SypherPrivacyTalks - February 2025 - Week 9
by Sypher | Published in News - February 24, 2025
Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.
European Court of Justice clarifies conditions for imposing GDPR fines
🧑⚖️The Court of Justice of the European Union (CJEU) has issued new rulings, setting out when organisations can be fined under the GDPR. The court clarified two key points: firstly, organisations can only be fined for intentional or negligent breaches, not for all breaches regardless of fault.
Secondly, when calculating maximum fines for companies that are part of larger groups, authorities must look at the entire global turnover of the group.
The CJEU also ruled that there need not be an agreement between data controllers (joint controllers) to determine the purposes and means of processing personal data.... read more
Apple pulls data protection tool after UK government security row
💥 Apple is removing its highest level of data security, Advanced Data Protection (ADP), in the UK after the government demanded access to user data. ADP uses end-to-end encryption and only allows account holders to view their online files. However, the UK government recently requested the ability to access this data, which even Apple cannot currently see.
Apple has refused to create a 'backdoor' to its encryption, citing security risks, but will now disable ADP in the UK. This means that ultimately not all UK iCloud data will be fully encrypted. Data with standard encryption can be accessed by Apple and shared with law enforcement with a warrant… read more
France's new age verification standard: Tightening controls on access to explicit image sites
🚸France's Audiovisual and Digital Communication Regulatory Authority published its final standard for age verification on pornographic websites on 11 October 2024. The standard enforces strict technical requirements to ensure reliable age checks while safeguarding user privacy, including "double anonymity" solutions.
Aimed at protecting minors from accessing adult content, the standard could also influence other industries needing age verification. All stakeholders must understand its requirements and how they might affect age verification on their platforms… read more
EDPB adopts report on GDPR right of access following 2024 coordinated enforcement action
datamatters.sidley.com • 4 min read
📜 The European Data Protection Board (EDPB) has just completed a review of how companies handle requests for access to personal data. After examining over 1000 companies, they found that while most do an acceptable job, there's significant room for improvement. Companies often make the process too narrow or complicated, and need to be more flexible in how they accept these requests.
The review emphasised that each request should be treated on its merits, rather than a one-size-fits-all approach, and that companies need to keep better records of how they deal with these requests. Looking ahead, the EU has announced that in 2025 it will shift its focus to examining how companies handle 'right to be forgotten' requests... read more
DeepSeek 'shared user data' with TikTok owner ByteDance
🤖 South Korean regulators have confirmed that Chinese AI firm DeepSeek shared user data with ByteDance, the parent company of TikTok. The app, which had garnered over a million downloads in South Korea before being removed from app stores over the weekend, hit the headlines in January when its claims of low-cost AI training rattled markets.
While existing users can still access the service via web browsers, growing privacy concerns have led to increased scrutiny, with a US cybersecurity firm raising similar concerns about data sharing in February… read more
--
Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
Photo courtesy of Curia
