Latest data privacy publications
Last week, Europe’s highest court, the Court of Justice of the European Union (CJEU), invalidated the EU-US Privacy Shield, a legal framework relied upon by thousands of US and EU companies to transfer personal data from the EU to the US.
The decision is perhaps no surprise, given the CJEU’s long-standing concerns about the ease with which the US government could access personal data of European citizens. Privacy Shield itself was an attempt to readdress the balance of privacy in favour of EU residents — but it has now been deemed inadequate.
The Brazilian Ministry of Justice has leveled a $1.6 million fine on Facebook, after finding that data from almost half a million app users was shared with developers of “thisisyourdigitallife.”
Data harvested by “thisisyourdigitallife” in the form of a voluntary user personality test was shared with Cambridge Analytica, the political consultancy firm charged with influencing the 2016 US presidential election. Earlier this month, the U.S. Federal Trade Commission issued a unanimous ruling that the now-defunct company had used ‘false and deceptive tactics’ to harvest user information, which was then used to train algorithms for targeted political advertising.
Facebook has said around 100 app developers may have been able to obtain user data from groups on the social network, despite making changes to what third parties can see following the Cambridge Analytica scandal. The firm has admitted some retained access to information such as names and profile pictures in connection with group activity.
A “historic” agreement on sharing data will “dramatically speed up” investigations into criminals’ online activity, the Home Secretary has said.
Priti Patel and US attorney general William Barr signed the arrangement – the first of its kind – on Thursday evening when she visited Washington DC, the Home Office said.
Ms Patel said: “Terrorists and paedophiles continue to exploit the internet to spread their messages of hate, plan attacks on our citizens and target the most vulnerable.
Despite it being over a year since GDPR was introduced, more than half of UK businesses are failing to comply with the legislation, a new report suggests.
The survey of 250 UK GDPR decision makers, conducted on behalf of data security firm Egress, found that 52 percent of businesses are not fully compliant with the regulation, which came into force in May 2018.