The ICO has fined a PPI claims management company £120,000 for sending unlawful spam texts about its services.
In the land of Facebook things are getting tough. UPDATE : There is an abundance of Facebook headlines in the…
In Germany, nationwide, fines have been issued in 41 cases because of GDPR violations. Especially small companies are apparently unprepared for the new rules.
Much confusion around the concept of Legitimate Interest justifying Personal Data Processing. Worth going back to the roots.
Data Security and Privacy interview of Tara Taubman-Bassirian by the Privacy Professor, Rebecca Herold, Tuesday at 2 PM PacificJanuary 22nd…
In what is today the biggest fine under the GDPR, the French Data Protection Authority CNIL investigated Google Android transparency in Data procession. The investigation was consecutive to two class actions filed on the 25th of May 2018. One by the Austrian NGO Non Of Your Business (NOYB), another by the French La Quadrature du Net (LQDN). This decision worth a close look.
The General Data Protection Regulation, or “GDPR” – “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. – was published 4 May 2016. Enforceable after a grace period of two year, from the 28th of May 2018.
The General Data Protection Regulation (GDPR) is not against data processing when done in respect with the data subject rights. The amount of electronically available data and curation and storage tools, justify a better protection. Privacy is a Fundamental Human Right, for dignity and freedom.
The CNIL investigated mobile applications using embedded software development kit (SDK) and ad biding gathering personal data even when the application is not in use. The data collection is activated by default, which is contrary to the principal of privacy by design.
There has been and still remains interrogations and uncertainties around the scope of application of the General Data Protection Regulation.