TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: EU-US privacy framework, DMA, CCPA/CPRA, right to be forgotten The Baden-Württemberg data protection commissioner warns that Joe Biden’s executive order with regard to the EU-US privacy framework is an important step, but it creates legal ambiguity. It addresses the requirements of the […]
Tag: direct marketing
Data protection & privacy digest 27 Sept – 11 Oct 2022: New EU-US data privacy framework is now under EU legislators’ microscope
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: EU-US adequacy procedures, non-material damage in the GDPR, the DSA, Colorado draft privacy law, Andorra data protection regime On 7 October, President Biden signed an Executive Order on ‘Enhancing Safeguards for United States Signals Intelligence Activities’. Along with the Regulations issued by […]
Weekly digest 27 June – 03 July 2022: credential stuffing, misconfigured cloud storage, mobile devices at work, drones & privacy
TechGDPR’s review of international data-related stories from press and analytical reports. Official guidance: credential stuffing, patient privacy, use of drones The latest report from international data protection and privacy authorities has identified credential stuffing as a significant and growing cyber threat to personal information. A credential stuffing attack is a cyber-attack method that exploits an […]
Weekly digest March 14 – March 20, 2022: smart contracts, AI bias, password managers & privacy
TechGDPR’s review of international data-related stories from press and analytical reports. Official Guidance: smart contracts, DPO, AI risk management, GDPR cooperation The Spanish data protection authority AEPD analyzed smart contracts. Smart contracts are algorithms that are stored in a blockchain and that execute automated decisions. The very nature of the smart contract, when applied to […]
Weekly digest February 28 – March 6, 2022: more EU websites to obtain compliant cookie banner
TechGDPR’s review of international data-related stories from press and analytical reports. Legal Processes and Redress: compliant cookie banner, CEO liabilities, litigation data, virtual currencies NOYB privacy foundation launches the second wave of complaints against deceptive cookie banners after the campaign first started last spring: “Another 270 draft complaints were sent to website operators whose banners […]
Weekly digest January 31 – February 6, 2022: UK international data transfer agreement imminent
TechGDPR’s review of international data-related stories from press and analytical reports. Legal Processes: UK IDTA, EU Clinical Trials Regulation, digital Surveillance & International law The implementation of the UK (post-Brexit) international data transfer agreement, (IDTA), stepped into its final stage after being laid before Parliament. If no objections are raised, the IDTA, the Addendum to […]
Weekly digest January 24 – January 31, 2022: GDPR jurisdictional reach, US surveillance laws, DP Engineering
TechGDPR’s review of international data-related stories from press and analytical reports. Legal Processes and Redress: GDPR jurisdictional reach, CNIL’s regulatory win over Google, CJEU case laws summary A recent UK Court of Appeal decision emphasizes the broad geographic scope of both the EU GDPR and the UK GDPR, but also ongoing uncertainty regarding the jurisdictional […]
Weekly digest January 17 – January 23, 2022: EU Digital strategy, smart transport and cities, AI taxonomy, Bluetooth security
TechGDPR’s review of international data-related stories from press and analytical reports. Legal Processes: EU Digital Strategy, IoT, biometrics policing program, US surveillance ads The EU Parliament moved on the implementation of the Digital Services Act, (part of the EU Digital Strategy), that regulates platforms for a safer online space for users. MEPs gave the green […]
Weekly digest January 10 – January 16, 2022: Does the use of Google Analytics by EU entities violate the GDPR?
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: Google Analytics case in Austria, EU Parliament, French health database, the Irish DPC The Austrian Data Protection Authority, the DSB, ruled that the use of Google Analytics violates the GDPR. Presented as evidence was a case where an IP address “anonymization” function […]
Weekly digest December 6 – December 12, 2021: Whistleblowers, gig-workers, cookiebots, software flows, DPIA for AI
TechGDPR’s review of international data-related stories from press and analytical reports. Legal Processes and Redress The EU Whistleblowing Directive is due to be implemented into national law by 17 December. It requires all EU Member States to implement legislation obliging all companies with 50 or more workers to put in place appropriate reporting channels to […]