Recent Developments in Data Privacy and Their Implications for Business 

Recent Developments in Data Privacy and Their Implications for Business

Data privacy is a hot topic in today’s digital world. Here are nine recent developments that changed the data privacy landscape and what they mean for businesses and consumers.  1. The EU General Data Protection Regulation (GDPR) came into force in May 2018, creating a unified data protection framework across the EU and giving individuals more control over their personal data. The EU General…

View On WordPress

Go back to the top of this article and reread that transcript of Rep. Buddy Carter grilling TikTok CEO Shou Zi Chew. Now, Carter is a dunderhead, but he’s dunderheaded in a way that illuminates just how bad COPPA enforcement is, and has been, for 25 long years.

Carter thinks that TikTok is using biometric features to enforce COPPA. He imagines that TikTok is doing some kind of high-tech phrenology to make sure that every user is over 13 (“I find that [you aren’t capturing facial images] hard to believe. It is our understanding that they’re looking at the eyes. How do you determine what age they are then?”).

Chew corrects the Congressdunderhead from Georgia, explaining that TikTok uses “age-gating”: “when you ask the user what age they are.”

That is the industry-wide practice for enforcing COPPA: every user is presented with a tick-box that says “I am over 13.” If they tick that box, the company claims it has satisfied the requirement not to spy on kids.

But if COPPA were meaningfully enforced, companies would simply have to stop spying on everyone, because there are no efficient ways to verify the age of users at the scale needed for general operation of a website.

-How To Make a Child-Safe TikTok: Have you tried not spying on kids?

Ensuring GDPR and DPA Compliance: How AIO Legal Services Supports UK Companies

With the ever-increasing volume of data and the need for robust data protection measures, compliance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act (DPA) has become paramount for businesses operating in the UK. Non-compliance can lead to severe penalties and reputational damage. To alleviate the complexities of GDPR and DPA compliance, AIO Legal Services offers…

View On WordPress

Cookie pop-ups are designed to be confusing and make you 'agree' to be tracked. This add-on automatically answers consent pop-ups for you, so you can't be manipulated. Set your preferences once, and let the technology do the rest!

This add-on is built and maintained by workers at Aarhus University in Denmark. We are privacy researchers that got tired of seeing how companies violate the EU's General Data Protection Regulation (GDPR). Because the organisations that enforce the GDPR do not have enough resources, we built this add-on to help them out.

We looked at 680 pop-ups and combined their data processing purposes into 5 categories that you can toggle on or off. Sometimes our categories don't perfectly match those on the website, so then we will choose the more privacy preserving option.

I've been using this since it came out in December 2019 (how time flies!) and definitely recommend it.

Chat Control in a nutshell (please reblog this, US people)

Find out more about Chat Control here TAKE ACTION HERE ! OR HERE Calling is much more efficient ! The latter link will redirect you to the official websites of your respective reps. Under the "read more", you will find what you need to say/write when contacting your reps. You will also find an alternate format of this comic,and I give explicit permission for people to translate it and spread it anywhere for awareness. Credit really not needed, I don't care about that rn Even if this is a EU proposal, I am urging Americans to also share this, since it goes hand in hand with KOSA. DON'T FORGET TO JOIN OUR DISCORD SERVER AGAINST CHAT CONTROL ! https://discord.com/invite/e7FYdYnMkS

(Latest update on Chat Control was the 12 september 2024) This is a little long, so feel free to shorten it as you wish : Subject line: "2022/0155(COD) Dear Sir/Madam, I am writing to express my grave concerns regarding the proposed introduction of "Chat Control" This measure poses a serious threat to the privacy and fundamental rights of all EU citizens and stands in stark contradiction to the core principles that the European Union seeks to uphold. The proposed Chat Control contravenes Articles 7 and 8 of the Charter of Fundamental Rights of the European Union, which guarantee the right to respect for private and family life and the protection of personal data. The indiscriminate surveillance of private messages without specific suspicion or cause directly violates these fundamental rights. The General Data Protection Regulation (GDPR) sets out stringent rules for the processing of personal data. The proposed indiscriminate surveillance and scanning of private messages before end-to-end encryption is fundamentally incompatible with the principles of data minimization and purpose limitation enshrined in the GDPR. Specifically, Articles 5 and 6 of the GDPR, which govern the lawfulness and principles of data processing, would be violated by the introduction of such measures. The implementation of Client-Side Scanning (CSS) on devices means that all messages and files are scanned on the user's device before being encrypted and sent. This effectively nullifies the protection offered by end-to-end encryption and opens the door to misuse and additional security vulnerabilities. Moreover, the technical capability to scan such content could be exploited by malicious actors to circumvent or manipulate surveillance mechanisms. Such far-reaching surveillance measures not only endanger privacy but also freedom of expression. The knowledge that their private messages are being scanned and monitored could significantly restrict individuals' willingness to freely express themselves. Additionally, trust in digital communication platforms would be severely undermined. I urge you to take a strong stance against this disproportionate and unlawful measure. The privacy and digital rights of EU citizens must be safeguarded. It is imperative that we protect our fundamental rights and ensure transparency in the decision-making processes of our leaders. For more detailed information on the proposal and its implications, please refer to the following resource: Link to Netzpolitik article. https://www.patrick-breyer.de/rat-soll-chatkontrolle-durchwinken-werde-jetzt-aktiv/ Thank you for your attention to this critical matter. Sincerely, [Name] Art. 10 GG , Art. 8 & 11 EU Charta , Art. 8 EMRK (Alternate comic here V)

i'm sorry that people are putting weird shame and pressure on you for literally just interacting on a post without checking every single person's blog, it's highly abnormal, and these people need to go outside. you don't need to send a hate ask to me to 'prove' to them that you're one of the good ones. you don't owe any randoms online anything.

Jesus christ your profile colors are hideous. Although i guess it matches a lot of the takes on here tbh. Not like i needed yet another reason to never come back to this blog but now i have one ig.

i'll consider it a compliment that the worst thing you can think of to insult me is my colour scheme. i changed it recently, didn't know how it'd be to others (lighter colours hurt my eyeballs), so thanks, i'll adjust it some more to make it a bit easier on your eyes :)

Petition: establish AI regulations

EU people (but possible to sign from elsewhere in the world) please add your name to this petition for human-centric and culture-friendly AI regulation. Needs 47,000 more votes as of the time of posting. From the petition:

'Summary: In an open letter, the Authors' Rights Network (Netzwerk Autorenrechte) calls on the German government as well as the French and Italian leaders to reconsider their stance on the (non-)regulation of AI, to take a stand against the massive damaging effects of unregulated AI applications based on theft, to protect people and authors from data theft and disinformation and to reflect on values such as trust, democracy and justice.

++ Open letter on the subject of France, Germany's and Italy's position on the planned EU Artificial Intelligence Act ++

Dear Chancellor Olaf Scholz (Germany),

Dear Federal Minister of Economic Affairs and Climate Action Robert Habeck,

Dear Federal Minister for Digital and Transport Volker Wissing,

Dear President Emmanuel Macron (France), 

Dear Prime Minister Giorgia Meloni (Italy):

It is with great concern that we, the members of the Netzwerk Autorenrechte which represents authors and translators in the book sector from 15 organisations in the D-A-CH region, observe Germany's, Frances and Italy's new position on the AI Act proposal. This new position runs counter to the consensus previously reached by EU Member States on the legal regulation of AI, in particular with regard to transparency and liability obligations for developers of generative technology.

According to reports from Euractiv on 19 November 2023, Germany – under the lead of the Digital Ministry and the Federal Ministry for Economic Affairs and Climate Action, and together with France and Italy – wants to push for "obligatory self-regulation" instead of legally binding regulation. There are no sanctions for saftey incidents such as copyright, authors’ rights and data protection violations, insufficient labeling, or circumventing ethical standards in the position of these three countries.

Reason

Dear Chancellor, dear Vice Chancellor, dear Federal Minister,

dear Mr President of France, dear Prime Minister of Italy:

We urge you to change your position, which currently favors supposed economic advantages to the detriment of sustainable legal rules. Your position sends a fatal signal to everyone in the cultural sectors and to all people in Europe: namely, that you're willing to protect the same tech companies that illegitimately make use of cultural works and citizens data for their own profits – rather than protecting the people whose work and private data have made these foundation models and generative applications possible in the first place.

The consequences of your position would be devastating. Generative technology is already threatening numerous jobs. We can already observe several harmful “business models” based on AI products and an increase in disinformation. It's been proven that generative AI uses unlawfully obtained works without the knowledge or consent of the works' authors. Without legal regulation, generative technologies will accelerate the theft of artistic work and data. They'll increase discrimination and the falsification of information, including damage to reputations. And they'll significantly contribute to climate change. The more legally deregulated generative products reach the market, the more irreparable the loss of trust in texts, images, and information will become for society as a whole.

We urge you to return to the values of trust, democracy, and justice. We're standing on the threshold of an evolution, of one of the most decisive moments in history. Will we regulate the machines that are using humans in order to replace them? Or will we choose the short-sighted ideology of money?

We trust you have the political resolve to do the right thing.

Berlin, 24 November 2023'

The Best News of Last Week - February 13, 2023

Hello there! Welcome to another edition of ‘Feel Good Newsletter’. I'm so glad you're here. Every week, I scour the web for the most uplifting and heartwarming stories to bring you a little bit of joy and inspiration. So, sit back, relax, and let's dive in!

1. Minnesota House passes "universal" school meals, providing free breakfast, lunch to students

The Minnesota House of Representatives is considering a bill that would provide universal school meals to all students in the state, regardless of their families' ability to pay. The goal of the bill is to ensure that all students have access to nutritious meals and are better equipped to learn in the classroom.

If the bill is approved, Minnesota would become the second state in the country, after California, to offer universal school meals. The bill has the support of education and anti-hunger advocates, who argue that it would help to address food insecurity and improve student health and academic performance.

2. Ukraine succeeds in bringing back 128 children forcibly removed to Russia

Ukraine has succeeded in bringing back 128 children forcibly taken by the invaders to Russia.

Source: Yuliia Usenko, Head of the Department for the Protection of the Interests of Children and Combating Violence of the Prosecutor General's Office of Ukraine, quoted by Ukrinform

Quote: "We have managed to bring 128 children back to Ukraine. More than 50 of them, together with their parents or guardians, are currently in EU countries.

3. Putting solar panels in grazing fields is good for sheep

A study found that installing solar panels in grazing fields is beneficial for sheep. The study was conducted in the UK and found that sheep were more likely to spend time in areas with solar panels than in areas without. This is because the panels provide shade and shelter from the sun, wind, and rain.

The researchers believe that this could help to improve the welfare of sheep, as they are more likely to seek out shade in hot weather, which can reduce the risk of heat stress. The study also found that the solar panels had little impact on the growth and health of the grass, which is important for the sheep's diet.

4. Dad takes toddler son for a manicure after teacher says it's 'only for girls'

The father and son were at a "Daddy and Me" event, where fathers were encouraged to spend time with their children doing various activities. The father chose to take his son to get a manicure, but was told by the teacher in charge of the activity that it was only for girls. The father was reportedly surprised and upset by the teacher's statement, as he felt that it was important for his son to be able to express himself however he wants, without gender stereotypes getting in the way.

The article notes that the incident highlights the ongoing issue of gender stereotypes and the importance of promoting gender equality and inclusivity, especially in children's activities.

4. More than half of new U.S. electric-generating capacity in 2023 will be solar, and only 14% will be using fossil fuels

Information Administration (EIA), energy production in the country increased for the fourth consecutive week. The EIA data showed that the output of oil, natural gas, and coal rose by 1.6%, 2.2%, and 3.2% respectively. The increase in energy production is due to a combination of factors, including improved drilling techniques, favorable weather conditions, and rising global demand for energy.

5. Deforestation in Brazil falls by 60% in first month under Lula

Deforestation in the Amazon rainforest in Brazil fell for the first time this year, according to a report by Reuters. The decrease is attributed to increased enforcement of environmental regulations and increased monitoring of illegal logging activities. The Brazilian government has implemented several measures to reduce deforestation and preserve the Amazon rainforest, which is a critical component of the global ecosystem.

6. Cat returned to NJ shelter for being 'too affectionate' now happy in his new home

A cat named Bruno surrendered to a shelter in New Jersey and was eventually adopted by a new family. Bruno, who was described as a friendly and affectionate cat, is now happily settling into his new home. The story of Bruno's adoption serves as a reminder of the importance of animal shelters and the work they do to find loving homes for abandoned pets.

7. A doggy day care was on fire. Neighbors helped save all 115 dogs inside.

A fire broke out at a doggy daycare and resort in Seattle, causing significant damage to the building. No dogs or employees were injured in the fire, but several dogs had to be temporarily relocated to other facilities. The cause of the fire is under investigation, and the resort is working to make repairs and get back to serving the community's four-legged friends as soon as possible.

- - -

That's it for this week. If you liked this post you can support this newsletter with a small kofi donation:

Buy me a coffee ❤️

Have a great week ahead :)

Local European law PhD person is breaking down why Twitter is in trouble with European authorities - bc we live in a dystopia and I am procrastinating my research.

TL;DR : Twitter is loosing all the experts required to actually make (good, but really any) decisions regarding data privacy in Europe, and it's even funnier because they picked the one(1) European country that would give them the most tax cut but it's also the one that is really into dragging Big Tech all the way to the highest instances in the EU to make knock them down a peg.

But also more under the cut bc this is hilarious and I CANNOT WAIT for Elon Musk to discover the EU. Very much going to be a unstoppable force meets unmovable object situation, because trust me, TRUST ME, there are few things as slow, inhert and full of bureaucrats who are NOT on twitter as the EU. Anyway here is too many paragraph of me putting my diploma to good use or something, my Masters Director would be proud.

Step 1: TF is the GDPR, like, actually.

Ok the the General Directive on Privacy Regulation is a European Union Regulation, which sets clear rule on what you can and cannot do with people's information/data, in order to protect their privacy. It is very wide and very cool and the US wishes it had it (Except you, California, you're doing great).

And what's cool is also that the moment you want your digital services to be available on European territory, you need to comply with the GDPR. Doesn't matter where you are based, if it's not GDPR compliant, you don't get access to that sweet sweet European market.

For example, after the GDPR was entered into force, there were a bunch of US News Media website I could not access, because they were not complying with the GDPR yet, and were not willing to take the risk to infringe on the GDPR. Doesn't matter if they are not Europe based. What matters is the market. Dw they are fine now.

Ok, cool.

.

Step 2: Twitter was doing ok so far - I know, I'm surprised as well.

So Twitter is a US-based company, but blue-bird had to comply with the GDPR like everyone else. So far, so good-ish, and by that I mean that Twitter was not really targeted by any European or national authority for not complying.

But let me tell you the thing about the GDPR: it is. a. mess. Getting to UNDERSTAND what's even required guaranteed my cohort of European Law major that we would ALL be employed in the upcoming years. It is atrociously difficult. THE REGULATION HAS ITS OWN WEBSITE imagine a law having its own website, what the hell honestly.

The GDPR is challenging for your local true crime book club handling the email addresses of its 12 members, ok.

IMAGINE WHAT IT'S LIKE FOR TWITTER.

Behemoth social media platforms require a massive amount of workforce and expertise to make sure they comply with the GDPR. Like, I cannot stress the absurd amount of work and constant vigilance it requires. But they were doing ok.

.

Step 3: Elon Musk is an authoritarian manchild and Twitter is bleeding experts

I know both things are related but trust me, it's important to mention them separately, you'll see in a second.

Among the many high-ranking people who left, we have:

The Chief Information Security Officer

The Chief Privacy Officer / Data Protection Officier

The Chief Compliance Officer (unconfirmed officially but I would bet on it)

So they are trying to do some emergency creative problem solving by apparently having data engineers be the ones certifying compliance with the GDPR (lmao as someone who works with a bunch of data scientist I would pay money to see that happening) and nominate people to temporarily take over all these positions. To be transparent the guy they nominated as "acting GPO" (lmao I'm really feeling the confidence right now) does not seem fully incompetent, but this is still hilarious.

.

Step 4: Haha it's funny because it's Ireland

Now, ok, here is the kicker.

Twitter so far has been using a system that the GDPR allows, which is the One-Stop Shop. OSS means that Twitter picked the authorities of a specific EU State to report to, when it comes to compliance to the GDPR, it's easier for everyone than massive online companies like Twitter going to 27 different states to report what they are doing.

So they picked Ireland, because their European headquarters are based in Ireland.

HA.

I. WONDER. WHY. IRELAND???

(spoiler: it's because Ireland is a tax haven).

Now. You might think there is ONE problem on the table, but get ready, there are TWO, baby.

Haha Twitter's GDPR person has left, mate, you want to explain how you're going to comply with the GDPR when you don't have you GDPR experts anymore??

Elon Musk is, as stated before, an authoritarian manchild and the GDPR is also not super super fond of that, mate if you want the OSS system you actually need to give minimal guarantee that the data-privacy-decision-making is happening in the State of the OSS. When clearly, right now, decisions are happening wherever the hell Elon Musk decided to have his morning protein shake, and I'm pretty sure it's not Dublin. And also around 50% of the Dublin headquarters have been fired, so I don't know who is supposed to take decisions over there, honestly.

AND YOU KNOW WHAT'S EVEN FUNNIER.

IRISH COURTS IS REALLY. REALLY INTO EU LAW AND EU DATA PRIVACY

Like the case about the guy who sued Facebook for violating the right to privacy in the way it handled data? It's the Maximillian Schrems v Data Protection Commissioner case, and it comes from Ireland. Irish Judges had no issue being like "Yeah, Facebook or not, we're choosing violence".

.

Step 5: Ok now what ? Aka I sit back and grab some popcorn

So right now, Twitter is trying to convince the DPC that it's totally absolutely doing GREAT.

Sure Jan.

Anyway, the question is whether the DPC is willing to buy it. We know there has been meetings, and the DPC is at least putting SOME form of pressure on Twitter.

Outcome 1: the DPC is feeling petty and does NOT buy it. Then I'll write another post, but I think the DPC would give Twitter some time to put things in order and give enough guarantees before going on the offensive.

Outcome 2: the DPC buys it (because Dublin LOVES its Big Tech companies, and they are driving prices up to the point where Dublin is experiencing a massive housing crisis, it's fine, this is fine) . And we wait for an individual/NGO to bring a formal complain to the DPC, for the DPC to refuse it, and for the individual/NGO to challenge that decision before the Irish Courts and that becomes a whole new story that will warrant its own post - and I get to show off some useless knowledge on EU procedural law.

Researchers found a vulnerability in a Kia web portal that allowed them to track millions of cars, unlock doors, honk horns, and even start engines in seconds, just by reading the car's license plate. The findings are the latest in a string of web bugs that have impacted dozen of carmakers. Meanwhile, a handful of Tesla Cybertrucks have been outfitted for war and are literally being-battle tested by Chechen forces fighting in Ukraine as part of Russia’s ongoing invasion.

As Israel escalates its attacks on Lebanon, civilians on both sides of the conflict have been receiving ominous text messages—and authorities in each country are accusing the other of psychological warfare. The US government has increasingly condemned Russia-backed media outlets like RT for working closely with Russian intelligence—and many digital platforms have removed or banned their content. But they’re still influential and trusted alternative sources of information in many parts of the world.

And there's more. Each week, we round up the privacy and security news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

New Digital Identity Guidelines Strike Back at Dreadful Password Policies

A new draft of the US National Institute of Standards and Technology's “Digital Identity Guidelines” finally takes steps to eliminate reviled password management practices that have been shown to do more harm than good. The recommendations, which will be mandatory for US federal government entities and serve as guidelines for everyone else, ban the practice of requiring users to periodically change their account passwords, often every 90 days.

The policy of regularly changing passwords evolved out of a desire to ensure that people weren't choosing easily guessable or reused passwords; but in practice, it causes people to choose simple or formulaic passwords so they will be easier to keep track of. The new recommendations also ban “composition rules,” like requiring a certain number or mix of capital letters, numbers, and punctuation marks in each password. NIST writes in the draft that the goal of the Digital Identity Guidelines is to provide “foundational risk management processes and requirements that enable the implementation of secure, private, equitable, and accessible identity systems.”

DOJ Indicts Alleged Iranian Hackers Over Trump Campaign Breach

The US Department of Justice unsealed charges on Friday against three Iranian men who allegedly compromised Donald Trump’s presidential campaign and leaked stolen data to media outlets. Microsoft and Google warned last month that an Iranian state-sponsored hacking group known as APT42 had targeted both the Joe Biden and Donald Trump presidential campaigns, and successfully breached the Trump campaign. The DOJ claims the hackers compromised a dozen people as part of its operation, including a journalist, a human rights advocate, and several former US officials. More broadly, the US government has said in recent weeks that Iran is attempting to interfere in the 2024 election.

“The defendants’ own words made clear that they were attempting to undermine former President Trump’s campaign in advance of the 2024 U.S. presidential election,” Attorney General Merrick Garland said at a press conference on Friday. "We know that Iran is continuing with its brazen efforts to stoke discord, erode confidence in the US electoral process, and advance its malign activities.”

Irish Regulator Fines Meta More Than $100 Million Over 2019 Password Lapse

The Irish Data Protection Commission fined Meta €91 million, or roughly $101 million, on Friday for a password storage lapse in 2019 that violated the European Union's General Data Protection Regulation. Following a report by Krebs on Security, the company acknowledged in March 2019 that a bug in its password management systems had caused hundreds of millions of Facebook, Facebook Lite, and Instagram passwords to be stored without protection in plaintext in an internal platform. Ireland's privacy watchdog launched its investigation into the incident in April 2019.

“It is widely accepted that user passwords should not be stored in plaintext, considering the risks of abuse that arise from persons accessing such data," Irish DPC deputy commissioner Graham Doyle said in a statement. “It must be borne in mind that the passwords, the subject of consideration in this case, are particularly sensitive, as they would enable access to users’ social media accounts.”

The Tor Project and the Tails Privacy Operating System Are Merging

The digital anonymity nonprofit the Tor Project is merging with privacy- and anonymity-focused Linux-based operating system Tails. Pavel Zoneff, the Tor Project’s communications director, wrote in a blog post on Thursday that the move will facilitate collaboration and reduce costs, while expanding both groups' reach. “Tor and Tails provide essential tools to help people around the world stay safe online,” he wrote. “By joining forces, these two privacy advocates will pool their resources to focus on what matters most: ensuring that activists, journalists, other at-risk and everyday users will have access to improved digital security tools.”

The Future of Justice: Navigating the Intersection of AI, Judges, and Human Oversight

One of the main benefits of AI in the justice system is its ability to analyze vast amounts of data and identify patterns that human judges may not notice. For example, the use of AI in the U.S. justice system has led to a significant reduction in the number of misjudgments, as AI-powered tools were able to identify potential biases in the data and make more accurate recommendations.

However, the use of AI in the justice system also raises significant concerns about the role of human judges and the need for oversight. As AI takes on an increasingly important role in decision-making, judges must find the balance between trusting AI and exercising their own judgement. This requires a deep understanding of the technology and its limitations, as well as the ability to critically evaluate the recommendations provided by AI.

The European Union's approach to AI in justice provides a valuable framework for other countries to follow. The EU's framework emphasizes the need for human oversight and accountability and recognizes that AI is a tool that should support judges, not replace them. This approach is reflected in the EU's General Data Protection Regulation (GDPR), which requires AI systems to be transparent, explainable and accountable.

The use of AI in the justice system also comes with its pitfalls. One of the biggest concerns is the possibility of bias in AI-generated recommendations. When AI is trained with skewed data, it can perpetuate and even reinforce existing biases, leading to unfair outcomes. For example, a study by the American Civil Liberties Union found that AI-powered facial recognition systems are more likely to misidentify people of color than white people.

To address these concerns, it is essential to develop and implement robust oversight mechanisms to ensure that AI systems are transparent, explainable and accountable. This includes conducting regular audits and testing of AI systems and providing clear guidelines and regulations for the use of AI in the justice system.

In addition to oversight mechanisms, it is also important to develop and implement education and training programs for judges and other justice professionals. This will enable them to understand the capabilities and limitations of AI, as well as the potential risks and challenges associated with its use. By providing judges with the necessary skills and knowledge, we can ensure that AI is used in a way that supports judges and enhances the fairness and accountability of the justice system.

Human Centric AI - Ethics, Regulation. and Safety (Vilnius University Faculty of Law, October 2024)

Friday, November 1, 2024

In 1998, Congress passed the Children’s Online Privacy Protection Act (COPPA), which prohibits online service providers from collecting the data of children under the age of 13 without parental consent.

COPPA is remarkable, first because it is one of the very, very few federal privacy guarantees enacted by Congress, an exclusive club whose founding member is the Video Privacy Protection Act of 1988, passed by Members of Congress panicked at the thought of video-store clerks leaking their porn rental histories.

But the other remarkable thing about COPPA is how poorly it is enforced.

In this regard, COPPA is very similar to the General Data Protection Regulation (GDPR), the EU’s 2016 landmark privacy law. The GDPR has many more moving parts than COPPA, as befits a general data-protection regulation, but at core, the GDPR seeks to incinerate the absurd fiction at the root of commercial surveillance: namely, that we “consent” to commercial surveillance by clicking “I agree” on long, unreadable terms of service.

Under the GDPR, companies that want to collect, sell or process your data need to explain themselves, clearly: they have to tell you what they’re collecting and how they plan on using it.

-How To Make a Child-Safe TikTok: Have you tried not spying on kids?

Because Its The Law - Data Protection Laws: Understanding the Royal Familys Silence on Surrogacy by u/Oakthrees

Because… It’s The Law - Data Protection Laws: Understanding the Royal Family’s Silence on Surrogacy The persistent speculation about why the Royal Family hasn't publicly disclosed whether Meghan used a surrogate is rooted in a fundamental misunderstanding of data protection laws. These laws, notably the General Data Protection Regulation (GDPR) in the EU and the UK's Data Protection Act 2018, serve as robust shields for personal and private information. They're especially stringent when it comes to sensitive personal data, which unequivocally includes health-related details.Applying this to the British royal family, suppose a family member chose surrogacy over natural childbirth. Such a choice is undeniably sensitive personal data. Disclosing it without explicit consent is not just a breach of etiquette; it's a blatant violation of these stringent data protection laws. These laws are built on pillars of lawfulness, fairness, and transparency in handling personal data, underscoring an individual's right to privacy and autonomy over their personal information.Turning to the media's role, their interest in the royals doesn't grant them a carte blanche to invade personal privacy. Any leak of such intimate details by a royal family member to the press would be a clear transgression of these legal frameworks.That's why you'll never hear this from the royal family, and why responsible news outlets wouldn't dare to publish it. This isn't just about respecting privacy; it's about adhering to laws that guard our most personal information. post link: https://ift.tt/ALVCfoa author: Oakthrees submitted: December 14, 2023 at 02:56AM via SaintMeghanMarkle on Reddit

'scuse me? Text Transcript: "Welcome to our ad-free, tracking-free version of Healthline

We detect that you are in one of the member countries of the UK/EU/EEA, which is now subject to the General Data Protection Regulation (GDPR). Unfortunately, a tracking-free version of our full website is currently unavailable in these countries. We are engaged on the issue and committed to looking at options that support our full range of digital offerings to this market

While we continue to identify technical compliance solutions that will allow all readers to experience our content, we are providing you with 10 articles that highlight the breadth and quality of our content. You are on this page because you disallowed the purposes listed in the “How we use your data” section of our Privacy Settings page.

We believe that health information should be free to everyone and we rely on advertising to make this possible on our family of websites Healthline, Medical News Today, Greatist, and Psych Central. Providing the best health information in the world is expensive. We spend up to thousands of dollars per article to ensure it is accurate and precise with quality review by a doctor or other certified, trained medical professional.

The modern digital advertising ecosystem functions on cookies and other data. Cookies and similar tracking technologies allow us to improve your browsing experience, store or access relevant information, customize content and offers, personalize advertising, analyze our traffic, and better understand you. In order to access all of our content and website features, we request you allow all of the purposes listed-" [End of Transcript]

great job health advising news letter sure

excuse me what

We detect that you are in one of the member countries of the UK/EU/EEA, which is now subject to the General Data Protection Regulation (GDPR). Unfortunately, a tracking-free version of our full website is currently unavailable in these countries.

okay bye i guess

Meta has been fined a record-breaking €1.2 billion ($1.3 billion) by European Unionregulators for violating EU privacy laws by transferring the personal data of Facebook users to servers in the United States.

The European Data Protection Board announced the fine in a statement Monday, saying it followed an inquiry into Facebook (FB) by the Irish Data Protection Commission, the chief regulator overseeing Meta’s operations in Europe.

The move highlights ongoing uncertainty about how global businesses may legally transfer EU users’ data to servers overseas.

The EU regulator said the processing and storage of personal data in the United States contravened Europe’s signature data privacy law, known as the General Data Protection Regulation. Chapter 5 of the GDPR sets out the conditions under which personal data can be transferred to third countries or international organizations.

The fine is the largest ever levied under GDPR. The previous record of €746 million ($805.7 million) was levied against Amazon (AMZN) in 2021.