SypherPrivacyTalks - November 2024 - Week 47

by Sypher | Published in News - November 18, 2024


Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.

Google tightens Customer Match rules, warns advertisers about privacy

searchengineland.com • 3 min read

🎯Google is tightening the rules for its Customer Match tool, with an emphasis on privacy compliance from January 2025. Key changes include stricter consent requirements (explicit user permission, opt-out respect), creative restrictions (no targeting of minors or personalised messages without consent) and immediate account suspension for violations.

Actionable steps that marketing and privacy teams can take together include: Review current customer matching practices for consent compliance; Ensure all user data has proper consent documentation; Review and align targeting strategies with new policies. These changes highlight the need for responsible advertising practices… read more


IAPP’s Privacy Governance Report 2024 is out

iapp.org • 7 min read

📣 The newly released IAPP Privacy Governance Report 2024 highlights the critical link between an organisation's investment in privacy governance and its effectiveness. The report highlights the growing maturity of privacy governance, driven by expanded responsibilities beyond privacy, including AI governance (55%), data governance and ethics (58%), and cybersecurity compliance (32%). 

The report also highlights that only 26% of teams feel adequately funded, with many struggling to keep up with increasing regulatory complexity, enforcement actions and workload demands. Privacy teams are prioritising strategic initiatives such as privacy training, risk management and technology adoption to effectively address compliance challenges... read more: IAPP Privacy Governance Report 2024 Executive Summary.
Access to the full report requires IAPP membership.


Using personal data in AI projects: Overcoming the challenges

shlegal.com/insights • 8 min read

🤖 This article discusses the intersection of artificial intelligence (AI) and data protection, emphasising the importance of transparency, regulation and ethical considerations in AI projects. It highlights the rapid growth of generative AI and the transformative potential of AI across industries. 

It also addresses challenges such as data security, ethics and transparency, while offering practical advice on how to address them. Key takeaway: be transparent and, to be on the safe side, conduct a DPIA whenever AI is involved… read more


Company fined €4000 for GDPR violation involving misuse of GPS data

startupcafe.ro • 3 min read

🚗Up Romania, a company specialising in meal vouchers and employee benefits, has been fined €4,000 by Romania's National Authority for the Supervision of Personal Data Processing (ANSPDCP) for breaching GDPR regulations. The company unlawfully collected and processed GPS location data from employees' work vehicles during their personal time, including holidays, without a legal basis. The authority also found that Up România stored the data for longer than the 30 days allowed by law. 

Corrective measures were imposed, requiring the company to reassess its data use practices, limit retention periods and delete excessive data. Similar fines have been imposed on other Romanian companies for misuse of GPS data.… read more (article in Romanian).


German stats body suffered possible data breach

barrons.com/news • 2 min read

💥The German Federal Statistical Office, Destatis, has reported a suspected data breach affecting its data exchange platform, which has been taken offline as a precaution. The Federal Office for Information Security is investigating. According to media reports, 3.8 GB of data, including company names, addresses and login details, may have been stolen and offered for sale on the Dark Web.

Destatis, which is also responsible for coordinating national elections, faces heightened cybersecurity risks as Germany prepares for snap elections in February. The incident highlights the importance of securing data platforms, monitoring for breaches and preparing for escalating cyber risks linked to geopolitical tensions… read more

--

Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.

Photo by Firmbee.com on Unsplash