Civil society call and recommendations for concrete solutions to GDPR enforcement shortcomings
EDRi members call on the European Data Protection Board (EDPB), the European Commission, and all national data protection authorities (DPAs) to urgently address the structural and procedural enforcement issues that prevent the GDPR from fully reaching its potential.
Filter resources
-
Civil society call and recommendations for concrete solutions to GDPR enforcement shortcomings
EDRi members call on the European Data Protection Board (EDPB), the European Commission, and all national data protection authorities (DPAs) to urgently address the structural and procedural enforcement issues that prevent the GDPR from fully reaching its potential.
Read more
-
Giropay knows what you bought last summer
A customer contacted noyb after seeing a detailed list of products she had ordered in an online pharmacy and a sex shop listed in her giropay account. Such data is specially protected under the GDPR and may not be processed without consent. noyb filed a complaint against giropay with the Hessian State Commissioner for Data Protection and Freedom of Information.
Read more
-
Belgian authority finds IAB Europe’s consent pop-ups incompatible with the GDPR
Following a number of complaints filed in 2018 and 2019, including by EDRi-members Panoptykon and Bits of Freedom, and coordinated by the Irish Council for Civil Liberties, the Belgian Data Protection Authority has found that the consent system developed and managed by the adtech industry body IAB Europe, and used by many websites in the EU, is illegal under the GDPR.
Read more
-
Hide and Seek: Polish DPA agrees that people should be able to access their advertising profiles, but there’s no way to do so
Following EDRi member Panoptykon’s General Data Protection Regulation (GDPR) complaint against one of the biggest Polish news website, Interia.pl - the Polish Data Protection Authority has confirmed that online publishers should give users access to their advertising profiles generated for the purposes of delivering behavioural ads.
Read more
-
Noyb files another complaint against Amazon Europe – black box algorithm discriminates customers
The e-commerce giant offers customers the possibility to pay for products later via "Monthly Invoicing". A customer was automatically rejected from using this payment method without Amazon giving any reasons why. When Amazon’s customer service could not provide any further information, the customer submitted an access request under Article 15 GDPR in order to find out why he was rejected – but the company still refused to provide any information.
Read more
-
GDPR: Three years in, and its future and success are still up in the air
The EU’s General Data Protection Regulation (GDPR) is not living up to the hype. When first implemented in 2018, the GDPR was presented as the new world standard for privacy and data protection. The law has increased data protection awareness and led to significant legal changes all over the world. Yet EDRi member Access Now’s new report, Three years under the GDPR: An implementation progress report, explores just how far this legislation still has to go before its promises — and potential — are truly fulfilled.
Read more
-
Stronger enforcement is key to the effectiveness of the GDPR
On the third anniversary of the entering into force of the General Data Protection Regulation (GDPR), EDRi sent a message to Members of the European Parliament calling for stronger enforcement of the GDPR, as well as the adoption of necessary additional legislation where appropriate.
Read more
-
Transparency for institutions, privacy for the people
Much has been said about abuses of personal data by platforms like Facebook and other private companies. However, there is little observation of non-compliance by public administrations or institutions such as the policies undermining the privacy of the public and the small (or large) daily abuses people are subject to.
Read more
-
3rd Anniversary of the GDPR
Europe can pride itself to have passed the most progressive privacy legislation in the world, but small errors in the law and the lack of enforcement lead to legitimate frustration of users and small business. EDRi's member noyb reflects on the nature and impact of the GDPR.
Read more
-
noyb aims to end “cookie banner terror” and issues more than 500 GDPR complaint
EDRi's member noyb.eu sent over 500 draft complaints to companies who use unlawful cookie banners - making it the largest wave of complaints since the GDPR came into force. "Some companies are clearly trying everything to make privacy a hassle for users, when they have a duty to make it as simple as possible."
Read more
-
Human rights groups win European Court of Human Rights claim on UK mass surveillance regime
Eight year legal battle against UK mass surveillance programmes exposed by whistleblower Edward Snowden culminates in victory for privacy. EDRi's member Privacy International worked actively to make this happen.
Read more
-
Why Facebook’s proposed hate speech policy on Zionism would only add fuel to the fire
Pressured to combat surging hate speech and anti-Semitism on its platform, Facebook is looking into how it should moderate the use of the word “Zionist,” and whether to add the term as a protected category under its hate speech policy. EDRi's member Access Now doesn’t think that is a good idea, particularly given Facebook’s inability to strictly adhere to human rights principles in its content moderation practices.
Read more