Data Protection News Update 12 June 2023

United States

US senators probe Twitter

  • Senators Elizabeth Warren, Ed Markey, Ron Wyden, and Mazie Hirono probe Twitter Executive Chair Elon Musk and newly appointed CEO Linda Yaccarino about the company’s privacy practices and its compliance with consumer protection laws.

Concerns over companies using AI to monitor staff

  • The Washington Post reports that companies are apparently contemplating using AI tools and apps in the workplace to also monitor employees.
  • AI companies promote their products stating that they can be used to improve employees’ productivity, lower their stress levels and make them feel more connected. The workers themselves voice concerns over data collection and privacy.

FCC issues 5 million USD fine over spam calls

  • The Federal Communications Commission fines John M. Burkman, Jacob Alexander Wohl, and J.M. Burkman & Associates LLC for making 1,141 robocalls without previously obtaining consent to contact.


European Data Protection Supervisor (EDPS) investigates EU’s border agency (Frontex)

  • EDPS has audited Frontex’s data sharing practices.
  • It has concluded that Frontex has been sharing information from detained migrants and asylum seekers to EU police agency Europol without consent.
  • This practice of data sharing was first introduced after a series of terrorist attacks back in 2015 and is called ‘Processing of Personal Data for Risk Analysis (PeDRA)’. It was concluded that an effective exchange of information between European security services could have prevented these attacks from happening, which is what this program intended to fix.
  • But now, it seems Frontex has been going too far in its pursuit to remedy the failure of 2015. European Data Protection Supervisor Wojciech Wiewiorowski says that ‘with people crossing the border, we have a feeling that the EU has a problem keeping the values and its principles it’s proud of’.

Denmark’s DPA issues data transfer reprimand

  • Denmark’s DPA has issued a reprimand against rental agency Boligportal about its EU-US data transfers. The DPA investigated the company due to its use of Facebook Business tools and the potentially unlawful international data transfers it involves but could not reach a decision due to the lack of information.
  • The DPA was, however, able to order the agency to explain the ‘distribution of roles and responsibilities’ between the agency and Meta Ireland in order to better determine if data is being transferred to third countries.

EDPB issues GDPR dispute resolution guidelines

  • The EDPB published guidelines on the process of dispute resolutions among board members pursuant Article 65(1)(a) GDPR.
  • The guidelines are said to clarify the applicable legal framework and main stages of the procedure and the competence of the EDPB when adopting a legally binding decision under Article 65(1)(a) GDPR and the applicable procedural safeguards and remedies such as the right to be heard, the right of access etc.

French senators question European TikTok officials over user data access

  • The TikTok officials were pressured to answer questions on TikTok’s link to the Chinese government, the app’s compliance with the protection of minors and the ownership structure of TikTok in France.
  • There were some inconsistencies in the answers of TikTok officials and they could not confirm or deny whether Chinese engineers are able to access data of Europeans from China.


Japan’s Personal Information Protection Commission warns OpenAI

  • Japan’s privacy watchdog warns OpenAI (the creator of ChatGPT) over its collection of sensitive user data for machine learning purposes and hints that it might take action against the company if OpenAI should not minimize the data it collects and fails to base it on valid permission. 

Australia is considering prohibiting ‘high-risk’ AI

  • Australia is considering introducing a ban on uses of AI that are seen as ‘high-risk’ such as deepfakes and algorithmic bias.
  • The report underlining this consideration warns of AI’s ability to ‘influence democratic processes or cause other deceit’ and that it can target minority racial groups.

New Zealand’s government ministry bans staff from using AI

  • The Ministry of Business, Innovation and Employment cites data and privacy risks for this ban. They were especially concerned that staff members could end up putting sensitive information into AI tools which could later resurface.
  • In general, New Zealand has still no government-wide rules or guidelines on the use of AI technology directed at its ministries and agencies.

United Kingdom

ICO issues reprimand to Thames Valley Police

  • The ICO issued a reprimand to Thames Valley Police for disclosing witness information to suspected criminals, even going so far as to revealing the address of a witness to a suspect, which lead to the witness having to relocate.
  • The ICO held that the TVP ‘did not have appropriate steps, such as training, in place to ensure officers were aware of guidance around disclosure and redaction’.

UK government to remove Chinese-made CCTV cameras

  • The UK government decided to remove CCTV cameras produced by partially Chinese state-owned companies (Hikvision and Dahua) from ‘sensitive’ government sites.
  • The reasoning behind this decision are privacy concerns and documented human rights violations in China.

ICO issues warning on the dangers of new neurotechnologies

  • ‘Neurotechnology collects intimate personal information that people are often not aware of, including emotions and complex behaviour. The consequences could be dire if these technologies are developed or deployed inappropriately’.
  • Especially neurodivergent people stand at risk of discrimination.
  • There are plans for ICO to develop guidance for neurotech companies.


More Posts

Send Us A Message