenAI ChatGPT AI chatbot disseminated inaccurate information, leading to an EU privacy complaint by NOYB against OpenAI's data processing practices. [ more ]
EU privacy watchdogs urged to oppose Meta's no-ads subscription service
A group of 28 organizations is urging European privacy enforcers to oppose Meta's no-ads subscription service, as it requires users to pay for privacy and could set a precedent for other companies to follow.
The group argues that allowing a 'pay or okay' model would undermine the GDPR and weaken data protection standards across industries. [ more ]
Facebook not allowed to use public data for targeted ads; opinion says
EU data protection rules restrict unlimited use of personal data; publicly shared information may not be utilized for targeted ads without time limit. [ more ]
The proposed American Privacy Rights Act (APRA) is akin to a federal GDPR in the U.S., aiming to revolutionize data collection, user control, and security measures. [ more ]
As AI accelerates, Europe's flagship privacy principles are under attack, warns EDPS | TechCrunch
Industry lobbyists are attacking key principles of the GDPR like minimization and purpose limitation.
The upcoming elections in the EU could result in a shift in the approach towards data protection laws, potentially impacting the high standard of data protection in the bloc. [ more ]
EFDPO - European Federation of Data Protection Officers
Worldcoin says it's filing legal challenge to Spain's temporary ban | TechCrunch
A German subsidiary of Worldcoin is challenging a suspension order from Spain's data protection authority under the GDPR.
The AEPD instructed Worldcoin to stop scanning people's eyeballs and processing collected data due to concerns about lack of information, data collection from minors, and withdrawal of consent. [ more ]
Rights groups file GDPR suits on Meta's pay-or-consent model
Consumer groups in the EU are using data protection law to challenge Meta's 'fake choice' between paying or consenting to data collection.
Noyb and BEUC are leading the legal complaints against Meta for violating EU data protection regulations by not allowing users to freely give consent for data processing. [ more ]
EU Digital Services Act now applies to all but the smallest businesses | MarTech
The European Union's Digital Services Act, which aims to prevent the spread of illegal goods, services, and content online, will now apply to almost all online platforms operating within the EU.
The Act includes provisions such as mechanisms to flag illegal content, transparency for moderation decisions, opt-out of personalized content, and measures to protect children and electoral integrity. [ more ]
Germany's BMI approves Federal Data Protection Act draft
Germany's Federal Ministry of the Interior has approved a draft amendment of the Federal Data Protection Act.
The amendment includes a credit scoring regulation that prevents companies from discriminating against consumers based on certain personal information. [ more ]
Under Article 17 of the UK GDPR, individuals have the right to request the erasure of their personal data, also known as the 'right to be forgotten'.
There has been a significant increase in requests to delete personal data from the internet due to the exponential growth of data generation and the collection of personal data by companies without individuals' knowledge. [ more ]
Celebrating Data Privacy Day with 'optimism,' 'conviction'
The demand for privacy professionals and privacy-focused companies is growing due to the rise of artificial intelligence and data-driven industries.
The number of LinkedIn members with privacy-related job titles has increased in the last five years, with privacy engineers and chief privacy officers seeing significant growth. [ more ]
Amazon fined in France for excessive' surveillance of workers
Amazon has been fined 32 million euros in France for excessive surveillance of its warehouse workers.
The CNIL found that Amazon's monitoring system, which measured interruptions in activity, led workers to have to justify each break or interruption, violating their privacy and rights. [ more ]
The European Data Protection Board has published a guide to EU General Data Protection Regulation (GDPR) one-stop-shop cases.
The guide covers enforcement actions under Articles 32, 33, and 34 of the GDPR, providing insights into how DPAs have interpreted and applied GDPR provisions in various scenarios. [ more ]
The European Commission has reviewed 11 data protection adequacy agreements and found that each partner continues to meet the standards of the EU General Data Protection Regulation.
The reviews focused on developments in the countries' data protection frameworks, government access to data, and national security purposes. [ more ]
Fairity launches first GDPR tool on the Fortnox marketplace
Pinteg has launched its GDPR tool, Fairity, on the Fortnox marketplace as a complementary integration for businesses seeking a comprehensive solution for their GDPR work.
Fairity is an innovative GDPR tool that helps businesses comply with GDPR by introducing a new model for data protection work. [ more ]
CNIL opens draft consultation on transfer impact assessments
France's data protection authority, the CNIL, has published a draft guide for conducting transfer impact assessments (TIAs) for data transfers outside the EEA.
The guide recommends that data controllers understand the laws in the receiving country, identify any supplemental measures, and reevaluate the level of data protection needed. [ more ]
Belgium has taken over the Presidency of the Council of the European Union with a focus on protecting, strengthening, and preparing for challenges like the ongoing war at Europe's borders, climate emergency, and mistreatment of the rule of law in member states.
2024 will see the implementation of many finalized laws from the previous year, leading to a more complex data privacy and governance environment for organizations. [ more ]
Meta ignored GDPR for years, allege Spanish publishers
A group of Spanish media outlets have sued Meta for â¬550 million ($596 million) for violating EU privacy regulations.
The lawsuit accuses Meta of disregarding the EU General Data Protection Regulation (GDPR) and contributing to its dominant advertising position across the EU. [ more ]
AI Update: Industry Moves On Data Provenance, Microsoft Joins OpenAI Board, Client AI Disclosures
A coalition of companies including American Express, Humana, IBM, Pfizer, UPS, and Walmart have launched the Data & Trust Alliance to develop standards for describing the origin, history, and legal rights to data.
Microsoft has been added as a non-voting observer to OpenAI's board, indicating its importance as an investor and a move to stabilize the organization's operations and leadership.
The disclosure of a law firm's use of AI in its workflow to clients has mixed opinions, with some legal professionals wary of disclosing specific tools used while others argue for transparency in adapting to AI technology.
Compliance of large language models with the EU's GDPR and the 'right to be forgotten' remains unclear, leaving AI companies waiting for regulatory action.
AI paired with human attorney knowledge presents unprecedented opportunities for small law firms, according to Thomson Reuters. [ more ]
How consent management platforms support data privacy compliance | MarTech
Consent management platforms (CMPs) are crucial for businesses striving to comply with GDPR and other privacy regulations.
CMPs balance effective marketing strategies with data privacy compliance.
CMPs allow businesses to uphold user preferences while staying compliant and create tailored marketing strategies based on ethically sourced data. [ more ]
Meta faces GDPR complaint over processing personal data without 'free consent' | Computer Weekly
Meta is facing a complaint for breaching European data protection law over its ad-tracking practices.
Privacy group Noyb is calling for an investigation into Meta's data processing and a fine to deter other companies from following a similar approach. [ more ]
Commissioner Didier Reynders' Opening Remarks at the Brussels Privacy Symposium 2023
The Brussels Privacy Symposium is an annual event that brings together policymakers, researchers, civil society, and industry representatives to discuss privacy research and scholarship.
This year's symposium focused on the EU Data Strategy Architecture and the role of the GDPR in shaping Europe's digital future. [ more ]
UK watchdog bites back after Clearview AI fine blocked
The UK's Information Commissioner's Office (ICO) is appealing against a tribunal's decision that it isn't authorized to fine Clearview AI for alleged privacy violations.
Clearview AI was fined £7.5 million ($9.3 million) by the ICO for unlawfully collecting UK citizens' biometric data.
The ICO believes that the law was misinterpreted and that Clearview AI should not be shielded from the scope of UK GDPR. [ more ]
Helen Dixon to step down as Irish Data Protection Commissioner
Helen Dixon, the Irish Data Protection Commissioner, will step down in February 2024 after 10 years on the job.
During her tenure, Dixon's office has imposed billions in fines on Big Tech firms, making her the most powerful tech privacy regulator in the world.
Her departure has sparked some controversy among European privacy campaigners who feel that Ireland has been slow in enforcing GDPR privacy rules on major tech companies. [ more ]