Andreea Lisievici

EU Commission Sends Preliminary Findings to X for DSA Violations

DSA, Enforcement, EU law, X |

The EU Commission has notified X of its preliminary findings regarding breaches of the Digital Services Act (DSA), focusing on dark patterns, advertising transparency, and data access for researchers. X’s practices around “verified accounts” mislead users, its ad repository lacks transparency, and it restricts researcher access to public data. These findings result from an in-depth investigation involving internal documents and expert interviews. If confirmed, X could face fines up to 6% of its global annual turnover and enhanced supervision to ensure compliance.

EU Commission Sends Preliminary Findings to X for DSA Violations Read More »

Dutch Authority for Consumers and Markets Reports Widespread Non-Compliance with EU Digital Laws

DSA, EU law, Netherlands |

The Dutch Authority for Consumers and Markets (ACM) revealed that many online service providers are not compliant with the European Digital Services Act (DSA) and the Platform-to-Business Regulation (P2B). A recent survey of 50 businesses found significant gaps in adherence to these laws, which include requirements for complaint handling, transparency, and content moderation. The ACM clarified it is the designated regulator for both the DSA and P2B Regulation, but can only enforce their provisions after the entrance into effect of the Dutch implementation laws, expected in 2025. Guidelines have been published to assist organizations in complying with these regulations.

Dutch Authority for Consumers and Markets Reports Widespread Non-Compliance with EU Digital Laws Read More »

AEPD Reports on Addictive Internet Patterns Impacting Minors

AEPD, children, Deceptive patterns |

The Spanish Data Protection Agency (AEPD) has released a report on the influence of addictive internet patterns, focusing on the significant impact on minors. The report highlights how service providers often use deceptive and addictive design strategies to extend user engagement and collect more personal data. These practices particularly affect vulnerable groups like children and adolescents, influencing their preferences and development. The AEPD aims to have these patterns included in the EDPB guidelines, emphasizing the high risk to data protection rights in digital environments.

AEPD Reports on Addictive Internet Patterns Impacting Minors Read More »

Deceptive design under global spotlight – GPEN and country reports

Deceptive patterns |

On 9 July 2024, the Global Privacy Enforcement Network (GPEN) published a global report spotlighting deceptive design practices influencing privacy choices. In a comprehensive sweep of 1,000 websites and apps, involving 26 international data protection authorities, the GPEN found that 89% of privacy policies were excessively complex, and 42% of sites used manipulative language. Country-specific reports from Canada, Bermuda, Hong Kong, Germany, Guernsey, and Malta reveal widespread issues and underscore the need for transparent, user-friendly privacy practices worldwide.

Deceptive design under global spotlight – GPEN and country reports Read More »

CNIL Launches Public Consultation on Workplace Diversity Measurement

CNIL, DPA guidance, EU law |

On 9 July 2024, the French data protection authority (CNIL) launched a public consultation on a draft recommendation for conducting diversity measurement surveys in workplaces, open until 13 September 2024. The draft emphasizes the need for anonymity, voluntary participation, and data minimization. It recommends involving a trusted third party to manage sensitive data and ensure compliance with GDPR. The goal is to help organizations measure diversity while protecting individual privacy and ensuring adherence to legal standards, including the 2007 Constitutional Council decision prohibiting ethno-racial data collection.

CNIL Launches Public Consultation on Workplace Diversity Measurement Read More »

Scroll to Top