European privacy regulators gave Facebook five months to stop transferring data into the United States and assessed the social media giant a record 1.2-billion-euro fine in a decision that puts pressure on the European Commission to finalize a legal agreement enabling trans-Atlantic data flows.
The French data protection authority on Tuesday signaled increased concerns over the privacy impacts of generative artificial intelligence and said issues such as data scraping raise data protection questions. Data scraping by AI companies is a flashpoint in the technology's rollout.
The European Parliament called on the European Commission to reject a draft legal framework facilitating trans-Atlantic commercial data flows in a nonbinding vote. A majority said the EU-U.S. Data Privacy Framework fails to protect European citizens from American bulk online surveillance.
Members of the U.K. Parliament considering modifications to national privacy law heard assurances Wednesday that the European Union will go along with them. "U.K. GDPR retains all the rights of the European citizens," said John Edwards, U.K. Information Commissioner said Wednesday.
As many countries in APAC are coming out with their own privacy laws, the region is fast becoming the epicenter of data protection developments around the globe, said Raymund Liboro, former commissioner and chairman of the National Privacy Commission, Philippines.
A civil society group accused the Irish data protection agency of soft peddling enforcement of European privacy law in a complaint filed with the European Commission ombudsman. The Irish Council for Civil Liberties says the Irish Data Protection Commission leaves systemic problems unaddressed.
The French and Spanish data privacy watchdogs have launched separate probes into ChatGPT over potential data privacy violations. European scrutiny of the chatbot mounted after the Italian data protection agency announced a temporary ban on ChatGPT in March.
A British government agency added to TikTok's reputational woes by finding it failed to protect children's privacy. TikTok is playing defense in multiple Western countries against concerns it collects massive amounts of data it could use for surveillance or information operations.
Italian regulators announced Friday an effective ban on ChatGPT after determining that artificial intelligence firm OpenAI likely engaged in a massive illegal collection of personal data. The agency gave OpenAI until April 19 to address its concerns or potentially face fines.
Facebook is asking Ireland's High Court to quash a 265-million-euro fine levied by the country's data watchdog after the phone numbers of more than half a billion users appeared online. A user of the now-shuttered BreachForums in April 2021 posted data scraped from 533 million profiles.
The U.K. government recently embarked on a plan to create its own version of the EU's General Data Protection Regulation, but attorney Jonathan Armstrong says he is "pretty skeptical" that this second attempt at privacy reform will successfully make it through the country's Parliament.
The British government is proposing modifications to the European privacy law adopted as British law before the U.K. left the EU. Civil society groups warn that changes to the U.K. GDPR could lead to more surveillance. Some tech firms say the government is poised to increase its regulatory burden.
Irish authorities have fined a healthcare organization 460,000 euros - about $490,000 - for a 2019 Calum ransomware breach that compromised sensitive information of 70,000 patients, including the permanent deletion of data for about 2,500 of them.
Automaker Tesla revised settings for its in-built cameras after a probe by the Dutch data privacy agency found its default settings enabled illegal recording and retention of data. "Teslas parked on the street were often filming everyone who came near the vehicle," DPA board member Katja Mur said.
The European Commission is preparing a proposal mandating more cooperation among national government agencies charged with enforcing the General Data Protection Regulation. Nationally driven enforcement of the regulation has emerged as a sore point for some during the GDPR's first half decade.