Weekly Newsletter: 14 June – 18 June 2021
GDPR EU Representative

June 21, 2021

New browser signal could make cookie banners obsolete 

[#Cookiebanner #DataProtection #Noyb] 

“Today, noyb and Sustainable Computig Lab (“CSL”) published a proposal for a new automatic browser signal to finally eliminate obsolete cookie banners.

“Advanced Data Protection Control” (ADPC) aims to demonstrate that a user-friendly European solution for privacy settings can easily be implemented.

– More information can be found at dataprotectioncontrol.org
– A plugin prototype and a mock-up allow a “hands on” test
– The detailed technical specification was also published today

To read more: Click here  

Probably the World’s First SCC Generator 

[#SCCs #StandardContractualClauses #EUdatatransfers]

“Standard Contractual Clauses Generator created by Christopher Schmidt, FIP CIPP⁄E CIPM CIPT CDPO has just been released.


Step 1️: Select the Applicable Modules and Options for Your SCCs […]

Step 2️: Copy Your Generated SCCs […]

Step 3: Paste to Word, LibreOffice etc and finalize”

To read more: Click here


Judgment in the case of Facebook Ireland and Others v the Belgian Data Protection Authority

[#GDPR #Facebook #ECJ] 

“The Court specifies the conditions for the exercise of the national supervisory authorities’ powers with respect to the cross-border processing of data […]

Under certain conditions, a national supervisory authority may exercise its power to bring any alleged infringement of the GDPR before a court of a Member State, even though that authority is not the lead supervisory authority with regard to that processing. […]

The referring court was uncertain as to the effect of the application of the ‘one-stop shop’ mechanism […] and, in particular, whether […] the DPA may bring an action against Facebook Belgium, since it is Facebook Ireland which has been identified as the controller of the data concerned.”

Link to the decision in French
Link to the decision in Dutch

To read more: Click here

IKEA fined $1.2 mln for spying on French employees

[#PersonalData #Surveillance #IKEA]

“A French court on Tuesday ordered IKEA to pay a 1 million euro ($1.2 million) fine for spying on its French staff, after the world’s biggest furniture retailer was found guilty of improperly gathering and storing data on its employees. […]

The firm’s former chief executive in France, Jean-Louis Baillot, was found guilty in the case and handed a two-year suspended prison sentence. Judges fined him 50,000 euros for storing personal data. The allegations centred on the 2009-2012 period, although prosecutors said the spying tactics began in the early 2000s. […]

The Swedish firm has long denied setting up a widespread espionage system, and was absolved on Tuesday of systematically violating personal data.”

To read more: Click here

Data protection: European Commission launches the process towards adoption of the adequacy decision for the Republic of Korea

[#Adequacy #EDPB #EuropeanCommission #EU #RepublicOfKorea] 
“Today, the Commission launches the process towards adoption of the adequacy decision for the transfer of personal data to the Republic of Korea. It will cover transfers of personal data to the Republic of Korea’s commercial operators as well as public authorities. […]

At the same time, it would complement the EU-Republic of Korea Free Trade Agreement (FTA) and boost cooperation between the EU and the Republic of Korea as leading digital powers. […]

The draft adequacy decision was published and transmitted to the European Data Protection Board (EDPB) for its opinion.”

To read more: Click here

Replace GDPR, says prime minister’s regulatory hit-squad


“In its final report, the Task Force on Innovation, Growth and Regulatory Reform (TIGRR), chaired by Conservative former leader Sir Iain Duncan Smith, says that exit from the EU ‘creates a one-off opportunity to set a bold new UK regulatory framework, based on a set of principles embedded in UK common law’. Its proposals include reforms to the regulation of high-tech fields to encourage innovations in areas such as spaceflight, pharmaceuticals and agriculture. […]

To encourage growth in the digital economy, the group proposes replacing the current ‘UK GDPR’ wth ‘a new, more proportionate, UK framework of citizen data rights’. […]

The Prime Minister’s Office said today that Boris Johnson has written a letter to the taskforce members, thanking them for their work.”

To read more: Click here

EU states back personal data flows with ex-member Britain

[#Adequacy #EU #UKlaw #EuropeanCommission]
“BRUSSELS (Reuters) – European Union member states have agreed that British standards for the protection of personal data are sufficently high that such information can continue to flow between the EU and its former member, the European Commission said on Thursday.

Their backing will allow the Commission to adopt two adequacy decisions before the end of June to allow a seamless transition at the end of a six-month grace period during which flows were allowed after Britain’s final exit from the bloc.”

To read more: Click here

TikTok Has Started Collecting Your ‘Faceprints’ and ‘Voiceprints.’ Here’s What It Could Do With Them

[#TikTok #Biometricsdata #Privacy] 
“Recently, TikTok made a change to its U.S. privacy policy, allowing the company to “automatically” collect new types of biometric data, including what it describes as “faceprints” and “voiceprints.” TikTok’s unclear intent, the permanence of the biometric data and potential future uses for it have caused concern among experts who say users’ security and privacy could be at risk. […]
While TikTok’s privacy policy states that it “does not sell personal information to third parties,” it also says it may share the information it collects for “business purposes.”

To read more: Click here