Loading

Category: Privacy

Brecha Advisory tool launched by AEPD

The AEPD has launched the Brecha Advisory tool to facilitate compliance with data protection laws by data controllers and processors.   The AEPD has launched the Brecha Advisory tool, which is intended to guide the application of the Spanish data protection legislation to facilitate compliance by data controllers and processors. This tool provides advice on

Guidelines on the use of AI and data in teaching and learning for teachers

The European Commission has published guidelines on the use of AI and data in teaching and learning for teachers.   As the field of AI rapidly develops, it has the potential to change our lives and transform the way we work, live, and learn. The development of AI is also an opportunity to address many

Electronic mail marketing: Guidance from the ICO on achieving compliance with PECR

The ICO released guidance on electronic mail marketing, to help organisations achieve compliance with the PECR.   Earlier this month, Aphaia reported on guidance published by the ICO for organisations regarding live phone calls made for marketing purposes, to help organisations to remain in compliance with the Privacy and Electronic Communications Regulations (PECR), also known

Unaddressed formal notice results in maximum fine imposed by CNIL

AI company Clearview received the maximum fine imposed by CNIL, totalling 20 million euros, after a formal notice was left unaddressed.   A formal notice from the CNIL giving Clearview AI two months to comply with various injunctions in November 2021 was left unattended, the Authority has decided to impose a maximum fine of €20

EU-U.S. Data Privacy Framework; Executive Order signed

For Europeans whose personal data is transferred to the U.S., new binding safeguards are in order with the signing of a new Executive Order on ‘Enhancing Safeguards for United States Signals Intelligence Activities’ on October 7th, 2022. These binding safeguards address all the points raised by the Court of Justice of the EU, protecting EU

Live marketing phone calls: Guidance from the ICO on remaining in compliance with PECR

The ICO released guidance on making live marketing phone calls, to help organisations remain in compliance with the PECR.   The ICO has released guidance for organisations on live phone calls made for marketing purposes, to help organisations to remain in compliance with the Privacy and Electronic Communications Regulations (PECR), also known as ePrivacy Regulations.

Illegal profiling and predatory marketing calls lead to a fine of £1.48 million for Easylife

Easylife was fined £1,480,000 for illegal profiling and predatory marketing calls which resulted in several complaints to the ICO.    The ICO has fined Easylife Ltd £1,350,000 for using the personal information of 145,400 customers to target them with health-related products after predicting their medical conditions based on previous purchases without their consent. The company

Data Access Agreement comes into force between the UK and the U.S

The UK and the U.S. have recently signed a Data Access Agreement to aid the respective countries in combating crime.    An agreement came into force on October 3rd, 2022 between the Government of the United Kingdom and the Government of the United States. The Agreement focuses on the access to electronic data for the

Executive order on transatlantic data transfers expected to be published by U.S. president

A shortly anticipated executive order on transatlantic data transfers from the US president is expected to impact EU-U.S. data transfers.   The United States is expected to publish its long-awaited executive order on transatlantic data transfers very soon, according to a report from Politico. A United States official, who was not authorized to discuss the

Subject access requests left unanswered lead to several reprimands

Unanswered subject access requests have lead to reprimands for seven organisations from the ICO.  The UK’s Information Commissioner’s Office (ICO) has taken action against seven organisations which have failed to respond to members of the public when presented with a Subject Access Request (SAR). Under the UKGDPR, individuals should be able to request from an