The European Data Protection Supervisor (EDPS) has warned key planks of the bloc’s data protection and privacy regime are under attack from industry lobbyists and could face a critical reception from lawmakers in the next parliamentary mandate.
Any shift of approach by incoming lawmakers could have implications for the bloc’s high standard of protection for people’s data.
But he particularly highlighted industry lobbying, especially complaints from businesses targeting the GDPR principle of purpose limitation.
Wiewiórowski did not explicitly blame generative AI for driving the “strong attacks” on the GDPR’s purpose limitation principle.
So any AI-driven weakening of EU data protection laws in the near term is likely to have long term consequences for citizens’ human rights.
“The trajectory of privacy and data protection is at a critical juncture, and it is imperative that all stakeholders, including tech giants like yours, uphold their responsibilities to safeguard these rights.
One of the signatories, Pirate Party MEP Patrick Breyer, summarizes Meta’s demand for a “privacy fee” as “economic coercion”.
noyb has subsequently filed another GDPR complaint against Meta’s model, focused on how easy/not is it for people to withdraw consent.
There are also a series of consumer protection complaints in the mix — which argue Meta’s approach breaches EU consumer protection rules.
Completing the circle, consumer right groups have filed as series of GDPR complaints against Meta’s ‘pay or okay’ model, too.
A German subsidiary involved in Sam Altman’s controvercial crypto blockchain digital identity business, Worldcoin, was reported Friday to have filed a legal challenge against a suspension order from Spain’s data protection authority.
Here’s Worldcoin’s statement in full:Worldcoin is fully compliant with all laws and regulations governing biometric data collection and data transfer, including Europe’s General Data Protection Regulation (“GDPR”).
Nor to confirm whether Worldcoin and its operators in Spain have complied with the local order to stop scanning and processing data of people from the market.
If that happens, disputes over decisions are either resolved via majority votes or, if DPAs remain split, the European Data Protection Board gets a casting vote.
The article also notes that “several” EU authorities are currently investigating whether Worldcoin complies with the GDPR.
It’s been over two years since a key piece of the tracking-ads’ industry’s consent collection apparatus was found to breach European Union’s data protection laws.
A simple ‘yes or no’ to ad tracking is as much friction web users should get.
Critics dub the whole cynical approach compliance theatre: An attempt by the ad industry to evade data protection law and keep tracking and profiling web users en masse by packaging systematic non-compliance inside an industry standard framework.
However action requiring reform of the framework was suspended pending a final court ruling on the IAB’s appeal.
Plus the European Data Protection Board is due to weigh in with guidance soon.
Danish startup Whistleblower Software is rebranding as Formalize as it expands into the broader compliance software sphere — and it has raised a fresh €15 million ($16 million) to fund the expansion.
The announcement comes as the compliance software market has exploded, due in large part to growing regulatory pressure — and investors have taken note.
Private equity giant Thoma Bravo took German compliance and investor relations software company EQS Group private in a $435 million deal last month, while startups Cypago, Hyperproof, Certa, and Anecdotes have all raised sizeable venture rounds for various flavors of compliance software these past few months.
“The compliance software market is booming, driven by the EU’s robust regulatory agenda,” Formalize co-founder and CEO Jakob Lilholm told TechCrunch over email.
“They [data compliance and whistleblowing] are primarily connected by the intention of the [GDPR] regulation,” Formalize co-founder and CTO Kristoffer Abell told TechCrunch.
As we’ve reported before Meta’s self-serving ‘consent or cough up’ offer is already facing a number of other GDPR complaints.
Today’s complaints are not the first filed against Meta’s consent or pay tactic by consumer protection groups — some of which argue it’s breaching the bloc’s rules on consumer protection, too.
However its blog post defending the controversial tactic does not make any mention of how it complies with EU consumer protection law.
So another very pertinent question, vis-a-vis Meta’s consent or pay offer in the EU, is what the Commission will do?
*The BEUC members filing GDPR complaints against Meta are: CECU, dTest, EKPIZO, Forbrugerrådet Tænk, Forbrukerrådet, Poprad, Spoločnosť ochrany spotrebiteľov (S.O.S.
Elon Musk’s X, the social media platform formerly known as Twitter, is facing a new privacy complaint in Europe related to its ad targeting tools.
The complaint, which is being lodged with the Dutch data protection authority by privacy rights not-for-profit noyb, accuses X of failing to enforce its own its advertising guidelines.
“After we filed our first complaint in this matter, the EU Commission has already confirmed to stop advertising on X.
“In November, this unlawful use of micro-targeting already prompted noyb to file a complaint against the EU Commission itself.
“It remains to be seen if the Commission may take action against X itself under the DSA,” noyb further added.
