Search results

[…] the fact that the DGA and PSD2 have diverging models for fostering data-based innovation: as an illustration, while PSD2 mandates banks to share customer data with fintechs, free of charge and upon the customer’s contractual consent, the DGA centres around voluntary data sharing, for which public bodies may charge fees and data subjects are […]

[…] their safe harbours) can be used to expand the scope of section 69 or rules thereunder.  Proceedings initiated by Whatsapp LLC in the Delhi High Court, and Free and Open Source Software (FOSS) developer Praveen Arimbrathodiyil in the Kerala High Court have both challenged the legality and validity of Rule 4(2) on grounds including […]

[…] kids at a young age, and to get beyond the common but too simple advice to not share personal information online. Common Sense’s Digital Citizenship Curriculum provides free lesson plans to address timely topics and prepare students to take ownership of their digital lives by grade and topic.  She also emphasized the important role […]

[…] on the value of data for research and strategies for oversight. FPF has shared model bill language with lawmakers developing comprehensive privacy laws in California, Washington, and Virginia to encourage them to both protect data-driven research and create oversight by requiring it to be approved, monitored, and governed by an independent oversight entity. Exploring […]

[…] Commissioner will consider broad factors to determine whether to prohibit transfers. These include:  the likelihood the transfer would harm any individual; the general desirability of facilitating the free flow of information; and any existing or developing international guidelines relevant to cross-border data flows such as the OECD Guidelines and the GDPR. Entities transferring data […]

[…] and scientific research, the EDPS recommends intensifying the dialogue between DPAs and ethical review boards for a common understanding of which activities qualify as scientific research, on codes of conduct for scientific research, and on closer alignment between EU research framework programs and data protection standards. In his keynote comments, the EDPS discusses the […]

[…] privacy when developing network protocols. Figure 1 – Overview of P802E applications (slide from the presentation by Jerome Henry) The purpose of the P802E recommendation is ‘to promote a consistent approach by IEEE 802 protocol developers to mitigate privacy threats identified in the specified privacy threat model and provide a privacy guideline.’  In order […]

[…] we address uses of machine-generated data that are not necessarily personal data in the legal sence. Therefore, it’s important that we track policy developments related to the free flow of non-personal data, which also happens to be an issue that is top of mind for the European Commission at the moment.   To learn […]

[…] the data they collect, and ensure that any secondary or downstream uses of data are not unexpected or discriminatory (even if such uses ensure an app is free to use).  What do you see happening over the next few years in ad-tech? Over the past few years, we’ve seen the GDPR have a very […]

[…] there is no immediate solution to provide an alternative lawful mechanism for transfers. The other options provided by the GDPR, like Binding Corporate Rules, certification mechanisms and Codes of Conduct (CoC) take a long time to be approved by Data Protection Authorities and very few are in place (particularly BCRs; there are currently no […]