While the proposed EU privacy law changes seem almost entirely like concessions to big tech desires at first glance, the European Commission is selling them as removement of onerous restrictions on smaller businesses. Critics such as noyb are calling this a "side-show" meant to pass changes that are instead really tailored to the tech industry.
CNIL said that it is following up on "several" privacy complaints, and Spain is looking to put the ChatGPT topic on the Plenary of the European Data Protection Committee's discussion schedule.
Both countries, while accepting the EU standard contractual clauses as a compliance transfer mechanism still requires the clauses to be amended to reflect their own legal requirements. The big difference is that the Swiss requirements are very simple.
Instead of introducing an entirely new regime, the UK Government should explore the use of privacy enhancing technology to enable organisations to share and analyse personal data in a privacy-preserving manner, to create opportunities and unlock the power of data using innovative and trustworthy applications.
Privacy activism group noyb, which has made headlines for its high-profile cases against Facebook in the EU, has brought a corruption complaint against the Irish DPC over its handling of a case that dates back years.
After 12 years at the head of the Hamburg data protection commission, Johannes Caspar is stepping down. The privacy commissioner returns to academia disillusioned with the GDPR, calling it "broken" and lamenting infighting.
Children’s privacy violations is a problem that is common to big tech companies in targeted advertising: screening out minors who are entitled to enhanced data protection rights.
Max Schrems, chairperson of noyb, has directed his organization to file over 100 privacy complaints against major businesses engaging in data transfers with the US.
Those little automated data tracking mechanisms are subject to special treatment, consent, opt in and opt out requirements. Have you properly accounted for cookies for GDPR and CCPA?
Privacy advocate groups allege that UK Test and Trace rushed the process and did not conduct the necessary data protection impact assessment that the GDPR requires for collection of personal data on this sort of scale.









