EU law

noyb Files Complaint Against Google’s Privacy Sandbox

noyb Files Complaint Against Google’s Privacy Sandbox

Enforcement, EU law, GDPR, Google, noyb |

noyb has filed a complaint with the Austrian data protection authority against Google. The complaint argues that Google misled users into enabling an “ad privacy feature” through deceptive pop-ups, which actually track users via the new Privacy Sandbox API. The API replaces third-party cookies with first-party tracking within the Chrome browser. Google used manipulative design techniques, known as dark patterns, to secure user consent, violating GDPR requirements for informed and transparent consent. The complaint demands Google’s compliance with GDPR and suggests imposing a significant fine.

noyb Files Complaint Against Google’s Privacy Sandbox Read More »

noyb Files Complaint Against Microsoft for Violating Children's Privacy

noyb Files Complaint Against Microsoft for Violating Children’s Privacy

Enforcement, EU law, GDPR, Microsoft, noyb |

noyb filed a complaint with the Austrian Data Protection Authority against Microsoft on 4 June 2024, alleging that Microsoft’s 365 Education services violate children’s privacy rights. The complaint claims that Microsoft shifts GDPR responsibilities to schools, which lack control over data processing. Microsoft’s use of tracking cookies without proper consent from minors or their guardians breaches GDPR. noyb calls for an investigation and penalties, arguing that Microsoft’s practices harm children’s data protection rights.

noyb Files Complaint Against Microsoft for Violating Children’s Privacy Read More »

Multistakeholder Expert Group’s Report on GDPR Application

EU law, GDPR |

On 10 June 2024, the Multistakeholder Expert Group on GDPR published a comprehensive report evaluating GDPR application. The report highlights increased data protection awareness and compliance among stakeholders. However, it also identifies ongoing issues such as legal fragmentation, difficulties in applying specific provisions, and challenges for SMEs. Concerns include transparency obligations, the interplay with other regulations like AML and PSD2, and complexities in data transfers. The report calls for enhanced guidance and consistency in GDPR application across EU member states.

Multistakeholder Expert Group’s Report on GDPR Application Read More »

FRA publishes “GDPR in practice – Experiences of data protection authorities”

EU law, GDPR |

The European Union Agency for Fundamental Rights (FRA) report analyzes the challenges faced by data protection authorities (DPAs) in the implementation of the General Data Protection Regulation (GDPR). Key findings include inadequate resources threatening DPAs’ mandates, high volumes of complaints, public misunderstanding of data protection laws, and challenges posed by new technologies. The report emphasizes the need for additional tools and stronger cooperation between DPAs, highlighting significant discrepancies in resources and capacities across Member States. This report complements the European Commission’s evaluation of GDPR.

FRA publishes “GDPR in practice – Experiences of data protection authorities” Read More »

Hamburg Commissioner Issues Guidance on Applicant Data Protection and Recruiting

AI, employees, Risk management |

The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has emphasized the importance of protecting personal data in the application process, especially with the rise of artificial intelligence. The position paper discusses the legal status and rights of applicants, highlights the need for clear definitions in recruiting, proper data storage in talent pools, and cautions against the use of AI for emotion analysis while outlining conditions for CV parsers. The document underscores the necessity for strict data protection measures to build candidate trust and minimize legal risks.

Hamburg Commissioner Issues Guidance on Applicant Data Protection and Recruiting Read More »

Scroll to Top