Privacy Transformation - Issue 80
PRIVACY
State to wait on Dwyer case outcome before fixing data retention law
The Department of Justice says it will wait until a key European decision on the case of convicted murderer Graham Dwyer is made before fixing Ireland’s data retention law.
European Commission proposes measures to boost data sharing and support European data spaces
To better exploit the potential of ever-growing data in a trustworthy European framework, the Commission proposes new rules on data governance. The Regulation will facilitate data sharing across the EU and between sectors to create wealth for society, increase control and trust of both citizens and companies regarding their data, and offer an alternative European model to data handling practice of major tech platforms.
SECURITY & TECH
Microsoft productivity score feature criticised as workplace surveillance
Microsoft has been criticised for enabling “workplace surveillance” after privacy campaigners warned that the company’s “productivity score” feature allows managers to use Microsoft 365 to track their employees’ activity at an individual level.
China is pushing for a global Covid QR code
Chinese President Xi Jinping has pushed for a global Covid-19 tracking system using QR codes, to help fast-track international travel and business during the coronavirus pandemic.
Digital marketing firms file UK competition complaint against Google’s Privacy Sandbox
Google’s push to phase out third party tracking cookies — aka its ‘Privacy Sandbox’ initiative — is facing a competition challenge in Europe. A coalition of digital marketing companies announced today that it’s filed a complaint with the UK’s Competition and Markets Authority (CMA), calling for the regulator to block implementation of the Sandbox.
Microsoft launches measures in response to EDPB's data transfer recommendations
Microsoft launched measures in response to the European Data Protection Board's recommendations on supplementary measures for global data transfers.
Apple Defends Delay of Privacy Feature, Slams Facebook
Apple Inc. on Thursday slammed Facebook Inc. and other internet giants for their ad-targeting practices in response to a letter questioning a decision by the iPhone maker to delay a new privacy feature.
ENFORCEMENT
Norwegian DPA imposes administrative fine to Østfold HF Hospital
The Norwegian Data Protection Authority has decided on an administrative fee of NOK 750,000 to Østfold HF Hospital. The hospital stored report extracts from patient records outside the safe zone. The case started with a notice of personal data breach from the hospital.
CNIL fine of more than 3 million euros for non-compliance with data protection
Seizure of several complaints and after carrying out checks between May and July 2019, “the National Commission for Information Technology and Freedom noted shortcomings concerning the processing of customer and potential user data”. Non compliance with cookie processing was also a factor in the action taken.
More on the latest GDPR enforcement news can be found on:
RESOURCES
New report: To track or not to track? Towards privacy-friendly and sustainable online advertising
Our new report: To Track or Not to Track? Towards Privacy-friendly and Sustainable Online Advertising shows that it’s actually possible to reform the ad tech industry without bankrupting online publishers. But in order to make that happen, EU policymakers must create a regulatory push by enforcing the GDPR and adopting new rules which would incentivise the uptake of alternatives.
Report: Economic impacts of the UK failing to secure an EU Data Adequacy Decision
Report by the New Economics Foundation and UCL European Institute examijning the impacts of the UK failing to secure an Adequacy Decision after the transition period ends, including recommendations.
IAPP: DPA and government guidance on ‘Schrems II’
This IAPP Resource Center page collects together DPA and government guidance on 'Schrems II' as it comes out.