All articles tagged with #gdpr
Originally Published 7 days ago — by Phoronix
Debian's Data Protection Team has become inactive as all volunteers have stepped down, leaving the project without dedicated personnel to handle GDPR and privacy issues. The Debian Project Leader has called for new volunteers, emphasizing the importance of experience and trust, to help re-establish the team and address data protection concerns.
Originally Published 2 months ago — by noyb.eu
The EU Commission is drafting a controversial 'Omnibus' reform of the GDPR through a fast-track process, which critics argue would significantly weaken data protection principles, benefit big tech companies, and undermine fundamental rights, especially under the guise of 'simplification' and 'clarification.' The draft includes extensive changes such as narrowing the definition of personal data, limiting user rights, and facilitating AI training with personal data, raising concerns about legal validity and fundamental rights violations.
Originally Published 1 year ago — by TechCrunch
Meta has started rolling out AI features for its Ray-Ban Meta AR glasses in France, Italy, and Spain, allowing users to interact with Meta's AI assistant in their native languages. However, these features do not include the multimodal capabilities available in other regions. The rollout follows Meta's efforts to comply with European regulations, including the AI Act and GDPR, which have previously led to concerns and adjustments in their data training practices. Meta plans to expand these features to more European countries in the future.
Originally Published 1 year ago — by TechCrunch
Spain's data protection authority has ordered Worldcoin to temporarily stop collecting and processing personal data in the country due to privacy concerns, using powers contained in the GDPR. The controversial blockchain crypto project, which scans eyeballs to create a unique identifier, has faced scrutiny from European privacy regulators and has been the subject of complaints related to data processing transparency, collection of data from minors, and withdrawal of consent. Worldcoin's regional rollout in several European markets, including Spain, has attracted attention from data protection authorities, with Spain taking unilateral action to protect local users. The company's DPO has accused the AEPD of spreading inaccurate claims and circumventing EU law, while the AEPD has ordered the immediate cessation of data processing to protect individuals' rights and freedoms.
Originally Published 1 year ago — by CNN
European consumer groups have accused Meta, the owner of Facebook and Instagram, of engaging in "massive" and "illegal" data collection practices, filing complaints with national data protection authorities. They claim that Meta collects excessive user data, infringing on the General Data Protection Regulation (GDPR). Meta disputes the allegations, stating that they comply with GDPR and have overhauled privacy practices. The complaints could lead to further legal action against Meta, which was fined €1.2 billion last year for GDPR violations. Additionally, the company's subscription service for ad-free versions of its platforms is criticized for offering an unfair choice and lack of transparency in data processing.
Originally Published 1 year ago — by TechCrunch
Meta's controversial "consent or pay" model in the EU, which requires users to agree to be tracked and profiled for ad targeting or pay for an ad-free subscription, has triggered complaints from consumer rights groups. The groups argue that Meta's model violates GDPR principles and is coercive, lacking transparency and a valid legal basis for processing personal data. The complaints could lead to penalties and enforcement action, potentially forcing Meta to reform its business model. The European Commission is also overseeing enforcement of Meta's compliance with newer regulations, and the company's consent choice is facing scrutiny from multiple avenues.
Originally Published 1 year ago — by Business Insider
A student at the University of Waterloo in Canada discovered that smart vending machines on campus were equipped with facial recognition technology, prompting the university to announce their removal. The vending machines, owned by Mars, were provided by Adaria Vending Services and manufactured by Invenda Group, both of which claimed that the technology does not store or transmit personal data and is GDPR compliant. This incident adds to the ongoing global tension surrounding the use of facial recognition technology on college campuses, with concerns about privacy and its impact on vulnerable individuals.
Originally Published 1 year ago — by BBC.com
Italy's Data Protection Authority has found that OpenAI's ChatGPT chatbot breaches data protection rules by collecting personal data and failing to implement age protections. The regulator is concerned about the mass collection of users' data used to train the algorithm and the potential exposure of younger users to inappropriate content. OpenAI has 30 days to respond, and under EU GDPR law, could face fines of up to 4% of its global turnover. Italy had previously blocked ChatGPT in March 2023, citing privacy concerns, but reinstated it after OpenAI addressed some issues.
Originally Published 1 year ago — by TechCrunch
Italy's data protection authority has notified OpenAI of suspected violations of EU privacy laws related to its AI chatbot, ChatGPT, following concerns about compliance with the General Data Protection Regulation (GDPR). The authority's draft findings have not been disclosed, but OpenAI has been given 30 days to respond to the allegations. The issues include the lack of a suitable legal basis for data collection and processing, as well as concerns about the AI tool's potential to produce inaccurate information and its impact on child safety. OpenAI faces potential fines and orders to change its data processing practices to comply with EU law.
Originally Published 2 years ago — by The Verge
France's CNIL has fined Amazon $35 million for "excessively intrusive" worker surveillance, citing violations of the EU's GDPR. The commission found Amazon's scanning speed systems, data collection practices, and downtime measurements to be "excessive" and in violation of GDPR articles. Amazon defended its practices as necessary for employee safety and efficiency, but workers in the US have also raised concerns about constant surveillance and productivity monitoring.
Originally Published 2 years ago — by TechCrunch
France's data privacy watchdog, CNIL, has fined Amazon's logistics subsidiary in France €32 million for implementing an "overly intrusive" surveillance system on warehouse workers, focusing on barcode scanners and data gathering practices. The CNIL found indicators tracking employee scanner inactivity and interruptions to be illegal under GDPR, leading to excessive monitoring. Amazon disagrees with the decision, citing industry norms and the need for load balancing, and has agreed to make adjustments to the system in response to the fine.
Originally Published 2 years ago — by BBC.com
Amazon has been fined €32m in France for "excessive" surveillance of its warehouse workers, with the data watchdog finding measures to be illegal under GDPR. The CNIL discovered that Amazon tracked employee activity so precisely that it led to workers potentially having to justify each break, breaching data protection regulations. The watchdog also criticized Amazon for not properly informing workers and external visitors about surveillance and for having insufficient security on its video surveillance. The GMB union representing Amazon's UK warehouse workers described the staff as facing "bruising levels of scrutiny and surveillance."
Originally Published 2 years ago — by Gizmodo
The EU is introducing a "cookie pledge" in an attempt to address the annoyance of cookie popups caused by the GDPR. Major tech platforms will be asked to voluntarily commit to improvements, such as limiting cookie prompts to once a year and providing transparent information about data tracking. While the GDPR has brought positive changes to data privacy, the ongoing battle against cookie popups reflects the evolving landscape of internet regulations and the challenges of balancing privacy with online functionality.
Originally Published 2 years ago — by NOYB
Privacy advocacy group noyb has filed a complaint against Meta, the parent company of Facebook and Instagram, with the Austrian data protection authority. The complaint is in response to Meta's implementation of a "Pay or Okay" system, where European users are given the choice to either consent to being tracked for personalized advertising or pay up to €251.88 per year to protect their data. The cost is deemed unacceptable, and industry data suggests that only 3 percent of people want to be tracked, while more than 99 percent refuse to pay a "privacy fee". If Meta's approach is successful, it could set a precedent for other companies to follow suit, potentially making online privacy unaffordable.
Originally Published 2 years ago — by Video Games Chronicle
Ubisoft is cancelling "unused" accounts, disabling access to purchased games. Users received emails warning that failure to click a link to stop the account suspension would result in inaccessibility to purchased games. Ubisoft claims GDPR regulations require them to close inactive accounts, but contradicts this by stating accounts with purchases attached won't be deleted for four years. This highlights issues with DRM and digital games, as publishers have discretion to terminate accounts and even having games in a digital account doesn't guarantee preservation. The Video Game History Foundation claims 87% of classic US video games are "critically endangered."