According to the French DPA (CNIL), interrupting the connection between the user’s terminal and the analytics tool server is required in order to comply with GDPR lawson data transfer when using Google Analytics and other analytics tools. This was noted in the opinion issued on July 20, 2022. Read about this in detail on our blog here →
The Access to Electronic Data for the Purpose of Countering Serious Crime Agreement (the “Data Access Agreement”), which was signed on October 3, 2022, was the subject of a joint statement from the United States government and the United Kingdom. Access the statement here →
2) Notable Case Law
Following a risk assessment of personal data processing by primary schools in a municipality in North Eastern Denmark, Denmark’s DPA (DSK) bans the use of Google’s Products in public sector organizations as of August 3, 2022. We’ve covered this story on our blog →
The European Commission was sued on the grounds that it transferred people’s personal information from one of its websites to the United States in violation of the applicable EU data protection laws. The EU institutions are subject to similar regulations rather than the GDPR. Reported here, on our blog →
For violating the rules of lawfulness and transparency, the Hellenic DPA fined Clearview AI Inc. twenty million euros (20,000,000). The Authority determined that the corporation, which offers face recognition services, had infringed Articles 12, 14, and 15 of the GDPR and the principles of lawfulness and transparency. The Authority’s decision can be found here → (in Greek)
The DPAs of Berlin, Lower Saxony, Rhineland-Palatinate, Saxony-Anhalt, and Bavaria perform coordinated audits of data processing agreements for web hosting services. Read here → (in German)
3) New and Upcoming Legislation
Last Wednesday, the House Energy and Commerce Committee voted 53-2 in support of reporting the modified American Data Privacy and Protection Act. Access here →
The Digital Markets Act (DMA), which sets forth new guidelines for a just and competitive digital economy through digital markets laws, received final approval from the EU Council on July 18, 2022. What to know more? Click here →
4) Strong Impact Tech
Microsoft unveiled the “Microsoft Cloud for Sovereignty” at its Inspire conference on Tuesday, 19th July. This new service is aimed at public sector customers who need to ensure that their users’ data is handled and stored in a specific location, particularly in Europe. Reported here →
According to reports, Alibaba cloud officials have been invited by Chinese authorities to discuss the police database data breach that became public at the beginning of July. Read about it here →
Other key information from the past weeks
According to two government announcements, the U.K. government revealed a pair of post-Brexit data reform measures aimed at promoting responsible data usage and economic innovation on Monday.
On July 12, 2022, the European Data Protection Board and the European Data Protection Supervisor (EDPS) released a joint opinion on the recently announced project, the European Health Data Space (EHDS).
According to research done by the nonprofit organization Fairplay, not all operating marketplaces for TikTok, WhatsApp, and Instagram provide children with the same privacy and safety safeguards.