In this issue you will find, that China is tightening controls on Generative AI, India is finalising its comprehensive privacy laws, while California is reviewing data privacy practices by connected vehicle manufacturers and related technologies. Legal processes and redress China privacy laws updates: The Chinese Cyberspace Administration has issued administrative measures for personal data compliance […]
Tag: International transfers
Data protection digest 3 – 16 July 2023: can the new EU-US data privacy framework respect the GDPR to the letter?
TechGDPR’s review of international data-related stories from press and analytical reports. EU-US Data Privacy Framework Effective Immediately: On 10 July, the European Commission’s decision on the adequacy of the level of data protection in the US within the new data privacy framework entered into force. If an American-based business is on the approved list, you […]
Data protection digest 17 May – 1 June 2023: amassing data for machine learning is ‘no excuse for breaking the law’
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes ‘Machine learning is no excuse to break the law’: The US Federal Trade Commission alleged that Amazon, (Alexa voice assistant), kept kids’ data indefinitely to further refine its voice recognition algorithm. If approved by the federal court, on top of a multimillion […]
Using ChatGPT with personal data? Think again!
Recently we see more and more posts popping up on LinkedIn and elsewhere on how to optimize sales pipelines and other business processes using ChatGPT or some of its siblings. While the proposition is very tempting, there are huge problems for privacy and the protection of personal data, in particular as required under the GDPR. […]
Data protection & privacy digest 4 – 17 March 2023: position of DPOs, user behavior analysis, creditworthiness and profiling
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress DPOs enforcement action: The EDPB launches coordinated enforcement action on the designation and position of data protection officers. DPOs across the EU will be sent questionnaires, with the possibility of further formal investigations and follow-ups. According to the Portuguese data […]
Data protection & privacy digest 19 Jan – 3 Feb 2023: threshold for cookies, spy pixels, consent evidence, data storage and deletion
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: threshold for cookies, advertising claims’ mediation, China’s outbound transfers The EDPB approved a minimum threshold for the use of cookies and subsequent processing of the data collected. No cookies that require consent can be set without positive action expressed by the user, […]
EU-US data transfers: US Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities and the impact on organizational GDPR compliance.
It is no longer news that EU-US data transfers have become increasingly challenging given the invalidation of the EU-US Privacy Shield Framework in 2020. Since then, companies have had to rely on standard contractual clauses and in other cases, data subjects have had to give consent for such transfers to happen knowing the risk of […]
Weekly digest 25 July – 1 August 2022: UK publishes new data protection draft bill and updates BCRs
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: UK new data protection draft bill, Irish DPC expansion, rules to prevent child abuse online A new UK Data Protection and Digital Information Bill was published on a parliamentary website. This document is intended to update and simplify the UK’s data protection […]
Weekly digest 18 – 24 July 2022: personal data breaches, web hosting, targeted ads, smart video devices, geolocation & privacy
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: personal data breaches, EU Commission’s data transfers, non-implementation of the GDPR by a country, US-UK Data Access Agreement, targeted ads In Poland, an administrative court upheld the decision of the personal data protection office UODO on the fine imposed on Bank Millennium. […]
Weekly digest 11 – 17 July 2022: patient rights, land registers, user-generated health data, targeted ads & privacy
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: patient rights vs data access rights The Belgian data protection authority has clarified the right of access and right to rectification regarding medical records under the GDPR and the patient rights legislation. The subject of the complaint was a medical report drawn […]