NHS data breach: trusts shared patient details with Facebook without consent

An investigation by The Observer reveals that 20 NHS trusts in the UK have been sharing private details of patients’ medical conditions, appointments, and treatments with Facebook without consent. A covert tracking tool called Meta Pixel was found on the websites of these NHS trusts, collecting browsing information and sharing it with Facebook, in violation … Read more

EPDB: How to comply a public body with a cloud to the GDPR?

Public bodies should take into account the possible sensitive nature and large amounts of data processed by publicbodies. But how to guarantee the fundamental right to the protection of personal data? The EDPB therefore underlines the need for public bodies to act in full compliance with the GDPR when using cloud-based products or services. In … Read more

Data Subject Access Request with identity of recipient

C-154/21.Österreichische PostEvery person has the right to know to whom his or her personal data have been disclosed. A citizen requested Österreichische Post, the principal operator of postal and logistical services in Austria, to disclose to him the identity of the recipients to whom it had disclosed his personal data. The post gave petitioner only … Read more

€390M GDPR fine for Meta with data-fueled business model without legal basis

Meta was fined with €390M (210 million and €180 million fines for Facebook and Instagram) and accused the company of lacking proper legal grounds to process millions of Europeans’ with its data-fueled advertising model. Meta trongly disagree with the DPC’s final decision, and believes to fully comply with GDPR by relying on Contractual Necessity for … Read more

US direct access to Europeans’ biometric data for visa-free travel?

The US government demands direct access to databases of European police services containing biometric data of European citizens. The US makes this entry mandatory for countries participating in the so-called Visa Waiver Program, which allows citizens of certain countries to travel to the United States without a visa. At the beginning of this year, US … Read more

Google sued over its use of confidential medical records belonging to 1.6 million individuals in the UK

Google’s artificial intelligence DeepMind received the data in 2015 from the Royal Free NHS Trust for the purpose of testing a smartphone app called Streams. The smartphone app was tested to detect acute kidney injuries. The claim alleges that Google and DeepMind “obtained and used a substantial number of confidential medical records without patients’ knowledge … Read more

Did you sign a contract with Facebook for your data being purchased for 8.6 Eurocents?

The Irish Data Protection Commission (DPC) has sent a “draft decision” to the other European Data Protection Authorities on Facebook’s legal trick to bypass the GDPR. noyb has published the relevant documents today https://lnkd.in/eQBMMg7C. In the DPC’s view Facebook can simply choose to include the agreement on data processing in a “contract”, which would make the … Read more

European Digital Identity is coming…

The European Commission has a plan which enables citizens to identify themselves and share electronic documents from a special wallet app for smartphones. Major platforms will be required to accept the new European digital identity. The European Commission states that the use of identity by citizens will be voluntary. “The new European digital identity wallets … Read more

WhatsApp delays enforcing new privacy terms, but…

WhatsApp with two billion users around the world. was set to enforce its new data-sharing policy with Facebook on May 15 . Now WhatsApp people will remind and eventually become persistent so that at some point users will “encounter limited functionality on WhatsApp until you accept the updates”, according to WhatsApp. “You won’t be able … Read more