The UK Data Protection Authority (ICO) on 20th December has published on its website all information on data breach investigations from the fourth quarter of 2021. The data contains details on personal data breaches, complaints and civil investigations. Read here →
The European Commission, the Council of the European Union and the European Parliament signed the “Declaration on EU digital rights and principles”. The declaration includes six chapters focusing on the fundamental values and rights of the EU and aims to provide clear guidelines for policymakers and companies dealing with new technologies and data protection. Read about the declaration on our blog →
2) Notable Case Law
The US Federal Trade Commission has just launched an investigation into Twitter. In particular, the FTC suspects that the company’s new management may not be complying with the agreement of last May 2022 in which the company undertook to improve its privacy practices. Specifically, Twitter had agreed to pay $150 million and settle data privacy and security issues due to the use of users’ phone numbers for advertising purposes, although the data had been acquired for security reasons. Reported here →
3) New and Upcoming Legislation
In light of the US Omnibus Spending Bill of 2022, The Departments of Homeland Security and Transportation Security banned the installation of the TikTok app on federal smartphones for fear that user data could be shared with the Chinese government. This was decided, although the TikTok company has already stated that user data are protected and are not shared with the local government. Read here →
4) Strong Impact Tech
U.S. Senator Jon Ossoff, a Democrat from Georgia, wrote to the FBI to inquire about its use of face recognition technology. The letter, which was co-signed by other U.S. Representatives pressed the agency on the reliability of the facial recognition software it uses to make sure that its use adheres to the privacy legislation requirements. Read here →
Meta recently banned at least seven businesses from Facebook for engaging in “surveillance-for-hire activities”. The Head of Security Policy at Meta said governments all over the world must create legislation to make it illegal for businesses to produce commercial surveillance software. Meta made 13 recommendations for regulating surveillance-for-hire. Read the full story on our blog →
Other key information from the past weeks
The UK Data Protection Authority published the UK government’s assessment of the Republic of Korea’s adequacy in processing personal data
The French authority imposed a 60 million euro fine on Microsoft Ireland Operations Limited for failing to put in place a mechanism to reject cookies as easily as accepting them.
On 15 December, the Spanish Data Protection Authority issued a decision in response to one of the complaints filed by NOYB concerning the use of Google Analytics.