Andreea Lisievici, Author at The PrivacyCraft Blog

noyb Files Complaint Against Google’s Privacy Sandbox

Enforcement, EU law, GDPR, Google, noyb | June 19, 2024

noyb has filed a complaint with the Austrian data protection authority against Google. The complaint argues that Google misled users into enabling an “ad privacy feature” through deceptive pop-ups, which actually track users via the new Privacy Sandbox API. The API replaces third-party cookies with first-party tracking within the Chrome browser. Google used manipulative design techniques, known as dark patterns, to secure user consent, violating GDPR requirements for informed and transparent consent. The complaint demands Google’s compliance with GDPR and suggests imposing a significant fine.

noyb Files Complaint Against Google’s Privacy Sandbox Read More »

noyb Files Complaint Against Microsoft for Violating Children’s Privacy

Enforcement, EU law, GDPR, Microsoft, noyb | June 19, 2024

noyb filed a complaint with the Austrian Data Protection Authority against Microsoft on 4 June 2024, alleging that Microsoft’s 365 Education services violate children’s privacy rights. The complaint claims that Microsoft shifts GDPR responsibilities to schools, which lack control over data processing. Microsoft’s use of tracking cookies without proper consent from minors or their guardians breaches GDPR. noyb calls for an investigation and penalties, arguing that Microsoft’s practices harm children’s data protection rights.

noyb Files Complaint Against Microsoft for Violating Children’s Privacy Read More »

IAPP AI Governance in Practice Report 2024

AI, IAPP | June 19, 2024

The “AI Governance in Practice Report 2024” addresses the critical need for robust AI governance amidst rapid advancements in machine learning technology. These breakthroughs have significantly disrupted various sectors, emphasizing the responsibility of leaders to manage AI risks. The report outlines the essential principles, laws, policies, processes, and standards required for AI governance. It highlights transparency, bias mitigation, privacy, and security as key areas of focus. The report provides actionable insights to help organizations implement effective AI governance strategies and ensure the safe, responsible deployment of AI technologies.

IAPP AI Governance in Practice Report 2024 Read More »

Cyber Security Agency of Singapore Publishes IoT Device Security Advisory

cybersecurity, IoT, Singapore | June 19, 2024

The Cyber Security Agency of Singapore (CSA) issued an advisory on securing Internet of Things (IoT) devices. With IoT devices revolutionizing daily life and business, they also attract cyber threats. Common vulnerabilities include weak passwords, insecure network services, and outdated software. The advisory provides measures to protect these devices, such as using strong passphrases, enabling automatic updates, buying from reputable manufacturers, and implementing physical access controls. CSA also advises on steps to take if IoT devices are compromised.

Cyber Security Agency of Singapore Publishes IoT Device Security Advisory Read More »

Hong Kong’s New AI Data Protection Framework Released

AI, Hong Kong | June 19, 2024

The Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong published the “Model Personal Data Protection Framework” for AI on 11 June 2024. This framework provides detailed recommendations for enterprises on procuring, implementing, and managing AI systems while ensuring data privacy. It emphasizes a risk-based approach, human oversight, and compliance with the Personal Data (Privacy) Ordinance (PDPO). The framework aims to promote ethical AI use, aligning with global standards and Hong Kong’s digital economy goals.

Hong Kong’s New AI Data Protection Framework Released Read More »