In this issue we highlight SOCMINT as a new standardised procedure, data processing in LLMs and supported AI systems, an updated standard data protection model, third-party tracking technologies in health and care, and much more. Stay up to date! Sign up to receive our fortnightly digest via email. LLMs and personal data The Hamburg Data […]
Tag: health tech
Data protection digest 1 – 15 Nov 2023: AI application must ensure digital self-determination of data subjects
This issue highlights a couple of analyses that perhaps help to understand the essence of AI and other new technology, to which the GDPR applies, and the urgent need for digital self-determination for its users. Self-determination and AI Digital self-determination of a user: The Swiss Federal Data Protection Commissioner FDPIC stresses that the current data […]
Data protection & privacy digest 19 Mar – 2 Apr 2023: court-dismissed fine, cybersecurity tools, ChatGPT clampdown
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress Court-dismissed fine: A multimillion-euro fine imposed by the Spanish privacy regulator has been overturned by a court decision, according to a publication by Clifford Chance law firm. The AEPD fined Banco Bilbao Vizcaya Argentaria 5 million euros in 2020, the […]
Data protection & privacy digest 4 – 17 Feb 2023: synthetic data for fintech, MS Excel guide, Palantir technology ban
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress: synthetic data for fintech, draft Data Act, DPO dismissals The UK Financial Conduct Authority, (FCA), issued a statement on synthetic data for beneficial innovation in UK financial markets. It strongly indicated fraud and anti-money laundering as a key use case […]
Data protection & privacy digest 9 – 30 Nov 2022: Microsoft 365 non-compliance, Meta “data scraping” fine, Amazon Prime class action
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: Microsoft Office 365 cloud services, privacy complaints, lead supervisory authority, NIS2 Directive, Australia data breach penalties The German Data Protection Conference negatively assessed the data processing agreements for Microsoft 365 cloud services, regarding the requirements of Art. 28 of the GDPR. The […]
Data protection & privacy digest 30 Aug – 12 Sep 2022: the US hosting provider in the EU, Google Fonts claims, Children’s Code
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: US hosting provider in the EU, Google Fonts, IAB Europe, California Age-Appropriate Design Code, new Swiss privacy law In Germany, a public procurement chamber’s decision to ban hospitals’ digital discharge management to store data in Luxembourg was overturned by a higher regional […]
Weekly digest 27 June – 03 July 2022: credential stuffing, misconfigured cloud storage, mobile devices at work, drones & privacy
TechGDPR’s review of international data-related stories from press and analytical reports. Official guidance: credential stuffing, patient privacy, use of drones The latest report from international data protection and privacy authorities has identified credential stuffing as a significant and growing cyber threat to personal information. A credential stuffing attack is a cyber-attack method that exploits an […]
Weekly digest May 9 – 15, 2022: UK data protection reform, and dark patterns invalidating consent
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: UK data protection reform Last week in the Queen’s Speech it was announced that the UK’s data protection regime will be reformed through the introduction of the Data Reform Bill, dataprotectionlawhub.com reports. The Bill’s purpose is to “create a trusted UK data […]
Weekly digest May 2 – 8, 2022: DPO dismissals, shareholders, athletes privacy, passwordless future & more
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress: DPO dismissals, Connecticut privacy draft law, EU Health Data Space Ius Laboris blogpost explains when data protection officers have special protection from dismissal. Art. 38(3) of the GDPR expressly states that they shall not be dismissed or penalised by the […]
Weekly digest April 18 – 24, 2022: business and human rights in the activities of tech companies
TechGDPR’s review of international data-related stories from press and analytical reports. Official guidance: business and human rights in the activities of tech companies, relaxed covid measures, regulators’ annual analytics Privacy International, (PI), submitted its input to the forthcoming report by the UN High Commissioner for Human Rights, on the practical application of the UN Guiding […]