2024-W47: NEW RESOURCES
Eli Atanasov, CIPP/E, PhD
?? I help businesses put their privacy compliance on autopilot, saving them time and money in the process.
Hi privacy navigators,
We’ve just added some great new resources to the ?? Privacy Navigator.
Latest resources:
The Consumer Financial Protection Bureau (CFPB) by WASHINGTON, D.C
This report explores the gaps and opportunities in federal and state privacy protections for consumers' financial data, emphasizing the growing trend of data monetization by financial institutions and the need for stronger, more inclusive privacy laws to safeguard sensitive financial information.
See the Report here.
Mobile Applications recommendations for better privacy protection by CNIL
CNIL publishes its recommendations for better privacy protection, offering practical guidance for developers and users to enhance app privacy and ensure compliance.
See the Recommendations here. ?
NAVIGATE PRIVACY RESOURCES
Did you know that Privacy Navigator gives you much more than news in your inbox?
Research any topic using the Privacy Navigator in three easy steps:
Click the advanced search button below the search bar. If you want to make your search quicker you can start typing directly in the search bar.
2. Narrow down your search
For this example, let’s research data protection impact assessments [1]. After briefly browsing the resources, you can narrow them down by keyword [2], or resource type [3]. You can always reset the filters [4].
In this case, let’s show only guidelines.
3. ?Check the latest DPA decisions
To complete your research, you can find DPA decisions across the EU and the UK by using our?Fine Tracker. Simply Select the country [1], sector [2], or the type of violation [3]. If you want a broader search, you can skip some of the filters.
The last step is to open the file by clicking “see more” [4].
All the above research tools are completely free. No subscription, no registration.
First Draft General-Purpose AI Code of Practice by EU Commission
The First Draft General-Purpose AI Code of Practice by the EU Commission, outlines critical strategies for executives to implement responsible AI governance, ensuring compliance with regulations, fostering transparency, and aligning AI initiatives with ethical and organizational goals.
See the Recommendations here.
Decision 114/2024 by Belgian Data Protection Authority
This decision by the Litigation Chamber of the Belgian Data Protection Authority (DPA) highlights that obtaining valid consent for processing biometric data, such as fingerprints, in the context of employment is highly unlikely due to the imbalance of power between employers and employees, raising concerns about freely given consent under GDPR.
See the Decision in Dutch here.
OH Digitale Dienste version 1.2 by German data protection authority
The German Data Protection Authorities (DSK) have issued updated guidance for digital service providers, emphasizing strict consent requirements for storing or accessing information on user devices.
The guidance is technology-neutral, extending beyond cookies and GDPR, and mandates that consent must be voluntary, informed, unambiguous, and revocable. Exceptions are limited to cases of technical necessity or essential service provision, with a strong focus on informed consent for user tracking and third-party profiling.
It significantly impacts how digital services design and implement consent mechanisms, with practical examples provided for websites and apps.
See the Guidance in German here.
That's all for now, see you next week!
Eli
email:?[email protected]