Week in Review
This week’s privacy updates include the most recent news about data privacy, cybersecurity, and consent management.
Among the top news, the Austrian Data Protection Authority (DSB) has decided on a model case by noyb that the continued use of Google Analytics violates the GDPR.
This is the first judgment on noyb’s 101 model complaints filed in the wake of the “Schrems II” decision. In 2020, the Court of Justice of the European Union (CJEU) declared that using US providers violates the GDPR since US surveillance laws oblige US companies like Google and Facebook to submit personal information to US authorities.
Furthermore, other EU member states are anticipated to make similar rulings, as regulators collaborated on these cases as part of an EDPB “task force.” The Austrian DSB judgment appears to be the first to be issued.
Top Stories and Updates
FTC threatens organisations that neglect to patch Log4j vulnerabilities
On December 9, a vulnerability in Log4j caused widespread disruption. A flaw in a commonly used logging tool for the popular Java programming language enables attackers to take all the control of a device or system running the utility remotely. The Federal Trade Commission has informed businesses that they have a legal need to take reasonable precautions to mitigate the danger because the country lacks broad laws on dealing with it. Read more here.
Apache Log4J Vulnerability: Impact on Seers Customers
Log4j is a serious danger because it is used in so many applications, and the scope of the problem is exceptional. As a result, organisations should evaluate their exposure to it and patching vulnerabilities as a top priority. Our latest blog covers what exactly this is and how we safeguard our client’s data against this vulnerability. Read more here.
Garante publishes guidelines on the use of cookies and other tracking technologies
The cookie guidelines published by the Italian Supervisory Authority (Garante) on July 9, 2021, entered into force on January 9, 2022. This means that any company that has not yet complied with the provisions of the guidelines should promptly avoid future sanctions. The policies provide clear indications on categorising cookies and other tracking technologies, the recommended design of cookie banners, consent collection, review, renewal of consent, and information notices. Read more here.
EDPS sanctions EU Parliament for violating rules on data protection and cookie consent
The European Data Protection Supervisor (EDPS) confirmed that the EU Parliament violated data protection law on its COVID testing website, including EU-US data transfer and cookie consent regulations. The EDPS received complaints about third-party trackers and cookie consent banners that did not comply with consent requirements. They ordered Parliament to update the website data protection notifications connected to personal data processing within one month. Read more here.
Seers assist companies in implementing appropriate policies, processes, and procedures to comply with global privacy regulations. We offer you flexible plans to suit your business needs to comply with GDPR, CCPA, or LGPD regulations.
Subscribe to a plan here: https://lnkd.in/dNmGrnsE
Try your free trial: https://lnkd.in/eVC4AC2e
Request a free demo.
