The use of the metaverse can be very intrusive as the set of data processed in this environment increases exponentially. Any virtual environment is by design fully data-enabled and allows for a broader spectrum of information related to human activities to be processed. In particular, it may involve new categories of data with greater granularity and precision. For … Read more
The Hellenic data protection authority has fined the controversial facial recognition firm Clearview AI with €20 million and banned it from collecting and processing the personal data of people living in Greece. Also already collected data should be deleted. The business model of Clearview AI is scraping selfies off the internet to build an algorithmic … Read more
While GDPR related fines to big companies like Amazon or Google have seen widespread media attention, data protection authorities have issued several hundred more penalties since 2018. This study analyzes 856 fines and their summaries provided by the CMS Law GDPR Enforcement Tracker. The exploratation fines in the light of data flows with a detailed … Read more
Google is using deceptive design, unclear language and misleading choices when consumers sign up to a Google account to encourage more extensive and invasive data processing. Instead of giving them privacy by design and by default as required by the General Data Protection Regulation (GDPR)Contrary to its claims, the tech giant is thwarting consumers who … Read more
A website using Google Analytics (GA) without the safeguards set out in the EU GDPR violates data protection law because it transfers users’ data to the USA, which is a country without an adequate level of data protection. The set of data collected in this connection included the user device IP address along with information … Read more
Google Analytics’ use is not legal without a new deal that would replace the disgraced EU-US data processing agreement, French data watchdog CNIL recently clarified on its website, which also dashed hopes that the tool could be reconfigured to allow data transfers to the US. EURACTIV France reports. The use of Google’s web analytics tool does … Read more
The DPC Ireland has published the following materials:– Data protection – what’s it all about?– My data protection rights– Top tips for keeping your data safe online
The Spanish Data Protection Agency (AEPD) has imposed a penalty of ten million euros on Google for transferring data to third parties without a legal base to do so and for hindering citizens’ right to erasure. According to the Agency, these contravene Articles 6 and 17 of the European General Data Protection Regulation (GDPR).AEPD said … Read more
Google’s artificial intelligence DeepMind received the data in 2015 from the Royal Free NHS Trust for the purpose of testing a smartphone app called Streams. The smartphone app was tested to detect acute kidney injuries. The claim alleges that Google and DeepMind “obtained and used a substantial number of confidential medical records without patients’ knowledge … Read more
Organizations often ask how much chance they have on data protection fines and how much financial reserve they should make for that. Unit 27 June EDPB guidelines on calculating GDPR fines are released for public consultation. Interesting is to have a look at the example for mitigating and aggravating factors that could influence the height … Read more