The European Parliament’s Committee on Civil Liberties, Justice and Home Affairs has recommended states that the executive order is too vague, and leaves US courts — who would be the sole interpreters of the proposed EU-US Data Privacy Framework — wiggle room to approve the bulk collection of data for signals intelligence, and doesn’t apply … Read more
The ChatGPT tool is based on a web crawler which collects for every bit of connected data, by which it will turn up and propogate proprietary information. But at the same time developers love to cut & paste production jsons/xmls into public-free-pretty formatters/validators or unintentionally share that with their AI Assistant. And office employees type … Read more
The EDPS – European Data Protection Supervisor states in an opinion that in order to act as a controller, the entity / involved party must determine the purposes & essential means of the processing. “Essential means” are closely linked to the purpose and the scope of the processing.On the other hand, “non-essential means” concern more … Read more
The Italian privacy regulator has ordered a popular AI chatbot to cease processing data on domestic citizens after breaking GDPR rules. The ‘virtual friend’ app tries to improve users’ emotional well-being and help users understand their thoughts and calm anxiety through stress management, socialization and the search for love,” but doesn’t seem to comply with … Read more
Public bodies should take into account the possible sensitive nature and large amounts of data processed by publicbodies. But how to guarantee the fundamental right to the protection of personal data? The EDPB therefore underlines the need for public bodies to act in full compliance with the GDPR when using cloud-based products or services. In … Read more
C-154/21.Österreichische PostEvery person has the right to know to whom his or her personal data have been disclosed. A citizen requested Österreichische Post, the principal operator of postal and logistical services in Austria, to disclose to him the identity of the recipients to whom it had disclosed his personal data. The post gave petitioner only … Read more
Meta was fined with €390M (210 million and €180 million fines for Facebook and Instagram) and accused the company of lacking proper legal grounds to process millions of Europeans’ with its data-fueled advertising model. Meta trongly disagree with the DPC’s final decision, and believes to fully comply with GDPR by relying on Contractual Necessity for … Read more
The US government demands direct access to databases of European police services containing biometric data of European citizens. The US makes this entry mandatory for countries participating in the so-called Visa Waiver Program, which allows citizens of certain countries to travel to the United States without a visa. At the beginning of this year, US … Read more
The Irish privacy regulator DPC has imposed a GDPR fine of 265 million euros, around 0.5 per leaked dataset, on Meta for a major data breach at Facebook that left the data of 533 million users on the street. Last year, Ireland’s data protection authority launched an investigation after media reported about a dataset of … Read more
German privacy regulators have ruled that the use Microsoft 365 by governments, companies and educational institutions is in violation of privacy legislation. Only by taking additional technical measures is it possible to use the software in Germany. This was the opinion of the German regulators during the Datenschutzkonferenz (DSK) that took place last week. Although … Read more