Privacy Transformation - Issue 117
PRIVACY
Apple's Plan to "Think Different" About Encryption Opens a Backdoor to Your Private Life
Apple has announced impending changes to its operating systems that include new “protections for children” features in iCloud and iMessage. If you’ve spent any time following the Crypto Wars, you know what this means: Apple is planning to build a backdoor into its data storage system and its messaging system.
RELATED:
Apple reveals new efforts to fight child abuse imagery
WhatsApp head criticises Apple’s plan to scan photos for child abuse: ‘Setback for people’s privacy’
Considering the new Standard Contractual Clauses under the GDPR
The European Commission issued two new sets of Standard Contractual Clauses: one for processing personal information between data controllers and data processors who are subject to the GDPR, and one for the transfer of personal information outside of the European Union.
[See Resources Section for new SCC resources]
ICO consults on how organisations can continue to protect people’s personal data when it’s transferred outside of the UK
The Information Commissioner’s Office has launched a public consultation on its draft international data transfer agreement (IDTA) and guidance.
SECURITY & TECH
Google restricts ad targeting of under-18s
Google announced it is blocking targeted advertising for anyone under 18 years old. The technology company is also turning off its "location history" for young users and is introducing a policy for users to request the removal of children's images from Google Image search results.
Opinion: Considering EU's draft AI regulation
Hogan Lovells has submitted its response to the European Commission’s public consultation on its proposed AI Regulation. Their view is that the Draft Regulation is an ambitious and comprehensive framework.
Hundreds of AI tools have been built to catch Covid. None of them helped.
Some have been used in hospitals, despite not being properly tested. But Covid could help make AI better.
UK NCSC: Weekly Threat Report
The NCSC's weekly threat report is drawn from recent open source reporting.
ENFORCEMENT
Amazon's Massive GDPR Fine Shows the Law's Power
It's the first significant GDPR ruling against Big Tech. But secrecy around the decision exposes the regulation’s flaws.
NOYB files 422 formal GDPR complaints on “Cookie Banners”
NOYB has filed over 422 regarding "cookie banners" with ten European Data Protection Authorities.
More on the latest GDPR enforcement news can be found on:
GUIDANCE & OPINIONS
EDPS: Return to the Workplace and EUIs’ screening of COVID immunity or infection status
Read the EDPS Guidance on Return to the Workplace and EUIs’ screening of COVID immunity or infection status.
RESOURCES
SCC Toolkit: EU Standard Contractual Clauses - Scenario Documents
The IAPP’s Research Team has created four separate Word documents, one for each SCC transfer scenario accommodated by the new SCCs, incorporating only the modules relevant to that scenario into each document.
Data Protection Impact Assessment: Google Workspace
In May the Dutch Data Protection Authority instructed schools to stop using Google Workspace unless several identified issues were addressed. These issues (i.e. privacy risks to children) were identified in a DPIA conducted at the behest of the Dutch government. An updated DPIA from indicates how Google plans to address these issues.
EDPB Report: DPA resourcing, enforcement actions
Following a request from the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs, the European Data Protection Board published an overview of 2021 funding for EU data protection authorities by member states and enforcement actions carried out by DPAs.
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.