GDPR
Filter by...
-
The art of dodging questions – Facebook’s privacy policies
Remember in April 2018, after the Cambridge Analytica scandal broke, we sent a series of 13 questions to Facebook about their users’ data exploitation policy. Months later, Facebook got back to us with answers. Here is a critical analysis of their response. Recognising people’s face without biometric data? The first questions (1a and 1b) related […]
Read more
-
Czech BBA: Facebook and iROBOT the worst privacy intruders of 2018
The 14th Czech Big Brother Awards – anti-awards for those who have done the most to threaten personal privacy in 2018 – were announced on 14 February 2019. A jury of nine technology experts, lawyers and journalists chose the worst privacy intruders based on suggestions made by the general public. The Awards in four different […]
Read more
-
ApTI submits complaint on Romanian GDPR implementation
In November 2018, the RISE Project case showed that the Romanian Data Protection Authority (ANSPDCP or Romanian DPA) was unprepared to respond to cases that involve both the right to freedom of expression and the right to privacy. RISE Project’s investigative journalism story #TeleormanLeaks was an important signal that the General Data Protection Regulation (GDPR) […]
Read more
-
ICANN and GDPR – nowhere near compliance
The Internet Corporation for Assigned Names and Numbers (ICANN) Initial Report of the Expedited Policy Development Process (EPDP) on the Temporary Specification for generic Top Level Domain (gTLD) Registration Data Team makes for difficult reading. This is because, though it contains a serious attempt at complying with the General Data Protection Regulation (GDPR) compliance, it […]
Read more
-
Google and IAB: Knowingly enabling intrusive profiling
On 28 January, EDRi member Panoptykon joined a complaint against Google and the Interactive Advertising Bureau (IAB) in Poland, after it had become clear that the advertising categories provided by these entities are enabling the processing of extremely sensitive data of European citizens. On 20 February, new evidence was published proving that the IAB was […]
Read more
-
FRA and EDPS: Terrorist Content Regulation requires improvement for fundamental rights
On 12 February 2019, the European Union Agency for Fundamental Rights (FRA) published an Opinion regarding the Regulation on preventing the dissemination of terrorist content online. In the same day, the European Data Protection Supervisor (EDPS) submitted its comments on the topic to the responsible committee in the European Parliament. These two texts complement EDRi’s […]
Read more
-
noyb files eight strategic complaints on “right to access”
A test by EDRi member noyb, a European non-profit organisation for privacy enforcement, shows structural violations of most streaming services. In more than ten test cases noyb was able to identify violations of Article 15 of the General Data Protection Regulation (GDPR) in many shapes and forms by companies like Amazon, Apple, DAZN, Spotify or […]
Read more
-
Period tracker apps – where does your data end up?
More and more women use a period tracker: an app that keeps track of your menstrual cycle. However, these apps do not always treat the intimate data that you share with them carefully. An app that notifies you when to expect your period or when you are fertile can be useful, for example to predict […]
Read more
-
Austrian postal service involved in a data scandal
After a media report from the media outlet “Addendum”, the Austrian postal service faces public outcry over its data gathering and sales activities. The Austrian Post is known for not only exercising their main duty of post delivery, but also selling addresses of Austrian residents to companies and political parties, for advertising. The media report […]
Read more
-
Panoptykon files complaints against Google and IAB
On the International Data Protection Day, 28 January 2019, EDRi member Panoptykon filed complaints against Google and the Interactive Advertising Bureau (IAB) under the General Data Protection Regulation (GDPR) to the Polish Data Protection Authority (DPA). The complaints are related to the functioning of online behavioural advertising (OBA) ecosystem.
Read more
-
Denmark prepares for passenger data exchange with the EU
In 2016, the European Union adopted the Passenger Name Record (PNR) Directive which obliges Member States to collect PNR data on all flights to third countries and exchange this information with other Member States through the Passenger Information Units (PIUs).
Read more
-
Complaints: Google infringes GDPR’s informed consent principle
On 27 November 2018, seven members of the European Consumer Organisation (BEUC) have launched complaints with their national Data Protection Authorities (DPAs) about Google potentially infringing the General Data Protection Regulation (GDPR).
Read more