The fact that personal details of dozens of EU officials are among the latest leak may help to concentrate minds at the DPC.
A blog post titled “The Facts on News Reports About Facebook Data,” published Tuesday evening, is designed to silence the growing criticism the company is facing for failing to protect the phone numbers and other personal information of 533 million users after a database containing that information was shared for free in low level hacking forums over the weekend, as first reported by Business Insider.
This is similar to a case that Privacy News Online wrote about last year, where the CJEU ruled that pre-ticked boxes for cookies are not valid for consent .
It follows a complaint from a US data scientist, who last year said that Instagram allowed underage users to publicly display their phone numbers and email addresses by switching to "business" accounts.
CNIL points out that its conclusions apply not only to Microsoft hosting the Health Data Hub, but also to all the other kinds of French health data held on systems run by US companies.
Today, we at the ICCL [Irish Council for Civil Liberties] submitted evidence to the DPC that show the consequence of failure to enforce the GDPR to stop the vast RTB data breach at the heart of the online advertising industry.
In a court filing in Dublin, Facebook said that a decision by Ireland’s Data Protection Commission (DPC) would force the company to pull up stakes and leave the 410 million people who use Facebook and photo-sharing service Instagram in the lurch.
In a letter [PDF] sent to data protection authorities in Europe, Thomas Le Bonniec expresses his frustration that, despite exposing in April 2019 that Apple has hired hundreds of people to analyze recordings that its users were unaware had been made, nothing appears to have changed.
In November 2019, BEUC sent another letter to the DPC, noting: “One year after these complaints were filed, it has yet not been decided whether Google infringed the GDPR.” As Monique Goyens, Director General of BEUC, said: Considering the scale of the problem, which affects millions of European consumers, this investigation should be a priority for the Irish data protection authority.
Potential customers of the Israeli company NSO's hacking software have allegedly been told that the technology can now "surreptitiously scrape all of an individual's data from the servers of Apple, Google, Facebook, Amazon and Microsoft".
The probe is examining whether Apple has complied with the relevant provisions of the EU’s new General Data Protection Regulation (GDPR) privacy law in relation to an access request from a customer.
Like Apple, Twitter is also under three different investigations with one each for Google, Microsoft-owned LinkedIn and US digital advertising company Quantcast.
This means companies such as Pokémon — which has sold more than 300m video games worldwide, mostly aimed at children — must make “reasonable efforts” to verify that consent is given by someone with.
The probe was the result of a number of submissions against the company, the Irish Data Protection Commissioner (DPC) said, including from privacy-focused web browser Brave, which complained last year that Google and other digital advertising firms were playing fast and loose with people’s data.
The statutory inquiry into Google’s adtech that’s being opened by the Irish Data Protection Commission (DPC), cites section 110 of Ireland’s Data Protection Act 2018, which means that the watchdog suspects infringement — and will now investigate its suspicions.
Facebook’s plan to merge WhatsApp, Instagram and Facebook Messenger could raise significant data protection concerns, according to the Irish commission that regulates the social network in the EU.
First, the DPC found that LinkedIn in the US had obtained emails for 18 million people who were not already members of the social network, and then used these in a hashed form for targeted advertisements on the Facebook platform, “with the absence of instruction from the data controller” — that is, LinkedIn Ireland — “as is required.”
Ireland’s Data Protection Commission issued a report last week (via TechCrunch) that covered its activities during the first six months of 2018, in which it highlighted a complaint against LinkedIn. It found that the company used millions of e-mail addresses of non-LinkedIn users to target ads on Facebook.