Weekly Newsletter: 17 May – 21 May 2021
GDPR EU Representative

May 19, 2021

Is WhatsApp Really ‘Lying’ To You—Is This A Reason To Quit?  

[#WhatsApp #Dataprotection #Dataprivacy #Telegram] 

“You can’t escape this promise. “No-one outside of this chat, not even WhatApp, can read or listen to them,” the platform even confirms at the top of every new chat. Not so, Telegram has suddenly charged @WhatsApp on Twitter.

“Our users know how things work, talk to the screenshot. It says you’re lying.” The screenshot is of an unattributed WhatsApp chat stating that Apple and Google can access WhatsApp cloud backups, which is true—albeit WhatsApp already warns users that such backups fall outside its end-to-end encryption. But more provocatively, the screenshot message also alleges that “WhatApp can access this chat because we can restore it on a clean device using just our phone numbers.” […]

The implication is clear. […] Telegram’s allegation came in response to WhatsApp tweeting a meme warning users that Telegram does not offer default end-to-end encryption, which in turn was a response to Telegram poking WhatsApp, as the controversial Facebook deadline date arrived, suggesting it was time to put the messenger and its owner in the bin.”

To read more: Click here.

We Found Joe Biden’s Secret Venmo. Here’s Why That’s A Privacy Nightmare For Everyone.

[#Venmo #Cybersecurity #Privacy]

“BuzzFeed News found President Joe Biden’s Venmo account after less than 10 minutes of looking for it, revealing a network of his private social connections, a national security issue for the United States, and a major privacy concern for everyone who uses the popular peer-to-peer payments app. 

On Friday, following a passing mention in the New York Times that the president had sent his grandchildren money on Venmo, BuzzFeed News searched for the president’s account using only a combination of the app’s built-in search tool and public friends feature. […] By late Friday night, the Venmo accounts tied to the president and first lady Jill Biden were no longer online. […] 

Privacy advocates and journalists have warned about Venmo’s privacy problems for years, yet the PayPal-owned app has persisted with features that can place people — including the president of the United States — at risk.”

To read more: Click here

French data watchdog president: GDPR sucessfully stood ‘pandemic test’ 

[#CNIL #GDPR #Privacyshield] 
“The president of the regulatory authority, Marie-Laure Denis, said she was pleased that the GDPR, the General Data Protection Regulation, has been sufficiently flexible during the pandemic, adding that the “pandemic has been an accelerator of digital uses.”

According to the CNIL, 2020 was also marked by the issue of ‘digital sovereignty’. As examples, the report cited the EU Court’s annulment of the Privacy Shield, which framed data transfers between the EU and the US, the controversy over the French Health Data Hub being hosted by Microsoft, as well as the European Commission’s upcoming legislative proposals like the Digital Services Act (DSA) or the Digital Markets Act (DMA).

“This exceptional context offers an unprecedented alignment of interests between data protection regulation and industrial recovery policy. It is our responsibility to seize this opportunity collectively to pursue an ambitious policy for European digital sovereignty,” the report states.”

To read more: Click here

EU Parliament votes on UK adequacy today

[#UKadequacy #Europeanparliament #unitedkingdom] 
“First thing this morning, […] today’s plenary session kicks off with a debate on the Schrems II ruling and the adequate – or not – protection of personal data by the United Kingdom. Two resolutions will then be put to the vote. We should know the results by 13h Brussels time. […]

“Adequacy should be granted only after the specific elements of UK law or practice that are still a matter of serious concern have been properly assessed,” explained rapporteur Juan Fernando López Aguilar.

“Without changes, national data protection authorities should suspend transfers of personal data to the UK when indiscriminate access to personal data is possible,” said MEPs… to the alarm of many industry groups.”

To read more: Click here

The BE DPA approves its first European code of conduct

[#Europeanparliament #Unitedkingdom] 
“The Belgian Data Protection Authority has approved today the first transnational code of conduct to be adopted within the European Union since the entry into force of the GDPR. […] In parallel to the approval of the code of conduct, the Belgian Data Protection Authority has also accredited SCOPE Europe as the monitoring body for the EU Cloud CoC. This monitoring body will ensure that code members abide by the provisions of the EU Cloud CoC. Therefore the EU Cloud CoC will be operational from this day on. […]

The EU Cloud CoC concretizes requirements of Art. 28 GDPR (concerning the processor) – and other relevant related Articles of the GDPR – for practical implementation within the cloud market (including IaaS, PaaS, SaaS).”

Read the approval decision 05/2021 for the EU Cloud CoC : https://lnkd.in/dnGeJrr

Read the accreditation decision 06/2021 for Scope Europe: https://lnkd.in/dW4esYS

To read more : click here

Has WhatsApp Secretly Changed Your Privacy Settings? 

[#Whatsapp #Socialmedia #Facebook #Privacy] 

“An urgent new warning has gone viral on social media today, urging you to check your privacy settings after WhatsApp’s reportedly secret update. So should you be alarmed? […]

Just days after its controversial update to facilitate data sharing with Facebook, social media is ablaze with messages suggesting the platform has suddenly updated your group privacy settings and you need to urgently change them back. […] while this alert is likely misleading, you should change that setting. […]

Meanwhile, the much more significant change is the terms of service update. If you haven’t accepted the new terms, then pretty soon your account will be restricted, and a “short time” later you will not be able to call or message. That’s the really important WhatsApp news this month—but worth checking those privacy settings anyway.”

To read more: Click here.

MEPs call for infringement procedure against Ireland 

[#Europeanparliament #Schrems2 #Europeanunion #Europeancommission] 

“The European Parliament voted on Thursday (20 May) in favour of a resolution calling on the European Commission to open an infringement procedure against Ireland for failing to enforce the General Data Protection Regulation (GDPR). […]

Asked which actions had been taken to ensure data protection compliance, a Commission official said to EURACTIV ‘several steps have recently been taken in this direction within the [European Data Protection] Board, in particular, to improve procedures for the so-called one-stop-shop system. The Commission will continue to support the work of the Board and will carefully follow the progress made.’

‘For the new GDPR governance system based on independent data protection authorities to work efficiently, it is essential to develop trust and a European spirit of cooperation’ the source added. The EU official declined to comment whether the European Commission will open an i infringement procedure against Ireland.”

To read more: Click here.

Data protection: MEPs urge the Commission to amend UK adequacy decisions

[#Europeanparliament #UKAdequacy] 

In a resolution passed on Friday (344 votes in favour, 311 against and 28 abstaining), MEPs ask the Commission to modify its draft decisions on whether or not UK data protection is adequate […] bringing them in line with the latest EU court rulings and responding to concerns raised by the European Data Protection Board (EDPB) in its recent opinions. […]

The resolution states that, if the implementing decisions are adopted without changes, national data protection authorities should suspend transfers of personal data to the UK when indiscriminate access to personal data is possible. […]

Parliament urges the Commission and the UK authorities to address all these issues and insists that no adequacy decision should be granted. MEPs specify that no-spying agreements between member states and the UK could help solve matters.”

Read the final text of the resolution here.

To read more: Click here.