EDPO (European Data Protection Office)

“The Czech SA found that the controller transferred personal data of the users of its antivirus software and its browser extensions to its sister company without due legal title for such processing. The transferred data related to roughly 100 million users and comprised especially pseudonymized internet browsing history of the users, tied to a unique identifier.   LSA also found that the controller misinformed its users (data subjects) about the said data transfers, as it claimed that the transferred data were anonymized and used solely for statistical trend analytics.” #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #UKGDPR #EUGDPR #GDPR #PrivacyFine #Fine #CzechDPA #DataTransfers #Privacy Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/e7gukSzc

“A third of Americans may have had their personal data swept up in a February ransomware attack on a UnitedHealth Group subsidiary that disrupted pharmacies across the US, UnitedHealth CEO Andrew Witty estimated in testimony to Congress on Wednesday.   […] In hours of hearings in the Senate and House Wednesday, Witty apologised to patients and doctors, admitted that hackers broke into the subsidiary through a poorly protected computer server and confirmed that he authorised a $22 million ransom payment to the hackers.” #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #UKGDPR #EUGDPR #GDPR #DataBreach #DataLeak #HealthData #SensitiveData #Privacy Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/gbamQAJj

“China’s hotel industry is backing off from facial recognition 'overuse' as the country’s authorities put more emphasis on protecting biometric data privacy. Hilton, Marriott and H World are some of the hotel chains in Shanghai that have already discontinued the practice of scanning their guests’ face biometrics during check-in. China has been making a legislative pushback against commercial use of the technology and hotels and leisure have been among the first industries in line. The pause in using facial recognition technology for hotel guest verification comes after the country’s top tourism official called the hospitality industry to prioritize the privacy of travellers. In March, president of the China Tourism Academy Dai Bin said that the sector’s use of the technology has overshot legal boundaries for purposeful use, citing complaints from tourists.” #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #UKGDPR #EUGDPR #GDPR #China #BiometricData #Privacy #FacialRecognition Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/erVC8Bsx

“In the EU, the GDPR requires that information about individuals is accurate and that they have full access to the information stored, as well as information about the source.  Surprisingly, however, OpenAI openly admits that it is unable to correct incorrect information on ChatGPT. Furthermore, the company cannot say where the data comes from or what data ChatGPT stores about individual people.   The company is well aware of this problem, but doesn’t seem to care. Instead, OpenAI simply argues that ‘factual accuracy in large language models remains an area of active research’. Therefore, noyb today filed a complaint against OpenAI with the Austrian DPA.   […] Since 1995, EU law requires that personal data must be accurate. Currently, this is enshrined in Article 5 GDPR. Individuals also have a right to rectification under Article 16 GDPR if data is inaccurate, and can request that false information is deleted. In addition, under the 'right to access' in Article 15, companies must be able to show which data they hold on individuals and what the sources are." #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #UKGDPR #EUGDPR #GDPR #ChatGPT #OpenAI #Noyb #Privacy #DataRectification #Complaint #PrivacyComplaint #PrivacyRight Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/eZqvQWmk

“So far, Meta uses all the data it has ever collected for advertising. For example, Facebook user data can go back as far as 2004. To prevent such practices, the GDPR established the principle of 'data minimisation' in Article 5(1)(c) GDPR.   So far, Meta has simply ignored this and has not foreseen any deletion periods. The application of the 'data minimisation principle' radically restricts the use of personal data for advertising - even if users have consented to ads.   […] In the context of the highly personal information that Meta collected about Mr Schrems (via advertising partners), a discussion arose as to whether the subsequent public criticism of such practices would lead to a 'waiver' of Mr Schrems' right to privacy in respect of the initially unlawful processing. “ #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #GDPR #UKGDPR #EUGDPR #noyb #schrems #meta #dataminimisation   Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/dkM6Mpn8

"The European Data Protection Board published guidance on redress processes for EU claims under the EU-U.S. Data Privacy Framework. The guidance documents include Q&A information, a template form for complaints to the U.S. Office of the Director of National Intelligence's Civil Liberties Protection Officer and a template form for commercial-related complaints to EU data protection authorities." The documents can be found here: https://lnkd.in/d7kEamzg #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #GDPR #UKGDPR #EUGDPR #edpb #data #datatransfers #usa #dpa #redress   Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/dBwUqXDz

“Dating apps are not following great privacy practices and are collecting more data than ever in order to woo Gen Z users, a new study by Mozilla pointed out. Researchers reviewed dating apps in terms of privacy in 2021. In the latest report, they noted that dating apps have become more data-hungry and intrusive.   […] ‘If dating apps think people are going to keep handing over their most intimate data - basically, everything but their mother’s maiden name - without finding love, they're underestimating their users. Their predatory privacy practices are a dealbreaker,’ Zoë MacDonald, researcher and one of the authors of the report, said in a statement.” #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #GDPR #UKGDPR #EUGDPR #datingapps #privacy #mozilla #data   Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/d7E-pAbK

"The EDPB has launched its 2023 Annual Report. The report provides an overview of the work carried out by the EDPB in the previous year and reflects on important milestones, such as the election of Anu Talus as EDPB Chair; the adoption of two binding decisions and one urgent binding decision providing important common interpretations of data protection law and key legal principles that will shape the digital landscape; and the launch of the EDPB’s first outreach project for a general audience: the EDPB Data Protection Guide for small business. In addition, it includes examples of enforcement by data protection authorities (DPAs) at national level."   The Report can be found here: https://lnkd.in/dDmFj8yp #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #GDPR #UKGDPR #EUGDPR #edpb #annualreport   Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/d3ZyNNas

"The Dutch government is warning it could stop using Facebook Pages before the summer over data protection concerns on how the platform targets its users.   Dutch state secretary for digital affairs Alexandra van Huffelen told POLITICO she was in talks with Meta to change how it operates its Facebook Pages product, upon advise of the country's data protection authority.   'I want as soon as possible, the latest before the summer recess, clarity from Meta how they will meet our concerns,' Van Huffelen said in a statement to POLITICO. 'Otherwise we will be forced to quit our activities on Facebook pages.'" #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #GDPR #UKGDPR #EUGDPR #meta #facebook #dutch #government   Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde   *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/ekCMWdzP

“A financially motivated criminal hacking group says it has stolen a confidential database containing millions of records that companies use for screening potential customers for links to sanctions and financial crime. World-Check is a screening database used for 'know your customer' checks (or KYC), allowing companies to determine if prospective customers are high risk or potential criminals, such as people with links to money laundering or who are under government sanctions. The portion of stolen data seen by TechCrunch contains records on thousands of people, including current and former government officials, diplomats, and private companies whose leaders are considered 'politically exposed people,' who are at a higher risk of involvement in corruption or bribery.” #GDPRandNonEUcompanies #EDPObrussels #EUrepresentative #DataProtection #UKrepresentative #EDPOuk #UKGDPR #EUGDPR #GDPR #Hack #Data #Screening #PersonalData #Privacy #KYC #KnowYourCustomer #StolenData Subscribe to EDPO's newsletter here: https://lnkd.in/dwK8sde *This article was not written by EDPO. The opinions and views of the author(s) do not necessarily represent those of EDPO. https://lnkd.in/gSGdU8V6