Loading

Category: Data Protection

Tips for game designers from the ICO on Children’s code compliance

The ICO has published tips for game designers on how to comply with the children’s code.   In the UK, the Children’s code governs all online services that are likely to be accessed by children. This code was put in place to protect the UK’s minor population within the digital world. As games are one

European Digital Identity wallet reference framework was published by the European Commission

The European Commission recently published a document containing the architecture and reference framework for the proposed European Digital Identity wallet.   The European Commission has recently released a document to provide all the specifications needed to develop an inter-operable European Digital Identity Wallet Solution, which is based on common standards and practices. This document provides

Italian Supervisory Authority orders restrictions on AI app Replika

Garante, the Italian Supervisory Authority orders restrictions on AI app Replika, claiming that the app poses a risk to children and emotionally vulnerable individuals.   Replika is an AI-powered chatbot that can adapt to its user’s preferences and produce a faithful “copy” of their character. The Italian DPA has taken issue with how Replika utilises

EDPB publishes guidelines on personal data breach notifications

The EDPB has recently published guidelines on personal data breach notifications under the GDPR for businesses and organisations.    The European Data Protection Board (EDPB) recently released guidelines on personal data breach notifications under the GDPR. This document includes detailed requirements for businesses and organisations which handle individuals’ data in the event of a data

Creation of an artificial intelligence department at CNIL

The CNIL has created an artificial intelligence department and is launching a two-year project using artificial intelligence.  The CNIL of France has created an artificial intelligence department and is launching a two-year project using artificial intelligence. The aim of this venture is to establish a regulatory framework for using AI in Europe. While preparing for

The ICO advises SMEs to ensure good data protection practices

The UK’s ICO has issued a statement where it advises SMEs to ensure good data protection practices and provides other valuable recommendations.    The UK’s ICO has produced a guide to help businesses understand their new obligations under the GDPR and to prepare for them. In the advent of Data Protection Day, the ICO has

The Importance of the GDPR in 2022: Continuous Regulatory Enforcement

The importance of the GDPR is not going away as we witness continuous regulatory enforcement through significant fines four years after the start of its application.    Since the GDPR’s inception in 2016 and its implementation in 2018, there have been concerns about its status and applicability. The General Data Protection Regulation or GDPR is

ICO urges developers to make privacy a priority

The ICO has recently released a statement urging developers to make privacy a priority early on in the implementation of new technologies.   In a recent statement, the UK’s data protection regulator, the ICO urges developers to make privacy a priority at an early stage of the implementation of new technologies. The Commissioner believes that

CNIL fines TikTok over cookie consent violations

TikTok was recently hit with a fine of 5 million euros from CNIL of France over cookie consent violations.   Following a series of investigations on the TikTok.com website between May 2020 and June 2022, TikTok has been hit with a €5 million fine for cookie consent violations. CNIL concluded that the refusal mechanism for

Personal data buyers must be disclosed to data subjects

The European Court of Justice has ruled that personal data buyers must be disclosed to data subjects. The European Court of Justice has ruled that companies must disclose buyers of personal data. This ruling follows the ICO’s Code of Practice on Data Sharing. Under this code, an organization that has shared personal data must provide