Insights from the latest DP Index on the proposed UK data protection bill

The DPO Centre’s latest blog examines the latest Data Protection Index results; a survey of UK data protection professionals, tracking their opinions on a range of privacy topics and industry trends. This quarter, the stated benefits of the proposed UK Data Protection and Digital Information (No.2) Bill were considered, and the results are damning. Find out what privacy professionals think about the proposed changes to the UK GDPR, along with a key statement by The DPO Centre’s CEO, Rob Masson. Read Insights from the latest DP Index.

EU countries accuse TfL debt collectors of data laws breach over London penalty fines

Belgium and Dutch authorities have accused Transport for London’s debt collection agency, European Parking Collection (EPC) of unlawfully obtaining citizen's details to issue fines. Hundreds of EU motorists have been awarded penalties for driving in London’s Ultra Low Emissions Zone (ULEZ). According to the Belgium ministry for transport and the Dutch vehicle licensing authority (RDW), there is no legal data-sharing agreement between the two EU countries and the UK. When interviewed by The Guardian, the Belgian MP Michael Freilich said. “I have initiated a complaint with the European Commission, and we won’t hesitate to initiate legal action.” TfL insist they lawfully accessed the personal details of the EU citizens under UK data protection laws.

Don't be blind to AI risks: ICO urges businesses to address privacy risks in using generative AI

The Information Commissioners Office (ICO) is calling on businesses to assess privacy risks associated with generative AI before adopting the technology. Research suggests that generative AI could become a £1 trillion market within the next decade, offering significant benefits to industry and society. However, Stephen Almond, the Executive Director of Regulatory Risks, warns of the potential privacy risks involved. The ICO has recently updated its Guidance on AI and Data Protection and has set out eight questions organisations using or planning to use generative AI need to be asking. 

Spotify fined €5 million for GDPR violation

The Swedish Data Protection Authority (IMY) has fined Spotify 58 million Swedish Krona (approx. €5 million) following several complaints originally filed in 2019 by nyob, the Max Schrems founded EU centre for digital rights. The complaints regarded Spotify’s failure to fully provide users with access to their personal data and information on data usage, which is in violation of their obligations. Due to a lack of decision, nyob filed litigation against the IMY and a decision has now been reached. Noyb will be checking if the IMY enforce the penalty.

EU Parliament vote pushes AI act forward

The European Parliament has reached a significant milestone in establishing the world’s first regulation on artificial intelligence (AI). In a full plenary vote, with 499 voting in favour, only 28 against and 93 abstentions, Parliament agreed on a text to use for the next stage of the Parliamentary process. The AI Act takes a risk-based approach, with a ban on high-risk AI applications, including certain biometric categorisation systems and massive data scraping of facial images. EU Parliament member Dragos Tudorache highlighted the EU’s bottom-up approach of balancing EU citizen’s fundamental rights while promoting technological innovation by using regulatory sandboxes. 

Poll: Canadians less confident their privacy rights are being respected

A recent poll conducted for the Office of the Privacy Commissioner of Canada indicates that Canadians have become increasingly concerned about their privacy and have less trust in organisations handling their personal data since 2020. 93% of Canadians expressed some level of concern about privacy protection, with a 6% increase in extreme concern. Confidence in the Federal Government and businesses in general has dropped by 5% and 6% respectively. Canadians have taken actions such as adjusting social media privacy settings and refusing to share personal information. Commissioner Dufresne said, “Canadians of all ages need more information about their privacy rights, both online and offline”

FTC files lawsuit against Amazon for inducing users to subscribe to Prime

The Federal Trade Commission (FTC) has filed a lawsuit against the big-tech company Amazon, alleging the illegal coercion of customers to sign up to its Prime service and making it difficult for them to cancel their subscriptions. The FTC claimed Amazon have used manipulation tactics known as “dark patterns” to enrol customers in Prime and complicating the cancellation process. Amazon have denied the allegations, stating their procedures are clear and simple. The lawsuit is part of broader efforts by the FTC to limit the manipulating designs on consumers. 

We want you!

To support our ongoing requirement to continuously grow our remarkable and extraordinary #oneteam, we are seeking candidates for the following positions:

• Data Protection Officers (based in the United Kingdom or The Netherlands)
• Data Protection Officer (German Speaking)
• Data Protection Support Officer (DPSO) to join our #oneteam 

If you are looking for a new and exciting challenge, apply today!