In this issue, an alternative to the pay or okay consent model, the right for compensation for non-material damage, FISA reauthorisation and GDPR enforcement procedural rules updates, AI development and personal data… Stay tuned! Sign up to receive our fortnightly digest via email. Non-material damage under the GDPR In one of its recent decisions the […]
Tag: GDPR Compliance
Data protection digest 18 Mar – 02 Apr 2024: AI and DP standardisation, patient medical data, human factor in data security
The need for AI and data protection standardisation, best practices on customer and employee data protection, rules on restricted cross-border data transfers, tips for DPOs, CISOs, IT specialists, and much more in our latest digest. Stay tuned! Sign up to receive our fortnightly digest via email. AI and data protection standardisation The French CNIL elaborates […]
Improving GDPR compliance with the EDPB Website Auditing Tool
The EDPB Website Auditing Tool, or EDPB WAT, was recently released to help monitor websites’ compliance with the GDPR. It is a free software project that is meant to help analyze websites. The EDPB Website Analysis tool uses Chromium as a webdriver to access a URL. It then will assess which external resources and cookies […]
Data protection digest 3-17 Mar 2024: Personal data gaps in information systems, TC string, mass data collectors
Information systems, their security, and personal data gaps are the focus of our latest digest. Also requiring your attention are invalid consent in cookie walls, the ‘pay or okay’ subscription model, Open AI “Sora” data practices, and the crackdown on mass data collectors Stay tuned! Sign up to receive our fortnightly digest via email. Personal […]
UK Restricted Transfers: Standard data protection clauses by the ICO
As organisations continue to navigate the complexities of data protection laws, staying abreast of key deadlines is paramount. One such deadline relates to organisations involved in restricted transfers of personal data under UK data protection law. The ICO set a critical deadline for organisations that transfer personal data outside the UK. This article explains what you […]
Data protection digest 3-16 Feb 2024: Sneakily changing terms of service and privacy policy won’t help your business
In this issue, you will find that America’s FTC is warning against retroactively changing terms of service or privacy policy. Palantir running the NHS’s new data platform in the UK, and envisaged changes to the EU GDPR enforcement framework and new dispute resolution mechanisms are also in focus. Sign up to receive our fortnightly digest […]
Why should software developers care about GDPR compliance?
Software developers often view ensuring GDPR compliance as blocker . As they are left trying to figure out what personal data is and how to maintain compliance. In a recent study by Alhazmi and Arachchilage, software developers cite multiple reasons that make approaching GDPR compliance tricky. Some reasons listed include a lack of clear best […]
Data protection digest 3 – 17 Jan 2024: digital services transparency and risk assessment in the focus of regulators
Our latest data protection bulletin focuses on digital services transparency and safety from decentralised clinical trials and health apps to electronic payments and audience measurements. Data transfer impact assessments and the performance of DPOs also feature in this issue. Sign up to receive our fortnightly digest via email. Legal processes Digital Services Act: Online services […]
Data protection digest 16 Nov – 1 Dec 2023: APIs methodology, customer data minimisation, and digital mobility observatory
In this issue, you will find data protection solutions for complex data-sharing projects for both public and private actors, such as the latest APIs methodology, as well as a variety of official guidance on how to comply with GDPR requirements when it comes to innovation, research, digitisation and digital business development. Official guidance APIs methodology: […]
Data protection digest 18 – 31 Oct 2023: “Pay or Okay” – Will Meta new subscription model survive the GDPR test?
In this issue, we look at Meta’s new ads-free subscription model as the corporation runs out of available legal grounds for tracking and profiling people in the EU for targeted advertising, while being banned from using contract law and legitimate interest as justification. Meta subscription model vs GDPR Meta platform’s latest announcement of ads-free paid […]