What the Great Personal Data Leak of 2021 tells us about Facebook, the GDPR, and privacy

What the Great Personal Data Leak of 2021 tells us about Facebook, the GDPR, and privacy

The fact that personal details of dozens of EU officials are among the latest leak may help to concentrate minds at the DPC.

How Deeper Network Leverages Decentralization for Better Privacy

How Deeper Network Leverages Decentralization for Better Privacy

The Deeper Connect acts as a decentralized private network (DPN), allowing you to circumvent censorship, participate in bandwidth sharing, and mine on a blockchain, all while protecting you against cyberattacks.

Swiss Privacy Laws in 2021: The Best in the World?

Swiss Privacy Laws in 2021: The Best in the World?

These include Article 13 of the Swiss Constitution and a Swiss law called the DPA, as well as European legislation, such as the GDPR.While we’re reluctant to make such sweeping statements, Swiss companies in general are more secure than their U.S.-based counterparts, thanks to Switzerland’s strict laws governing the processing of personal data.

China releases draft of major new privacy law: why it matters to everyone online

China releases draft of major new privacy law: why it matters to everyone online

A blog post on New America explains: China’s draft PIPL represents a third way between the sectoral U.S. approach, which applies different rules for specific industries or classes of consumers, and the European Union’s comprehensive General Data Protection Regulation (GDPR) framework, which enshrines fundamental rights across contexts.

Intention to issue € 10 million fine to Grindr LLC

Intention to issue € 10 million fine to Grindr LLC

- Our preliminary conclusion is that Grindr has shared user data to a number of third parties without legal basis, said Bjørn Erik Thon, Director-General of the Norwegian Data Protection Authority.

Is the GDPR finally going to get some teeth?

Is the GDPR finally going to get some teeth?

The Irish DPC finds itself in this position because of the way that the GDPR works: when there are privacy problems, the cases are brought by the data protection authority of the EU nation in which the company concerned is based.

California Privacy Rights Act: A Move Closer to GDPR? Part I

California Privacy Rights Act: A Move Closer to GDPR? Part I

The CPRA makes several significant changes to the CCPA: It introduces the concept of “sensitive personal data”; It introduces new obligations on businesses, and GDPR-style “principles”; It introduces new rights for consumers; and It creates a new supervisory authority for data protection and privacy in California — the California Privacy Protection Agency.

Vienna Superior Court: Facebook can "bypass" GDPR consent, but must give access to data

Vienna Superior Court: Facebook can "bypass" GDPR consent, but must give access to data

This was clearly intended to circumvent the stricter data protection requirements demanded by EU lawmakers: Facebook users now have fewer rights under the GDPR than they did before under the old data protection law because, according to the Vienna Higher Regional Court, they have entered into a contract to receive personalized advertising.

Canada unveils its new privacy legislation – with even bigger fines than the GDPR

Canada unveils its new privacy legislation – with even bigger fines than the GDPR

Even though the current text is likely to change in various ways, it is clear that Canada’s proposed privacy law will be one of the most important, alongside the GDPR, and a useful further example of how to draft legislation offering strong privacy protection in the digital world.

ICO fines Marriott International Inc £18.4million for failing to keep customers’ personal data secure

ICO fines Marriott International Inc £18.4million for failing to keep customers’ personal data secure

The ICO’s investigation found that there were failures by Marriott to put appropriate technical or organisational measures in place to protect the personal data being processed on its systems, as required by the General Data Protection Regulation (GDPR).

GDPR watchdog’s investigation finds that tracking and consent pop-ups used by Google and other major websites and apps are unlawful.

GDPR watchdog’s investigation finds that tracking and consent pop-ups used by Google and other major websites and apps are unlawful.

The Belgian Data Protection Authority (APD-GBA) has found serious GDPR infringements in the system Google and others use to legitimise online tracking.

H&M Fined €35.2 Mn for Violating Employees’ Privacy

H&M Fined €35.2 Mn for Violating Employees’ Privacy

& Co KG (H&M) was fined €35.2 (US$41.1 million) by the Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) for violating the General Data Protection Regulation (GDPR).The amount of the fine imposed is therefore adequate and effective to deter companies from violating the privacy of their employees.

Dominic Cummings' data law shake-up a danger to trade, says EU

Dominic Cummings' data law shake-up a danger to trade, says EU

“While the UK applies EU data protection rules during the transition period, certain aspects of its system may change in the future or be implemented in a manner that differs from the approach of the EU such as rules on international transfers,” an EU official said.

When the GDPR goes wrong…

When the GDPR goes wrong…

The merit behind the Bradford Trigger has nothing to do with personal data; each variable of the formula is a piece of information, which a company shall record, inter alia as required under the labour laws.

Italian Email Provider Email.it Breached; Data for Sale on Dark Web

Italian Email Provider Email.it Breached; Data for Sale on Dark Web

Not only has pretty much every piece of information they’ve ever entered into the platform been exposed to hackers, but this may have been going on since January 2018.Hackers offering data for sale on the dark web claim to not only have access to the full contents of all of these accounts, but also that the service has been storing user passwords in plaintext for over two years now.

Privacy News Online | Weekly Review: August 28, 2020

Privacy News Online | Weekly Review: August 28, 2020

UK class action style claim filed over Marriott data breach.A new class action lawsuit has been filed in the United Kingdom against Marriott for failing to protect personal data.Privacy News Online is brought to you by Private Internet Access, the world’s most trusted VPN service.

Oracle and Salesforce to Face GDPR Lawsuit

Oracle and Salesforce to Face GDPR Lawsuit

A consumer privacy campaign group has filed a lawsuit against American companies Salesforce and Oracle over an alleged breach of the EU's General Data Protection Regulation laws.

Barclays Faces Employee Spying Probe

Barclays Faces Employee Spying Probe

The UK's Information Commissioners Office, which enforces privacy laws - including the EU's General Data Protection Regulation - has confirmed the Barclays probe to Information Security Media Group."We have an ongoing investigation relating to Barclays' alleged use of employee monitoring tools," an ICO spokeswoman tells ISMG.

Key questions raised about algorithmic transparency by new GDPR case brought against Uber by its drivers

Key questions raised about algorithmic transparency by new GDPR case brought against Uber by its drivers

But assuming the court rules that algorithmic management must follow the GDPR, with specific privacy safeguards, then many other companies in the EU that use or are considering using office surveillance systems may find that they can do so only in circumscribed ways.

Top EU court sinks main framework for sending personal data across the Atlantic

Top EU court sinks main framework for sending personal data across the Atlantic

It mostly affects the Internet giants like Facebook, which now seem to have no legal means of transferring EU personal data to the US – neither under Privacy Shield, nor using SCCs. Since the CJEU decision cannot be appealed, that leaves two main ways forward.

California's Consumer Privacy Act of 2018 is still ramping up but already there's a 2.0 version in the works

California's Consumer Privacy Act of 2018 is still ramping up but already there's a 2.0 version in the works

For example, consumers who simply want to know what information the company has about them: If you don't have a program to respond to specific requests for information, you're going to be challenged by the new breed of regulations.

The Secret Fight For Your Personal Information

The Secret Fight For Your Personal Information

Two more bases include when processing is of “vital interest” to you (i.e. you were in an accident and your doctor needs to share your info) and when there is a “public interest” (which generally covers the collection of data by government agencies for research purposes).The last legal basis is “legitimate interest.” Legitimate interest is a legal basis one company would use with another company to request your private information.

I’ll Never Go Back to Life Before GDPR

I’ll Never Go Back to Life Before GDPR

Most of the time when I hit one of these notification pages, I open each section and choose “Reject all.” You can, if you prefer, go through an excruciatingly long list of all the companies that want to interact with you and your data when you view the site, and reject or accept them one by one.

Top EU data protection agency under pressure to act against Internet giants as GDPR turns 2 years old

Top EU data protection agency under pressure to act against Internet giants as GDPR turns 2 years old

With its public statement, the Irish DPC is trying to signal that it is working hard on these big cases, but Schrems doesn’t think it is making enough progress.

Grandmother ordered to delete Facebook photos under GDPR

Grandmother ordered to delete Facebook photos under GDPR

The judge ruled the matter was within the scope of the EU's General Data Protection Regulation (GDPR).One expert said the ruling reflected the "position that the European Court has taken over many years".The case went to court after the woman refused to delete photographs of her grandchildren which she had posted on social media.

Noyb files complaint against Google under GDPR, saying Android Advertising ID can be tracked

Noyb files complaint against Google under GDPR, saying Android Advertising ID can be tracked

A privacy advocacy group called Noyb – European Center for Digital Rights has filed a legal complaint with the Austrian Data Protection Agency against Google under Europe’s GDPR law .

Is the GDPR failing? If it is, how can it be saved?

Is the GDPR failing? If it is, how can it be saved?

Ryan’s report also recommends that national data protection agencies should “pursue adversarial enforcement, and to defend their decisions against expensive legal appeals by Big Tech.” That basically means we need to see some big, high-profile fines to prove that the GDPR is a serious law, with serious consequences for those who break it.

Twitter Removes Privacy Option, and Shows Why We Need Strong Privacy Laws

Twitter Removes Privacy Option, and Shows Why We Need Strong Privacy Laws

Twitter has changed what happens when users opt out of the “Allow additional information sharing with business partners” setting in the “Personalization and Data” part of its site.

Brave accuses Google of using 'hopelessly vague' privacy policies that breach GDPR

Brave accuses Google of using 'hopelessly vague' privacy policies that breach GDPR

Google has been accused of breaching one of the General Data Protection Regulation's (GDPR) principles surrounding consent that requires companies to provide a specific purpose for collecting and processing user personal data.

Formal GDPR complaint against Google’s internal data free-for-all

Formal GDPR complaint against Google’s internal data free-for-all

But Brave’s new evidence reveals that Google reuses our personal data between its businesses and products in bewildering ways that infringe the purpose limitation principle.The result is an internal data free-for-all that infringes the GDPR’s purpose limitation principle.