CNIL fines French phone operator

French phone operator FREE has been issued a fine of €300,000 by the Commission nationale de l'informatique et des libertés (CNIL) for not respecting the rights of individuals and the security of user data. The company was found to be violating the rights of data subjects (right of access and right to erasure) and of data security (weak passwords, storage and transmission of passwords in clear text, return into circulation of approximately 4,100 poorly reconditioned Freeboxes). Read More

UK, Japan enter digital partnership

The UK and Japan have established the UK-Japan Digital Partnership that will serve as a strategic framework for both the countries to jointly deliver concrete digital policy outcomes for their citizens, businesses, and economies. The partnership will focus initially on digital infrastructure and technologies, data, digital regulation and standards, and digital transformation. Read More

FTC releases revised Mobile Health App Interactive Tool

The Federal Trade Commission (FTC) has released an updated Mobile Health App Interactive Tool aimed to help health care app developers in checking compliance with federal laws and regulations. The tool has been created in conjunction with HHS’ Office for Civil Rights (OCR), the Office of the National Coordinator for Health Information Technology (ONC), and the FDA. Read More

Garante fines Clubhouse owner

The Italian DPA, Garante, has issued a fine of €2 million against Alpha Exploration, owner of the social network Clubhouse. The company was found to be in violation of the EU General Data Protection Regulation, including a lack of transparency around data use, users' ability to store and share audio without consent, sharing of account information without a legal basis and indefinite storage times for recordings. Read More

EU to ban Meta from ads based on personal user data without consent

The European Data Protection Board's (EDPB) is set to bar Meta from running ads based on personal data. Meta will only be able to run advertising based on personal data with users' consent, according to a confidential EU privacy watchdog decision. Read More

Tinder sued under BIPA

Tinder and its parent company, Match Group, are being sued by a group of Illinois residents for alleged violation of the state’s Biometric Information Privacy Act (BIPA). The lawsuit claims that Tinder's 2-year-old verification program extracts facial geometries using facial recognition technology from video selfies and generates a unique number or facial geometry 'template'. Read More