Child safety online was the subject of a sometimes heated US Congressional hearing, forcing CEOs of the biggest American social media giants to apologise to parents of victims. While legislators are struggling to find a legal solution to the crisis, police are finding evidence of children as young as seven being at risk of harm. […]
Tag: consent
Under the GDPR, consent is a cornerstone principle for processing personal data lawfully. It must be freely given, specific, informed, and unambiguous, with a clear affirmative action indicating the data subject’s agreement to the processing of their personal information. This means that organizations cannot rely on pre-checked boxes or vague language; instead, they must provide clear, easily understandable information on what data is being collected, how it will be used, and allow users the ability to withdraw consent at any time. The GDPR places additional emphasis on transparency, requiring that organizations keep records of consent to demonstrate compliance. This ensures that users retain control over their personal data, aligning with the GDPR’s broader goal of protecting individual privacy rights.
Explore the concept of consent in data privacy, including its role in GDPR compliance, requirements for valid consent, and best practices for obtaining, managing, and recording user consent to ensure legal and ethical handling of personal data. Learn more about GDPR compliance and how TechGDPR can help you on your journey.
Under the GDPR, consent is a cornerstone principle for processing personal data lawfully. It must be freely given, specific, informed, and unambiguous, with a clear affirmative action indicating the data subject’s agreement to the processing of their personal information. This means that organizations cannot rely on pre-checked boxes or vague language; instead, they must provide clear, easily understandable information on what data is being collected, how it will be used, and allow users the ability to withdraw consent at any time. The GDPR places additional emphasis on transparency, requiring that organizations keep records of consent to demonstrate compliance. This ensures that users retain control over their personal data, aligning with the GDPR’s broader goal of protecting individual privacy rights.
Explore the concept of consent in data privacy, including its role in GDPR compliance, requirements for valid consent, and best practices for obtaining, managing, and recording user consent to ensure legal and ethical handling of personal data. Learn more about GDPR compliance and how TechGDPR can help you on your journey.
Data protection digest 1 – 14 September 2023: gatekeeper obligations, synthetic datasets, automotive cybersecurity
In this issue, you will find EU gatekeeper obligations, guides on ‘sharenting’, online exams, synthetic data, and the right to object, the Meta ban in Norway, the automotive industry, ads-free Facebook and Instagram, and the Privacy Sandbox availability. Legal processes and redress: gatekeeper obligations, US adequacy decision, Google litigation, UK data protection reform, Quebec privacy […]
Data protection digest 15 – 31 August 2023: financial data processing, misconducted learning platforms, and algorithmic disgorgement
This issue highlights details on financial data processing, the EU Digital Services Act took effect for large online operators, and the US FTC successfully launched “algorithmic disgorgement” via its enforcement. Legal processes Financial data: The EDPS discussed recommendations to encourage data sharing to extend the range of available financial services and products, while also giving […]
Data protection digest 3 – 16 July 2023: can the new EU-US data privacy framework respect the GDPR to the letter?
TechGDPR’s review of international data-related stories from press and analytical reports. EU-US Data Privacy Framework Effective Immediately: On 10 July, the European Commission’s decision on the adequacy of the level of data protection in the US within the new data privacy framework entered into force. If an American-based business is on the approved list, you […]
Data protection digest 17 May – 1 June 2023: amassing data for machine learning is ‘no excuse for breaking the law’
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes ‘Machine learning is no excuse to break the law’: The US Federal Trade Commission alleged that Amazon, (Alexa voice assistant), kept kids’ data indefinitely to further refine its voice recognition algorithm. If approved by the federal court, on top of a multimillion […]
Understanding GDPR Compliance in Recruitment
In the process of recruitment and scouting for new potential hires for a vacancy in an organization, the collection and processing of personal data of those candidates is inevitably involved. Therefore, it is important to understand GDPR compliance. In most cases, the company that posts its vacancy and embarks on the recruitment process will be […]
Data protection & privacy digest 19 Jan – 3 Feb 2023: threshold for cookies, spy pixels, consent evidence, data storage and deletion
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: threshold for cookies, advertising claims’ mediation, China’s outbound transfers The EDPB approved a minimum threshold for the use of cookies and subsequent processing of the data collected. No cookies that require consent can be set without positive action expressed by the user, […]
Data protection & privacy digest 3 – 17 Jan 2023: personalised ads dilemma: contract as a legal basis, in-apps tracking via technical identifiers
TechGDPR’s review of international data-related stories from press and analytical reports. Ad Tech: Meta personalised ads, technical identifier system in App Store, IAB Europe’s consent mechanism Meta has a few months to reassess the valid legal basis for how Facebook and Instagram use personal data to target advertising in the EU after the media giant […]
Consent Management Platforms’ misleading cookie banner designs: how to recognize and avoid dark patterns
It does not take much convincing for someone to accept freshly baked cookies, when offered to them. However, on the internet, organizations and website owners have had to work harder to balance compliance and optimize cookie consent rates, which ultimately serves to benefit them and their revenue. This is especially true after the GDPR came […]
Data protection & privacy digest 16 – 29 Aug 2022: data subject complaints, inappropriate reliance on consent & Smart TV reset
TechGDPR’s review of international data-related stories from press and analytical reports. Official guidance: data subject complaints, new business, identity cards, traffic licenses, TCF/OpenRTB, education platforms, insolvency claims, data sent by mistake, dpos The UK Information Commissioner’s Office offers a brief guide on how to deal with data subject complaints, (your staff, contractors, customers), when you […]