Loading

Category: GDPR

GDPR

Tech giants push for lighter AI regulations in Europe

Tech giants push for lighter AI regulations in Europe amid concerns over fines and transparency.   In a pivotal final effort, the world’s largest technology companies are urging the European Union (EU) to take a more lenient stance on regulating artificial intelligence (AI). Firms like Amazon, Google, and Meta are currently facing the looming possibility

Communication after a data breach: Lessons from the Dutch DPA

The Dutch DPA has emphasised the importance of communication after a data breach, after a 2023 study revealed that many organisations failed to inform victims in a timely manner.   In an age where personal data is often at risk due to cyberattacks and other breaches, individuals affected by data breaches can often feel left

The use of AI chatbots may lead to data breaches

The Dutch DPA urges businesses to be vigilant as the use of AI chatbots by employees may lead to data breaches.    Recently, the Dutch Data Protection Authority (AP) received multiple allegations of data breaches resulting from employees sharing the personal information of patients or consumers with an artificial intelligence (AI) chatbot. Companies that provide

Enforcement notices issued to two public organisations

The UK ICO has issued enforcement notices to two public bodies under the Freedom of Information Act of 2000, ordering them to address a backlog of requests from the public.    The Information Commissioner’s Office (ICO) recently took action against two public service organisations for their ongoing failures to meet fundamental Freedom of Information Act

Recommendations on the development of AI systems from European DPAs

DPAs across Europe have provided useful recommendations for organisations involved in the development and deployment of AI systems, aiding these organisations to remain in compliance with the GDPR and other regulations applicable to AI systems.    The French data protection authority, CNIL recently published its first recommendations on the development of AI systems. These recommendations

The EDPB releases its Opinion on ‘Pay or Ok’ Models

The EDPB highlights the need to comply with all the requirements of the GDPR, in particular those for valid consent.   In the rapidly evolving landscape of ecommerce and data protection, it is paramount for businesses to understand how any new practices involving the processing of personal data may affect their user’s privacy and the

EU Supervisory Authorities have a right to order the erasure of unlawfully processed data without a request from the data subject

The CJEU has ruled that EU Supervisory Authorities have a right to order the erasure of unlawfully processed data even without a prior request from the data subject.   The recent ruling by the Court of Justice of the European Union (CJEU) has significant implications for the processing of personal data by organisations within the

EU Data Act: An update on the agreed text

In June 2023, policy makers reached an agreement on the EU Data Act, initially proposed in February, 2022.   The European Union’s Data Act, proposed in February 2022, is set to revolutionise the EU data economy. The Act is designed to foster data sharing and use across the EU, leveraging data as a critical asset

CNIL selects three digital companies for an enhanced support program on data protection projects

CNIL selects three digital companies for an enhanced support program to promote innovative projects in data protection and privacy.   The French data protection authority, CNIL, has selected three digital companies for its Enhanced Support program: Contentsquare, Hugging Face and Lifen. The program aims to support innovative projects in the field of data protection and

Whatsapp agrees to full compliance with EU rules on consumer protection

WhatsApp agrees to full compliance with EU rules, including more user transparency and respecting user choices regarding contract updates.   Whatsapp has committed to full compliance with EU rules, giving users more transparency into changes in the platform’s terms of service and making it easier for users to reject updates that they may not want.