After years of work, the Kantara Initiative Anchored Notice and Consent Work Group has published as Kantara Recommendation "Transparency Performance Indicators". The indicators — TPIs — measure the transparency of PII Controllers (as required by the Council of Europe 108+, GDPR, Quebec Law 25, and others) and map them to open international standards including the ISO/IEC 29100 … [Read more...] about Transparency Performance Indicators
GDPR
EU Court Rules Commission in Violation of Transparency Law Over von der Leyen–Pfizer Texts
The General Court of the European Union has annulled the European Commission’s decision to refuse access to text messages relating to COVID-19 vaccine negotiations, stating that doing so violated EU access to documents law and breached the principle of good administration. In early 2021, it was revealed that President von der Leyen had exchanged text messages with Pfizer CEO … [Read more...] about EU Court Rules Commission in Violation of Transparency Law Over von der Leyen–Pfizer Texts
European Parliament approves EU–Canada air passenger data agreement
MEPs have endorsed an agreement on transferring passenger name record (PNR) data from the EU to Canada, and on processing this data. PNR data includes passengers’ travel dates and itineraries, contact details, seat numbers, and luggage information. The agreement sets out rules for transfers of PNR data to Canada and its processing, prohibits the processing of sensitive data, … [Read more...] about European Parliament approves EU–Canada air passenger data agreement
Employees as Risks
A new report from public-interest researcher Wolfie Christl explores today's cybersecurity, insider threat detection and compliance tech that let employers monitor everything employees do or say, rank them by risk and identify 'anomalous' behavior. The 76-page report — "Employees as Risks" — which focuses on software from Forcepoint/Everfox and Microsoft, is a case study on … [Read more...] about Employees as Risks
ECHR bans general weakening of secure end-to-end encryption
The European Court of Human Rights has banned a general weakening of secure end-to-end encryption, a move that could jeopardize Canada's international trade relations. The EU recently renewed Canada's adequacy status, an important measure to facilitate continued international trade and information sharing between Canada and European nations and companies, but proposed … [Read more...] about ECHR bans general weakening of secure end-to-end encryption
Don’t be fooled by Meta’s fine for data breaches
"Rarely has hype so contrasted with impact" is a fitting assessment of the GDPR's first five years, offered by Johnny Ryan, a senior fellow at the Irish Council for Civil Liberties and the Open Markets Institute. The various fines levied by data privacy authorities through the years, and the media's gleeful reporting about ever-higher fines, have been terrific to increase … [Read more...] about Don’t be fooled by Meta’s fine for data breaches