Weekly Newsletter: 15 March – 19 March 2021
GDPR EU Representative

March 19, 2021

The data privacy Cold War is here. Which side are you on? 

[#Apple #Facebook #Techcompany] 

“Apple and Facebook have entered an all-out Cold War in the name of consumer data privacy.[…]

Both companies have put a stake in the ground, and the impact will be felt across the tech and business worlds. Meanwhile, conversations about data privacy are going mainstream.[…]

All of this means time is up for the companies that have sat on the sidelines of this debate until now. Every tech company has access to user data, and each one now must decide which side of the data privacy war they’re on: the one that collects and exploits consumer data, or the one that respects and protects data and the users it belongs to. Prioritizing consumer data privacy doesn’t always mean a company must overhaul its policies. Rather, it’s about communicating those policies to consumers in a way they can understand and holding internal teams accountable to them.”

To read more: Click here

Why this French court decision has far-reaching consequences for many businesses 

[#ShremsII #Doctolib]

“On March 12, 2021, the Conseil d’Etat — France’s highest administrative court — ruled that personal data on a platform used to book COVID-19 vaccinations, managed by Doctolib and hosted by Amazon Web Services, was sufficiently protected under the EU General Data Protection Regulation because sufficient safeguards, both legal and technical, were put in place in case of an access request from U.S. authorities.[…]

The court noted […] the data is hosted in data centers located in France and in Germany, and the contract concluded between Doctolib and AWS Sarl does not provide for the transfer of data to the U.S. However, because it is a subsidiary of a company under U.S. law, the court considered AWS Sarl in Luxemburg may be subject to access requests by U.S. authorities […]

The case brings interesting developments to the “Schrems II” debate : It goes beyond “Schrems II” and, therefore, has huge implications for many companies: […] what was at stake here was not the transfer of data to the U.S., but the fact that the processor in the EU is a subsidiary of a U.S. company.”

To read more: Click here

No, Your iPhone Is Not More Secure Than Android, Warns Cyber Billionaire

[#Iphone #Cybersecurity #Android] 

“One of the world’s leading cybersecurity experts has just warned that the alarming new surge in malicious apps is a much more serious threat to iPhone users than you might think. iPhones, he says, have a surprising security vulnerability.

“We’re all wide open,” the billionaire founder of Check Point tells me.[…]

[…] the widely held view is that iPhone’s are much safer. But you can buy an Android and lock it down fairly easily.[…]

A year ago, we talked nation state cyber, the threats from China, Russia and Iran. Now, despite Solar Winds, to say nothing of the Microsoft Exchange nightmare that hit just after our meeting, the security implications of the world’s companies throwing open their systems to newly remote workforces are even more front of mind. […]

“Companies need to take very seriously the need to build a unified cyber architecture,” Shwed warns.”

To read more: Click here

Requests stronger measures against the dating app Grindr

[#Grindr #Forbrukerrådet #consumerprotection #identitytheft #homosexuality]

“The Data Protection Authority […] announced an intention to impose a fine against Grindr, to the sum of 100 million NOK […] which is the highest fine ever imposed by the Norwegian DPA.

[…] the Consumer Council is asking the Data Protection Authority to impose other measures, in addition to the fine, by ordering Grindr to:

– Inform about which other companies had access to personal data, and how this data may have been shared with further companies.
– Delete all illegally collected personal data and ensure that other companies that have received the data also delete it.
– Ensure that, in the future, Grindr users are not exposed to sharing and spreading of personal data to other companies.[…]

There are many examples of how this type of information can be used in attempts to manipulate everything […]. Data leakage or data breaches can also lead to scams or identity theft, and in the worst case scenario it may be used to persecute people, for example in countries were homosexuality is illegal.”

To read more: Click here

Commission ‘not naive’ about UK’s data ambitions, Reynders assures MEPs

[#UKGDPR #Europeancommission #DidierReynders #DidierReynders] 

“The European Commission is “not naive” about the UK’s future ambitions in the data space and will be prepared to suspend transfers of personal data to the country should the UK in the future diverge from EU standards, Justice Commissioner Didier Reynders has said.[…]

EU lawmakers in Brussels doubt that the UK’s future data protection landscape will be fully aligned with EU data protection standards, following recent comments from the UK’s Digital Secretary Oliver Dowden.[…]

The UK’s approach in this regard has provoked the concern of some in Brussels, not least members of the European Parliament, who aired their worry Justice Commissioner Reynders this week.”

To read more: Click here