TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress: gatekeeper obligations, US adequacy decision, Google litigation, UK data protection reform, Quebec privacy laws Gatekeeper in the EU: The European Commission has designated, for the first time, six gatekeepers – Alphabet, Amazon, Apple, ByteDance, Meta, and Microsoft – under the […]
Tag: consumer data protection
Data protection digest 31 July – 14 August 2023: privacy laws development, AI evaluations at school, and security of connected devices
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress China privacy laws updates: The Chinese Cyberspace Administration has issued administrative measures for personal data compliance audits for public input. In the case of high-risk processing operations or security incidents, the department in charge of personal data protection, (under the […]
Data protection digest 17- 30 July 2023: guide on website analytics, health care data sharing, and COPPA 2.0
TechGDPR’s review of international data-related stories from press and analytical reports. Official guidance Website analytics: There are many website analytics and tracking tools on the market notes the Norwegian data protection regulator, but that doesn’t necessarily mean it’s legal to use them on your website. Be prepared to follow the GDPR, even if you do […]
Data protection digest 2 – 16 June 2023: rules on electronic evidence, explainable AI, and wildcat telemarketing
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress Electronic evidence: The European Parliament voted to adopt new rules on the exchange of electronic evidence by law enforcement authorities to make cross-border investigations more effective. It will allow national authorities to request evidence directly from service providers in other […]
Data protection & privacy digest 3 – 16 May 2023: data processing roles and obligations elaborated by EU top court
TechGDPR’s review of international data-related stories from press and analytical reports. Legal redress Pseudonymised (non-personal) data processing: In the instance of SRB v. EDPS, the European General Court ruled that pseudonymised data communicated by one party with another would not be regarded as personal data in the recipient’s hands if that party lacks a legal […]
Data protection & privacy digest 4 – 17 March 2023: position of DPOs, user behavior analysis, creditworthiness and profiling
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress DPOs enforcement action: The EDPB launches coordinated enforcement action on the designation and position of data protection officers. DPOs across the EU will be sent questionnaires, with the possibility of further formal investigations and follow-ups. According to the Portuguese data […]
Data protection & privacy digest 18 Feb – 3 Mar 2023: practical application of the EU-US Data Privacy Framework remains a concern
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: EU-US data privacy framework, China’s outbound data rules, international transfer risk assessment, Australian small business to adopt data protection The EDPB sees improvements under the EU-US Data Privacy Framework, but many more concerns remain. The improvements include the introduction of requirements embodying […]
Data protection & privacy digest 16 Dec – 2 Jan 2023: US signals intelligence redress mechanism, “dormant” privacy risk assessment, data brokerage
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress: US signals intelligence redress mechanism, Google search results removal, California consumer privacy rights, Australia Privacy Act review The US Office of the Director of National Intelligence, (ODNI), published a directive for implementing the signals intelligence redress mechanism created under the […]
Data protection & privacy digest 1 – 15 December 2022: draft US adequacy decision, Microsoft ‘data boundary’ for the EU, Age-appropriate design code
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: draft US adequacy decision, EDPB’s binding decisions, draft AI Act The EU issued a draft adequacy decision for the United States, saying US safeguards against America’s intelligence activities were strong enough to address EU concerns on data transfers. Previously, personal data could […]
Data protection & privacy digest 9 – 30 November 2022: Microsoft 365 non-compliance, Meta “data scraping” fine, Amazon Prime class action
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: Microsoft Office 365 cloud services, privacy complaints, lead supervisory authority, NIS2 Directive, Australia data breach penalties The German Data Protection Conference negatively assessed the data processing agreements for Microsoft 365 cloud services, regarding the requirements of Art. 28 of the GDPR. The […]