Privacy Transformation - Issue 109
PRIVACY
ECJ rules privacy complaints against tech giants can bypass Irish data protection commissioner
The European Court of Justice (ECJ) has ruled that privacy complaints against US tech giants do not only have to be taken to the Irish data protection commissioner but instead can be handled by any of the national data protection authorities across the EU.
RELATED:
EU decision on Facebook oversight a blow to Irish Data Protection Commissioner
Ireland's data protection agency undercut by EU ruling on Big Tech
State data watchdog loses sole oversight of Facebook in Europe
New Garda powers to allow access to mobile phones, changes to ‘stop and search’
A person who refuses to surrender a password for a mobile phone or other device to gardaí will be committing a crime and could face up to five years in prison and a fine of up to €30,000 under new legislation being unveiled on Monday.
Estate agent seeks proof of how much buyers can afford before viewings
Savills denies it is in breach of data privacy laws by seeking ‘full proof of funds’ before letting buyers view properties
RELATED: Data Protection Commission investigating Savills’ ‘proof of funds’ demand for home viewing
Opinion: Initial comments on the EU Commission’s final GDPR adequacy decision on the UK
Yesterday, I was sent the EU Commission final draft adequacy decisions on the UK (one on GDPR adequacy and one on Law Enforcement Directive adequacy). This post contains my first thoughts on the GDPR
Analysis: International data transfers under scrutiny by German DPAs
At the beginning of the year, the German data protection authorities announced that they would take joint action to enforce the decision of the European Court of Justice in the “Schrems II" case. On June 1, 2021, several German DPAs published statements that they have now launched a multi-state audit
European Commission launches the process towards adoption of the adequacy decision for the Republic of Korea
The Commission has launched the process towards adoption of the adequacy decision for the transfer of personal data to the Republic of Korea. It will cover transfers of personal data to the Republic of Korea's commercial operators as well as public authorities.
SECURITY & TECH
As ad tech firms test ways to connect Google’s FLoC to other data, privacy watchers see fears coming true
Google’s automated cookieless ad targeting method — or Federated Learning of Cohorts — is supposed to protect privacy by providing people with a greater degree of anonymity than the third-party cookie offered. Instead, it may make it quicker and easier for advertising companies to identify and access information about people online.
NOYB: New browser signal could make cookie banners obsolete
NOYB publishes a proposal for an automatic browser signal to eliminate obsolete cookie banners. "ADPC" demonstrates a user-friendly European solution for privacy choices.
High Court hears major Irish firm paid out over ransomware attack
The court was told that since the case was last in court, the hackers had closed the portal, the ransom was paid, and the data returned.
'Privacy Protecting' Car Location Data Seemingly Shows Where People Live, Work, and Go
Otonomo says its vehicle location data is privacy-protecting. The data itself says otherwise.
DuckDuckGo’s Quest to Prove Online Privacy Is Possible
The company best known for its search engine is launching a new set of tools aimed at creating an “easy button” for protecting your data online.
NCSC chief: Ransomware is more of a threat to Britain than hostile nations' spies
Forget foreign spies. The head of Britain's National Cyber Security Center (NCSC) has warned it is ransomware that's the key threat for most people.
Avaddon ransomware gang shuts down and releases decryption keys
Avaddon is the latest hacking group to have suspend operations, following in the footsteps of DarkSide and Maze.
UK NCSC: Weekly Threat Report
The NCSC's weekly threat report is drawn from recent open source reporting.
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.