SypherPrivacyTalks - March 2024 - Week 11
by Sypher - March 11, 2024
Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.
IAB Europe’s advertising bidding model uses personal data, EU court rules
euronews.com • 3 min read
⚖️ The European Court of Justice (ECJ) clarified on Thursday March 7th that IAB Europe's online advertising model uses personal data, and is therefore subject to the GDPR. Interactive Advertising Bureau (IAB) is an association representing digital advertising and marketing companies, developed a system that allows brokers and platforms to bid for advertising space in real time based on the profiles of website users.
The CJEU also ruled that IAB Europe qualifies as the "joint controller" under GDPR, but not the sole controller.
Background: The ECJ ruling comes after IAB Europe challenged a decision by the Belgian Data Protection Authority in 2022, which said that its real-time bidding model for advertising was not in line with EU data protection rules. The Belgian Court of Appeal then asked the Luxembourg-based ECJ for clarification. The case now heads back to the Brussels Markets Court… read more
More information: Auctioning of personal data for advertising purposes: the Court of Justice clarifies the rules under the GDPR.
Google unveils major changes to ensure Digital Markets Act compliance
searchengineland.com • 3 min read
🚨 Google has announced changes to its search results, display choices and consent policies to ensure compliance with the European Union's Digital Markets Act (DMA), which comes into force this week… read more
The law, which aims to ensure fairer competition between tech giants, designates some large online companies and their services as 'gatekeepers'. Those designated as gatekeepers - the companies on the list are Alphabet, Amazon, Apple, ByteDance (TikTok), Meta and Microsoft - will have to meet strict requirements designed to reduce anti-competitive behaviour.
See also Google’s announcement: Complying with the Digital Markets Act.
Exploring DORA’s ICT Risk Requirements: Key Issues for Asset Managers
📜 DORA introduces a new set of harmonised rules on ICT risks for financial institutions. DORA and the DORA Directive aim to further harmonise regulatory requirements relating to ICT risks for financial institutions operating in the EU. DORA became law in December 2022 but provides for a grace period until 17 January 2025 for organisations to put in place the necessary measures to comply.
This Lexology article by Dechert LLP examines key issues for asset management firms, including the impact of DORA, which financial institutions are covered, digital operational resilience, and the obligations imposed on financial institutions, ranging from risk management controls to reporting requirements and the sharing of information related to cyber threats and vulnerabilities… read more
Worldcoin hit with temporary ban in Spain over privacy concerns
👁️ Spain's data protection authority has ordered Worldcoin - the eyeball-scanning blockchain crypto project founded by Sam Altman - to temporarily stop the collection and processing of personal data from the Spanish market. It must also stop processing any data it previously collected there.
The Spanish authority is using the GDPR's 'urgency' provisions for the temporary order to stop data processing - meaning that the order can last a maximum of three months… read more
UK Home Office Breached Data Protection Law with Migrant Tracking Program, ICO Finds
infosecurity-magazine.com • 3 min read
🕵️♂️ The UK Home Office has breached data protection law by using electronic tags to monitor migrants, according to the UK's Information Commissioner's Office (ICO).
The authority said the government department had failed to adequately assess the privacy implications of the continuous collection of people's location data. It said that 24/7 access to people's movements was likely to reveal sensitive information such as their religion, sexuality or health… read more
--
Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
