The Chapell Report’s Post

What are EU policymakers up to? Respectfully, I’m struggling to understand how and why certain distinctions are being drawn by EU data protection authorities like the CNIL and EDPB. Profiling and ad targeting are a concern - understood. But equally, scale and sensitivity of the data should be part of the analysis as well. The pattern captured in the below chart suggests that they might not be... Don't get me wrong - I’m not opposed to legitimate interest as legal basis for building LLM models. Consent just isn’t practical. It makes sense to attempt to find other approaches to protect privacy interests. But at some point, policymakers and regulators need to look at the big picture and think about what behaviors they are trying to incentivize via policy, and the relative risk(s) they are seeking to mitigate. And in places where there appear to be big gaping inconsistencies, it would be wonderful to help make sense of the disconnect. #privacy #dataprotection #IAPP

🔔 Important Update for Businesses Handling Personal Data 🔔 On April 25, 2024, a significant development emerged from the Court of Justice of the European Union (CJEU). The Advocate General's opinion in Case C-446/21, involving Maximilian Schrems and Meta Platforms Ireland, brings to light critical interpretations of the GDPR regarding personalized advertising and data privacy. 🔍 Case Background: Maximilian Schrems, after agreeing to Facebook's 2018 terms, reported receiving targeted ads not explicitly based on his sexual orientation but rather inferred from his general interests. This led to legal action, questioning the extent and nature of personal data processing for targeted advertising. 👩⚖️ Advocate General's Opinion: Data Minimization: The GDPR limits processing personal data for targeted advertising, ensuring it must be proportional and relevant to its purpose. Public Disclosure: Discussing one's sexual orientation publicly does not automatically allow for that information's use in targeted ads. 🚫 The implications are clear: Businesses cannot use data in ways that exceed what's necessary for their specific, declared purposes. Even if personal data become public, it doesn't grant unrestricted rights to process that data for advertising. 📊 For companies processing personal or sensitive data, this underscores the necessity to: Strictly adhere to GDPR principles of data minimization and purpose limitation. Review and adjust data handling and advertising practices to ensure compliance with these tighter interpretations. #itgrc #itgrcadvisory #bwadvisory #akademiaitgrc #privacy #cybersecurity

👀 Advertisers: Privacy Reform is on the horizon in Australia. 🕒 Using first-party data to improve advertising outcomes is a priority, but data privacy is crucial. Here's how we tackle this challenge: Blog: Safeguarding Data Privacy in First-Party Data-Driven Advertising https://lnkd.in/gU5eNNRt #advertising #data #privacy #dataprivacy

India's Digital Personal Data Protection Act, 2023 (DPDPA) excludes data made public by the individual from the scope of its application. This results in a lack of remedy for individuals when this data is used for purposes not intended by them when they made the data public, for example on social media platforms. This creates a gap in the legal framework intended for data protection. I've written about this in this ET article.

Our Partner, Akshaya Suresh, has authored an article, “Privacy in the time of social media”, with contribution from Drishya A Kamath, published in ETCISO. This article discusses the issues around privacy in the time of social media, in the light of the exclusion of publicly available data from the ambit of the Digital Personal Data Protection Act, 2023 (DPDPA). Please click on the link to read the article: https://lnkd.in/dyEsT_Z4 #jsa #leadinglawfirm #leadinglawyers #privacy #socialmedia #data #dpdpa #personaldata #personaldataprotection

India's Digital Personal Data Protection Act, 2023 (DPDPA) excludes data made publicly available by individuals from its protection, leaving individuals without recourse when their data is repurposed beyond their intentions—such as on social media platforms. This exclusion reveals a significant gap in the data protection framework, challenging the Act’s ability to fully safeguard individual privacy. This article aims at addressing these gaps and identifying potential solutions to strengthen privacy safeguards.

The ICO has set its 2024-2025 priorities, which includes enhanced online privacy protections for children, calling on social media and video-sharing platforms to upgrade their data protection practices. This follows on from the introduction of the ICO's Children’s code of practice in 2021. For 2024 to 2025, the Children's code strategy will focus on: ·     Default privacy and geolocation settings. ·     The use of profiling children for targeted advertisements. ·     Using children’s information in recommender systems. ·     Using information of children under 13 years old. John Edwards, UK Information Commissioner said: “Children’s privacy is a global concern, and businesses around the world need to take steps to ensure children’s personal information is used appropriately so it doesn’t leave them exposed to online harms. This week I will be meeting with international regulators and online services to encourage stronger digital protections for children.” For more details on the ICO's children's code strategy and their ongoing initiatives, visit the ICO's website: https://lnkd.in/enn_JH42 #ChildProtection #ChildrensCodeOfPractice #OnlineSafety #DataCompliance #GDPRNews

Big moves in privacy this week! 👩⚕️ GoodRx pays $25M to settle claims of sharing sensitive health data with ad giants like Meta & Google. 🇪🇺 The EDPB unveils new rules for GDPR data transfers and launches the European Data Protection Seal to boost compliance. 📞 Australia & UK team up to fight spam and scams, tackling $83M in consumer losses this year alone. Privacy never sleeps—stay informed, stay compliant, and stay ahead. Read more here: https://lnkd.in/g3tYGiJB #ThisWeekInPrivacy #PrivacyMatters #DataProtection

▪️Merry Marwig, CIPP/US, CIPM, FIP ▪️ from DataGrail was so kind to summarize our new research on consumer perceived privacy violations (PPV) in online advertising presented at the Federal Trade Commission #PrivacyCon 2024. /w. Kinshuk Jerath Full paper link in the first comment. #onlineadvertising #privacy #dataethics #behavioraltargeting #privacysandbox #google

Are you REALLY sure?🤔 Before you click "Agree", consider the potential consequences. Do you truly understand how your data will be used? Are you comfortable with targeted ads and cross-border data transfers? Advicey.com can help you navigate the complexities of online privacy. Empower yourself with knowledge. #DataPrivacy #PrivacyMatters #Advicey #DigitalSafety #InformedConsent #Privacy #Policy Advicey.com 🥇 Wiperts.com: Removing Personal Data from the Web Samuel X.