United Kingdom
ICO published guidance on workers’ health data
- The ICO has published a guide for employers about their data protection obligations when it comes to employee’s health data.
- The guide distinguishes between things that organisations must, should and could do to comply with those obligations, clearly illustrating what the legal requirements are and what is seen as good practice.
- There is a helpful section in the guide with checklists, you can find it under this link: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/employment-information/information-about-workers-health/checklists/.
UK will not immediately use powers provided in the Online Safety Bill
- Many have raised concerns over the proposed Online Safety Bill which will allow the scanning of messaging apps for harmful content: https://www.theguardian.com/technology/2023/may/08/whatsapp-could-disappear-uk-over-privacy-concerns-ministers-told
- The UK Minister of Culture, Communications and Creative Industries now ensures that they will not make use of this power until technology is developed with the capability.
ICO will review data protection practices of fertility and period-tracking apps
- The regulator has announced that it will probe fertility and period-tracking apps and review how they process users’ personal data.
- This review has been announced after a poll has revealed that over 50% of the users have concerns over the security of the personal data that they have shared and how it is used by the apps.
United States
OpenAI and Microsoft face new US consumer privacy class action lawsuit
- The lawsuit filed on behalf of two unnamed software engineers claims that the companies have used stolen personal data from countless internet users to train their AI.
- This is the second class action lawsuit with the first one being filed back in June 2023.
Europe
French lawmaker files legal challenge against EU-US Data Privacy Framework
- A member of the French parliament, Philippe Latombe, is challenging the EU-US Privacy Framework before the European Union’s General Court.
- Latombe wants to suspend the agreement immediately and raises concerns over the fact that the Framework was ‘notified to EU countries in English only, and was not published in the EU’s Official Journal, which could fall short of procedural rules’.
Meta is denied appeal on behavioural advertising ban
- The Oslo District Court has denied Meta’s appeal and has upheld Norway’s DPA’s decision banning Meta’s behavioural-based advertising on Meta platforms in July.
International
Australian Federal Police is asking for donations of databases
- The Australian Federal Police is asking the police to donate their childhood photos. These photos will be used for an AI project. A database will be build that will eventually be used to combat child sexual abuse material.
- Dr Nina Lewis, the ethics specialist and head of the project claims that strict controls are in place so that these pictures cannot be used for other purposes without permission and participants can withdraw their consent at any time.
LG Uplus fined for data breach
- South Korea’s DPA issues a fine of KRW8 billion (48,000 pounds) against telecommunications company LG Uplus due to a data breach which affected around 300,000 records containing personal data.