A lengthy investigation into the European Union’s use of Microsoft 365 has found the Commission breached the bloc’s data protection rules through its use of the cloud-based productivity software.
Announcing its decision in a press release today, the European Data Protection Supervisor (EDPS) said the Commission infringed “several key data protection rules when using Microsoft 365”.
The regulator, which oversees’ EU institutions’ compliance with data protection rules, opened a probe of the Commission’s use of Microsoft 365 and other US cloud services back in May 2021.
Yet use of Microsoft 365 routinely results in data flowing back to Microsoft’s servers in the US.
Over the last few years, Microsoft has responded to amped up EU regulatory risk attached to data transfers by expanding a data localization effort focused on regional cloud customers — in an infrastructure it’s branded the “EU Data Boundary for the Microsoft Cloud”.
A German subsidiary involved in Sam Altman’s controvercial crypto blockchain digital identity business, Worldcoin, was reported Friday to have filed a legal challenge against a suspension order from Spain’s data protection authority.
Here’s Worldcoin’s statement in full:Worldcoin is fully compliant with all laws and regulations governing biometric data collection and data transfer, including Europe’s General Data Protection Regulation (“GDPR”).
Nor to confirm whether Worldcoin and its operators in Spain have complied with the local order to stop scanning and processing data of people from the market.
If that happens, disputes over decisions are either resolved via majority votes or, if DPAs remain split, the European Data Protection Board gets a casting vote.
The article also notes that “several” EU authorities are currently investigating whether Worldcoin complies with the GDPR.
Spain’s data protection authority has ordered Worldcoin to temporarily stop collecting and processing personal data from the market.
Data protection authorities can also demand unlawful processing to stop, including temporarily if they are concerned people’s rights are at serious risk, as is happening here.
An investigation was opened by France’s data protection authority last year.
It also said then that it would be seeking to ascertain whether Worldcoin had carried out a data protection impact assessment.
In another set-back last year, Kenya’s data protection authority issued a ban on Worldcoin’s local processing.
Today, the startup emerged from stealth with the Fused platform, and $1 million in pre-seed funding.
It takes data, fed from satellites, sitting in storage repositories and runs it through its platform to make it usable.
The platform is essentially a middleware processing layer that helps turn the geospatial data into something more consumable.
It consists of several open source pieces and a serverless processing engine.
They can then transfer this data to other programs for further analysis or create data visualizations based on the data.
As we’ve reported before Meta’s self-serving ‘consent or cough up’ offer is already facing a number of other GDPR complaints.
Today’s complaints are not the first filed against Meta’s consent or pay tactic by consumer protection groups — some of which argue it’s breaching the bloc’s rules on consumer protection, too.
However its blog post defending the controversial tactic does not make any mention of how it complies with EU consumer protection law.
So another very pertinent question, vis-a-vis Meta’s consent or pay offer in the EU, is what the Commission will do?
*The BEUC members filing GDPR complaints against Meta are: CECU, dTest, EKPIZO, Forbrugerrådet Tænk, Forbrukerrådet, Poprad, Spoločnosť ochrany spotrebiteľov (S.O.S.
A fledgling Dutch startup wants to help companies extra data from large volumes of complex documents where accuracy and security is paramount — and it has just secured the backing of Google’s Gradient Ventures to do so.
How it worksCompanies can access Send AI’s cloud-based software via APIs which funnels data from documents sent over email.
Upon receipt, Send AI visually enhances the documents before sending to its language models for classification and extraction.
In terms of pricing, Send AI charges on a credit-based basic, whereby customers pay per processing-step.
Send AI attempts to address such concerns by deploying small, isolated open source transformer models for each customer.
France’s data privacy watchdog, the CNIL, has fined Amazon’s logistics subsidiary in France €32 million, or $35 million at today’s exchange rate.
Again, it’s worth pointing out that the CNIL is listing some data processing wrongdoings.
This isn’t a labor case, it’s a data processing case about illegitimate and excessive monitoring of the warehouse workers.
“As implemented, the processing is considered to be excessively intrusive.”According to the French regulator, Amazon uses this performance data to assess the overall performance of its warehouse workers on a weekly basis.
The company’s first argument is that Amazon isn’t the only company in the logistics industry using a connected warehouse management system.
The Department of Justice alleges that Legkodymov processed over $700 million in illicit funds through his crypto exchange, Bitzlato. The DOJ has seized the exchange’s assets and placed Legkodymov under…
Sales reps have a lot of administrative work to do after each call, which takes time away from selling. Attention’s sales assistant uses AI and natural language processing to automatically…
Releaf, a Nigerian agritech startup providing ingredients (starting with oil palm) to consumer goods manufacturers and their food factories, raised $3.3 million in an oversubscribed pre-Series A round. The Jack…
