Privacy Transformation - Issue 244
Curated privacy, security & tech news, insights & resources with a focus on Irish and EU developments.
Ireland Is World's 'De Facto Data Police'
Ireland's Data Protection Commission has enforced the lion’s share of a record €1.78 billion in European GDPR fines over the last year.
EDPB identifies areas of improvement to promote the role and recognition of DPOs
During its latest plenary, the EDPB adopted a report on the findings of its second coordinated enforcement action, which focused on the designation and position of Data Protection Officers (DPOs). The report is the result of an EU-wide coordinated investigation and lists the obstacles currently faced by DPOs, along with a series of recommendations to further strengthen their role. [Read Report]
European Data Act enters into force, putting in place new rules for a fair and innovative data economy
The new rules define the rights to access and use data generated in the EU across all economic sectors and will make it easier to share data, in particular industrial data.
Microsoft CEO defends OpenAI’s ‘partnership’ amid EU, UK regulators’ scrutiny
On the sidelines of the World Economic Forum in Davos, Satya Nadella, Microsoft’s Chairman and CEO, detailed his views on Tuesday (16 January) about OpenAI’s partnership with Microsoft, governance, and AI-powered disinformation in a heavy election year.
ENFORCEMENT
ICO fines HelloFresh £140,000 for spam texts and emails
The Information Commissioner’s Office (ICO) has fined food delivery company HelloFresh £140,000 for a campaign of 79 million spam emails and 1 million spam texts over a seven-month period.
RESOURCES
One-Stop-Shop case digest on Security of Processing and Data Breach Notification
This thematic digest looks at a selection of examples of final One-Stop-Shop decisions taken from the EDPB's public register.
ICO Consultation: Generative AI first call for evidence: The lawful basis for web scraping to train generative AI models
This post is part of the ICO’s consultation series on generative AI. This call focuses on the lawful basis for scraping data from the web or processing web-scraped data to train generative AI models. We provide a summary of the analysis we have undertaken and the policy position we want to consult on.
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with your fellow privacy practitioners? Please do drop me a note!