Week in Review
This week have some most trending news on the latest enforcement, regulatory, and guidance news from around the globe.
A new comprehensive personal data protection law was passed in UAE which is the first federal privacy law. The law will introduce new data subject rights, data processing, consent management, breach notification requirements, and risk assessment, among other things.
Furthermore, the French data protection authority (CNIL) published a guideline on alternatives to third-party cookies and the consequences of such technology in terms of consent. The CNIL reminds companies to respect the rules relating to data protection and especially the consent and rights of individuals.
Also, Twitter has updated its privacy policy to encompass media, banning users from publishing images or videos of private individuals without their consent.
And, Clearview AI, well known facial recognition company faces a fine of just over £17m for alleged “serious breaches” of the UK’s data protection laws.
Top Stories and Updates
UAE to introduce new Federal Data Protection Law
On 29 November 2021, the UAE passed a new comprehensive personal data protection law that will take effect on 2 January 2022, and will be enforceable in January 2023. It is also thought that executive regulations will be released six months after the law is published, and organisations that fall under the law’s scope would be obliged to comply one year after the law is published. Read more here.
CNIL addresses alternatives to third-party cookies
The French data protection authority (‘CNIL’) published a blog post on alternatives to third-party cookies and the consequences of such technology in terms of consent. CNIL emphasised that alternative technologies created for targeted advertising must always comply with data protection rules and, above all, individual consent and rights. Furthermore, it highlighted the four main categories of third-party cookies alternatives which are: First-party cookie and browsing fingerprinting; Single sign-on; Unique identifiers; and Cohort-based targeting advertising. Read more here.
Twitter bans posting people’s private media without consent
On Tuesday, Twitter posted that it has updated its privacy policy to remove photographs of people that have been shared without their consent. According to the company, images or videos of private individuals shared without their consent are now against Twitter’s policy and can be removed on request. “Sharing personal media, such as pictures or videos, can potentially violate a person’s privacy, resulting in emotional or physical harm,” the company stated. Read more here.
Clearview AI fined $22.6M by the UK’s data protection regulators
According to The New York Times, Britain’s data privacy watchdog penalised face recognition company Clearview AI £17 million ($22.6 million) on Nov. 29 for failing to comply with the country’s privacy regulations. According to the UK Information Commissioner’s Office, Clearview failed to notify British residents that it was gathering billions of photographs from sites like Facebook, Instagram, and LinkedIn to build its facial recognition software. Read more here.
Seers help businesses by providing access to a wide range of GDPR, CCPA, and ePrivacy compliance solutions designed to comply with the latest data protection regulations.
Let Seers assist you towards the latest and upcoming data privacy challenges worldwide and protect yourself from fines and litigation.
For more information visit: Assessment Toolkits
Book a free demo.
