SypherPrivacyTalks - October 2024 - Week 41

Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.

Meta smart glasses can be used to dox anyone in seconds, study finds

arstechnica.com • 4 min read

🚨 Two Harvard students recently revealed that it's possible to combine Meta smart glasses with facial image search technology to "reveal someone's personal information," including their name, address and phone number, "just by looking at them."

In a Google document, the students explained how they linked a pair of MetaRayBans 2 to a facial search engine called PimEyes to help identify strangers by cross-referencing their information in various databases. They used a large language model (LLM) to quickly combine all this data, making it possible to instantly identify someone or to scam them in seconds… read more

Ryanair’s use of facial recognition technology investigated by data regulator  

irishtimes.com • 3 min read

🕵️‍♂️ Ireland's DPC has launched an EU-wide investigation into whether Ryanair's use of face-recognition technology to verify customers' identities when booking flights through third-party sites is in breach of the GDPR.

The watchdog said it had received complaints from Ryanair customers across the European Union about the airline's practice of requiring additional verification from those booking tickets through third-party websites or online travel agents, rather than directly with Ryanair ... read more

Romanian business - GDPR fine for GPS in company car

startupcafe.ro • 2 min read

💶 The ANSPDCP concluded its investigation into Global Ports' Services SRL in September 2024, finding that the company had violated several provisions of the GDPR, including the fact that it had processed the data of data subjects collected via the GPS monitoring system installed on the company car for a period of six months, and continued to process the data of data subjects after the date on which they ceased to be employees of the company.

It also failed to demonstrate that it had explored less intrusive methods of time tracking or to provide a clear legal basis for processing the data... read more (article in Romanian). 

Northern Ireland police data leak sees service fined by ICO

infosecurity-magazine.com  • 3  min read

💥The Police Service of Northern Ireland (PSNI) has been criticised for procedural failings that exposed the personal data of its officers and other staff. As a result, it has been fined £750,000 (almost €900,000) by the UK's Information Commissioner's Office.

The data protection watchdog highlighted the significant damage and distress caused to staff by the incident, including fears for officers' safety. It also concluded that easily implementable procedures could have prevented such a serious data breach… read more

Germany: Claims for moral damages under art. 82 GDPR are assignable

natlawreview.com • 3 min read

⚖️The Higher Regional Court of Hamm in Germany recently ruled that claims for moral damages under Art. 82 GDPR are assignable.

The confirmation of the assignability of claims significantly increases the risk for data controllers of being exposed to lawsuits and class actions for high damages in the event of a data breach… read more

--

Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.

Photo by Bud Hellison on Unsplash