Breaking: In decisions just out, Meta is not only on the hook for privacy fines totaling nearly €400 million, but it must also — quickly — find a new legal basis for its sprawling targeted advertising empire. 🧵
pro.politico.eu/news/158293
The decisions rebuke Meta’s claim that it could hoover up users’ data as part of a contract to provide them with personalized adverts, and leave the tech giant scratching around for another legal route to target people with advertising.
Dec 5, 2021 • 12 tweets • 4 min read
Docs unearthed by @NOYBeu show that the Irish data regulator lobbied to get EU guidelines to allow social networks to bypass GDPR consent requirements to use people's data to target advertising.🧵
pro.politico.eu/news/143625
The documents show that the Irish regulator argued that companies could use data to fulfil a contract with users to provide a personalized ad-funded platform, rather than relying on consent.
Oct 5, 2020 • 17 tweets • 3 min read
I'm at @EUCourtPress following Facebook v Belgian DPA. At stake: the scope of the one-stop-shop (GDPR mechanism by which regulator where company has EU's base takes the lead on investigation). Stay tuned.
First up, Facebook. it argues that single point of contact is a "vital aspect" of the regulation, and that in GDPR do not apply. "The distinction that the Belgian DPA makes between administrative and legal proceeding is artificial."
Sep 23, 2020 • 8 tweets • 2 min read
Jim Sullivan from US dep. of commerce: "In months since [Schrems II] decision, a lack of clear guidance from EDPB, inconsistent approaches of data protection authorities, and calls for data localisation and sovereignty from within Commission have added to the uncertainty." Ouch.
Says "premature" to give timeline for new Privacy Shield, but much more limited set of issues (gov. surveillance, not commercial aspects) to negotiate than when Safe Harbor struck down
Sep 23, 2020 • 4 tweets • 2 min read
Tune in to the Prague security conference this morning to hear @VeraJourova, @mikepompeo & others speak about 5G: 5gconf.livebox.cz
.@VeraJourova invokes threat of Russia and 5G disinformation, calls for "likeminded" partners to work together and underlines importance of the transatlantic relationship
Thierry Breton on TikTok: I'm not in the business of banning companies, I'm in the business of explaining very clearly our rules #POLITICOBreton
Breton re TikTok: Trump is right about importance of data. "For 10 years I've been advocating one single sentence. European data should be stored and processed in Europe. It belongs to us" #POLITICOBreton
Jul 9, 2020 • 4 tweets • 2 min read
🇬🇧 and 🇦🇺 team up to investigate 🇺🇸 facial recognition firm Clearview AI /thread
pro.politico.eu/news/uk-and-au…
In June, a top EU privacy body cast doubt on whether Clearview AI's technology is legal in 🇪🇺
UK Information Commissioner Liz Denham says ICO has paused "only 10 per cent" of its work. Investigation into adtech will return "in short order"
Denham on Brexit and divergence: "Retention of our law is important to future trade relationships", but she'd support removal of the prescriptive parts of the GDPR. The law would be stronger if "it stayed to the principles," she said.
May 7, 2020 • 4 tweets • 1 min read
Luxembourg🇱🇺today votes on a motion that if passed will commit the government to focusing on non-digital contact tracing, and ensure that any app introduced is not made compulsory and uses a “decentralized” protocol 1/4
The backdrop to this is there is little appetite in the Grand Duchy for a contact-tracing app — Prime Minister Xavier Bettel has said he is against the idea — but the government is drawing up legislation in the event that other countries make them mandatory to cross borders 2/4
May 4, 2020 • 5 tweets • 1 min read
"If privacy was the only thing we were optimising for here, it may well be that a decentralised system should be the default choice" -- Matthew Gould, NHS X, on UK contact tracing app
He and Liz Denham, UK privacy watchdog, are speaking now to UK parliamentarians: parliamentlive.tv/Event/Index/6f…
Apr 24, 2020 • 10 tweets • 3 min read
This is on now. Some top speakers, including Google's William Malcolm, DP-3T's @mikarv, @W_Wiewiorowski from the EDPS, AccessNow's @EstelMP etc. etc.
Message so far: Apps are *complementary* to other public health measures. Not a silver bullet.
Apr 1, 2020 • 5 tweets • 2 min read
UK Supreme Court is about to rule on case that will determine to what extent companies are liable for data breaches caused by disgruntled employees. You can watch live here (and see judges wfh!!)
supremecourt.uk/live/court-01.…
UK Supreme Court rules that Morrisons supermarket is *not* liable for a data breach caused by a disgruntled employee. Sigh of relief for companies.
Jan 3, 2020 • 4 tweets • 1 min read
Berlin data regulator says it is preparing to battle Deutsche Wohnen in the courts this year. It fined the realtor €14.5 million in November for privacy by design and data minimisation failures (thread)
'Too few companies realise that data must be deleted regularly,' said the head of the Berlin authority Maya Smoltczyk, in an interview with Tagesspiegel (cont.)
Nov 1, 2019 • 4 tweets • 2 min read
Pressure mounting on public use of facial recognition tech. This from @ICOnews, warning police to "slow down": ico.org.uk/about-the-ico/…
This week also saw the @CNIL say that a trial of the technology in a school is illegal: cnil.fr/fr/experimenta…
Oct 4, 2019 • 5 tweets • 2 min read
A big week for privacy class actions in the UK.
On Wednesday, England's second highest court gave the green light to a representative action against Google for alleged secret tracking of Apple iPhone users. At stake: up to £3 billion.
Today, the High Court is hearing an application for a group litigation order against British Airways regarding a data breach that affected around half a million of its customers. BA could face a compensation payout of up to £475 million.
