Data Protection News Update 30 October 2023

United Kingdom

UK IT Pros Express Concern About C-Suite’s Generative AI Ambitions

  • New research has revealed significant concerns among UK IT professionals regarding the deployment of generative artificial intelligence applications.  
  • A study done highlights that 93% of UK IT professionals express concerns about their organizations ambitions for generative AI.  
  • Professionals feel that alongside a lack of understanding, there is a lack of policy within their businesses to address such advancements in technology.  

ICO publishes final guidance on data protection and monitoring workers  

  • On 3rd October, the ICO published its final guidance on worker monitoring to help employers who wish to monitor their workers comply with data protection laws. 
  • Conducting a data protection impact assessment is seen as a vital path to compliant monitoring, although it is not strictly required by law. 
  • The ICO highlights the importance of transparency and respect for privacy, underlying that any monitoring must be necessary, proportionate and respect the rights of workers.  

Belgium investigating alleged criminal breach of data protection laws over London Ulez fines

  • Thousands of fines for breaches of London’s ultra-low emissions zone rules may have been sent unlawfully to drivers of EU-registered vehicles. 
  • Since Brexit, UK authorities do not have access to personal data of EU citizens for non-criminal enforcement- however, drivers in several EU countries have received fines (many totalling thousands of pounds) for failing to register their Ulez-compliant cars with TfL before driving into London. 
  • A Belgian court bailiff is accused of abusing its legal powers to obtain more than 20,000 registered keeper details and pass them on to Euro Parking for UK enforcement.
    • Euro Parking is circumventing GDPR rules by employing EU based agents who obtain driver data on its behalf without disclosing it will be shared with a UK company.  


Amazon rolls out independent cloud for Europe to address stricter privacy standards

  • Amazon Web Services announced that AWS European Sovereign Cloud (located and operating in Europe) will have the same security, availability, and performance as existing AWS regions but will be separate from them.
    • This is to address “strict” regulations that companies and those in the public sector must comply with in the EU.  

United States

23andMe notifies customers of data breach into its ‘DNA Relatives’ feature  

  • 23andMe told customers via email there was a breach of one or more accounts connected to theirs through the “DNA Relatives” feature, which allows users around the world to connect and share their personal data including relationship labels, ancestry reports and matching DNA segments, location, birth year, and family names. 
  • Since news of the back, many customers have expressed worries their ethnicity and other sensitive information could be used against them if it is leaked.  


Instagram apologises for adding ‘terrorist’ to some Palestinian user profiles  

  • Meta apologises after inserting the word “terrorist” into the profile bios of some Palestinian Instagram users, stating it was a bug in auto-translation.  
  • The issue affected users with the word “Palestinian” written in English on their profile, the Palestinian flag emoji and the word “Alhamdulillah” written in Arabic.  
  • This incident exemplifies how automated systems have the ability to perpetuate biases, and obvious racism and discrimination. 


More Posts

Send Us A Message