In this week’s news:
- Facebook argue in court (Vienna) that users have no right to compensation for data protection violations because they deliberately harmed themselves by using Facebook and that data protection on Facebook is ‘easy to understand for users’. Facebook witness: 9 ½ hours of “we don’t know”.
- Danish Data Protection Authority announced it has issued its guidelines on the processing of personal data on home page visitors – the DPA ruled that third-party websites with embedded Google’s banner ads can be held jointly responsible for the collection and transmission to Google of the personal data of visitors to its website (Fashion ID v. 2).
- ICO seeks feedback on its draft AI auditing framework guidance.
- Google users in the UK to lose EU data protection. Reports suggest it shows Google doesn’t have faith in the UK achieving “adequacy”.
- European Parliament says the UK does not meet GDPR adequacy requirements. The exemptions in the DPA18 relating to the processing of personal data of immigrants, the personal data of non-UK citizens will not be afforded the same protections as that of UK citizens. It also considers that the data retention provisions for telecommunications data and rules on access to data by law enforcement agencies do not currently comply with the GDPR (para 32).
- MGM hack exposes personal data of 10.6 million guests.
- Barclays scraps ‘Big Brother’ staff tracking system after just a week due to “colleague feedback”.
- OneTrust Series B Funding Brings Valuation to $2.7 Billion.
- European Commission unveils its European strategy for data.
- Irish DPC releases 2019 annual report current cases include: Facebook-8; WhatsApp-2; Instagram-1; Apple-3; Twitter-3; LinkedIn-1; Google-1; Verizon-1; Oath-1.
- The European Commission has released new strategies on data and artificial intelligence (AI). Commentary.
- The European Data Protection Board (EDPB) concludes that it is premature to conduct a revision of the GDPR at this point in time. Also adopts position on obligations in merger activities relating to personal data.
- ICO seeking adtech experts.
- The Hamburg Commission for Data Protection and Freedom of Information explained its decision to fine Facebook €51,000 for failing to nominate a Data Protection Officer to its German office under GDPR. Facebook accepts the fine.
- None Of Your Business (noyb), has announced the not-for-profit organisation is to file a complaint to the German data protection authority over data protection standards at Amazon.
Previous Privacy updates can be found here.