CDP Institute

The move comes after academics and researchers expressed concern over risks of discriminatory targeting.

If laws like GDPR and BIPA are found to support that claim, the world of sports betting, gaming, and data will be subject to a whole new economic reality. An initiative, called Project Red Card and spearheaded by more than 850 pro- and former top-level athletes, is evolving a legal claim based on the notion that an athlete’s performance data, even if it’s publicly observed, is personal data and that athletes have a right to compensation for use of their data. It also raises related issues, such as what prior consent... Read More >

By virtue of the drop of one cookie required as a minimum for use, 89% of the top 150 online pharmacies in the EU have violated GDPR rules by both collecting personal data of visitors and customers and collecting sensitive information, including on use of antidepressants, reproductive health products, and addiction treatment. The pharma e-commerce industry was projected to grow by nearly €9.5 billion between 2020-2024 and data collected is highly sensitive. The research conducted by consent management company Usercentrics, looked at companies in Austria, Denmark, France, Germany, Italy,  Netherlands,... Read More >

New report from the Future of Privacy Forum (FPF) looks at how automated-decision making (ADM) has been viewed historically in cases by national courts and by Data Protection Authorities under GDPR and previous law – and explores how this can inform what to watch for as AI and Machine Learning (ML) use grows.

The Irish Council for Civil Liberties (ICCL) did a 30-day look at real-time bidding (RTB) and found user location and activity data is exposed on average 747 times/day in the US, and 376 times/day in the EU. Even more alarming, the ICCL considers these numbers low, since Facebook and Amazon RTB broadcasts weren’t included in the count.

The US Federal Trade Commission has announced that it is illegal under the Children’s Online Privacy and Protection Act (COPPA) for companies to deny students access to remote learning platforms if parents or schools refuse consent for student data to be used for marketing and advertising. Companies will also not be allowed to use data collected from a child with a school’s authorization for commercial purposes, and they are obligated to remove data expeditiously when it’s no longer needed.

Available now are an early look at 5DK Runtime, Topics API, and FLEDGE APIs.

The company has also been ordered to use personal data of residents that is publicly available on the Internet.

Clearview AI, known for scraping billions of facial recognition images without consent and running afoul of privacy regulators in numerous countries, has met its match in the American Civil Liberties Union (ACLU). Clearview’s agreement to settle the ACLU’s 2020 lawsuit which stated the company violated Illinois’ BIPA biometrics law means the company can’t continue to sell its software to most US companies, and sets a precedent that state privacy laws can have impact beyond state lines.

Four of five Supreme Court justices voted to allow access to citizen bank documents, removing the need for  warrants. The decision is based on argument that individual rights to bank privacy is secondary to the government’s need to combat tax fraud and monitor for money laundering. Needless to say, that opens the data of millions of Mexican citizens to scrutiny without consent or specified cause. It is, however, in keeping with the aim of Mexico’s president who wants to crack down on Big Tech abuses.

The EU Council has approved the Data Governance Act (DGA). The new law will promote the availability and reuse of data that is subject to the rights of others that can benefit the public sector. This includes trade secrets and intellectual property data as well as personal data, areas not covered by the 2019 Open Data Directive. The EU plans to set up a single access point with an electronic register of public-sector data as part of a framework to foster data intermediation services and provide a secure environment through... Read More >

Didomi’s “Data Privacy Barometer” shows at-a-glance which country laws are approved, enforced and still in draft; compares data collecting and tracking across 14 industries; and provides a snapshot of consent volume by industry.