News That Matters

Tag: GDPR

Facial recognition: School ID checks lead to GDPR fine

Facial recognition: School ID checks lead to GDPR fine

Technology
A watchdog has penalised a local authority for trialling facial recognition on high-school students in Sweden to keep track of attendance.The Swedish Data Protection Authority (DPA) fined the Skelleftea municipality 200,000 Swedish Krona (£16,800, $ 20,700) for flouting a privacy law.The trial involved tracking 22 students over three weeks and detecting when each pupil entered a classroom.This is the first time that Sweden has ever issued a fine under GDPR. The General Data Protection Regulation, which came into force last year, classes facial images and other biometric information as being a special category of data, with added restrictions on its use.The DPA indicated that the fine would have been bigger had the trial been longer. According to technolog
Black Hat: GDPR privacy law exploited to reveal personal data

Black Hat: GDPR privacy law exploited to reveal personal data

Technology
About one in four companies revealed personal information to a woman's partner, who had made a bogus demand for the data by citing an EU privacy law.The security expert contacted dozens of UK and US-based firms to test how they would handle a "right of access" request made in someone else's name.In each case, he asked for all the data that they held on his fiancee.In one case, the response included the results of a criminal activity check.Other replies included credit card information, travel details, account logins and passwords, and the target's full US social security number.University of Oxford-based researcher James Pavur has presented his findings at the Black Hat conference in Las Vegas.It is the first known test of its ki...
Apple boss Tim Cook praises GDPR and wants tough US privacy law

Apple boss Tim Cook praises GDPR and wants tough US privacy law

Technology
Apple chief executive Tim Cook has demanded a tough new US data protection law, in an unusual speech in Europe.Referring to the misuse of "deeply personal" data, he said it was being "weaponised against us with military efficiency"."We shouldn't sugar-coat the consequences," he added. "This is surveillance."The strongly-worded speech presented a striking defence of user privacy rights from a tech firm's chief executive.Mr Cook also praised the EU's new data protection regulation, the General Data Protection Regulation (GDPR).The new law came into force in May.Mr Cook's speech was made in Brussels, at the International Conference of Data Protection and Privacy Commissioners.The Apple boss described in some detail what he called th...
Google and Facebook accused of breaking GDPR laws

Google and Facebook accused of breaking GDPR laws

Technology
Complaints have been filed against Facebook, Google, Instagram and WhatsApp within hours of the new GDPR data protection law taking effect.The companies are accused of forcing users to consent to targeted advertising to use the services.Privacy group noyb.eu led by activist Max Schrems said people were not being given a "free choice".If the complaints are upheld, the websites may be forced to change how they operate, and they could be fined.What's the issue?The General Data Protection Regulation (GDPR) is a new EU law that changes how personal data can be collected and used. Even companies based outside the EU must follow the new rules if offering their services in the EU.In its four complaints, noyb.eu argues that the named comp...
GDPR: US news sites blocked to EU users over data protection rules

GDPR: US news sites blocked to EU users over data protection rules

Technology
A number of high-profile US news websites are temporarily unavailable in Europe after new European Union rules on data protection came into effect.The Chicago Tribune and LA Times were among those posting messages saying they were currently unavailable in most European countries.The General Data Protection Regulation (GDPR) gives EU citizens more rights over how their information is used.The measure is an effort by EU lawmakers to limit tech firms' powers. Under the rules, companies working in the EU - or any association or club in the bloc - must get express consent to collect personal information, or face hefty fines.What sites are unavailable?News sites within the Tronc and Lee Enterprises media publishing groups were affected...