Personal data is the hot potato. If you do’t need it, don”t collect it, don’t keep it. Data minimisation will save you many troubles.
FIRST EVER DECISION OF A FRENCH COURT APPLYING GDPR TO FACIAL RECOGNITION. Facial recognition technology deemed disproportionate measure in schools.
The ICO has fined a PPI claims management company £120,000 for sending unlawful spam texts about its services.
Much confusion around the concept of Legitimate Interest justifying Personal Data Processing. Worth going back to the roots.
In what is today the biggest fine under the GDPR, the French Data Protection Authority CNIL investigated Google Android transparency in Data procession. The investigation was consecutive to two class actions filed on the 25th of May 2018. One by the Austrian NGO Non Of Your Business (NOYB), another by the French La Quadrature du Net (LQDN). This decision worth a close look.
The CNIL investigated mobile applications using embedded software development kit (SDK) and ad biding gathering personal data even when the application is not in use. The data collection is activated by default, which is contrary to the principal of privacy by design.