Data Protection News Update 11 December 2023

United Kingdom

UK Information Commissioner warns against 2024 becoming the year people lose trust in AI

  • Speaking at techUK’s Digital Ethics Summit, UK Information Commissioner John Edwards warned the global population could lose trust in artificial intelligence and called on tech developers to embed privacy into their products from the very start.
  • Edwards set out the steps the ICO has taken to support business using AI technology and made it clear that there are no excuses for “bad actors” who do not comply with data protection laws.

UK’s data regulator resists call to investigate China’s BGI over genomic concerns

  • The UK Information Commissioner’s Office (ICO) is resisting calls from lawmakers to investigate the prenatal tests of a Chinese gene company over how it handles the genomic data of consumers.
  • The BGI group collects genetic data from millions of women for population research using tests “developed in collaboration with the country’s military.”
  • Despite lawmakers writing to the ICO to ask for an investigation into privacy concerns, they said that the threshold of evidence to carry out an investigation had not been reached and, most importantly, no complaints have been received from individuals who are concerned with how BGI group have processed their data.

United States

Ex-Twitter Executive alleges he was fired after Musk sale for raising security concerns

  • Twitter’s former global head of information security filed a lawsuit against X alleging he was fired following Elon Musk’s acquisition of the company for opposing a request that violated users’ privacy.
  • Alan Rosa states he was told to cut his department’s physical security budget by 50% which would have put X’s San Fransisco office at risk of violating an FTC order that required the company to maintain “a comprehensive privacy and information security program.”
  • X has faced several lawsuits from ex-employees, vendors, and other parties since Musk’s purchase.


European Health Data Space: Council agrees its position

  • Members of the Council of the European Union agreed to a negotiating stance on the proposed European Health Data Space (EHDS).
  • The EHDS would give citizens better access and control over their personal electronic health data and facilitate a single market for digital health services and products.
  • The EU council presidency now has a mandate to begin negotiations with the European Parliament as soon as possible to reach a provisional agreement on the proposed regulation.

EDPB publishes urgent binding decision regarding Meta

  • The European Data Protection Board (EDPB) published the text of its urgent binding decision instructing Ireland’s Data Protection Commission to institute a European Economic Area-wide ban on Meta’s personal data processing toward behavioural advertising on the basis of contract and legitimate interests.
  • This decision followed a request from the Norwegian Data Protection Authority (NO DPA) to order final measures in this matter which would have effect in the entire European Economic Area.
  • The EDPB concluded that there are ongoing infringements of the GDPR and there is an urgent need to act in light of the risks for the rights and freedoms of data subjects.


Singapore issues health care sector cybersecurity guidelines

  • Singapore’s Ministry of Health and the Cybersecurity Agency of Singapore has issued cybersecurity guidelines for health care providers.
  • These guidelines highlight the importance of properly securing data, updating software and creating a planned response if sensitive data is breached.
  • The Ministry of Health plans to introduce the Health Information Bill in 2024 to govern the safe and secure collection, access, use and sharing of health information to enhance quality and continuity of care for patients.


More Posts

Send Us A Message