The DPIA is a bitesize assessment of the impact of the most significant, interesting and important-to-know data protection issues.
The DPIA is an assessment of the impact of the most significant and important-to-know data protection issues from around the globe. It’s not the full story, just a quick 3-minute read, collated and condensed to keep you updated with the latest news in our ever-evolving industry.
Data protection compliance: Law firm vs outsourced DPO services
In our blog this week, we provide a general overview of the similarities and differences between the data protection services offered by law firms and outsourced DPO providers.
Although outsourced DPOs and law firms often work together on shared clients, their approach, delivery structure, and scope of responsibilities can differ. We discuss the nuances of these differences and offer a useful comparison to help businesses make an informed decision when choosing between the two options.
UK and US announce partnership on science of AI safety
On 1 April 2024, the UK and US signed a Memorandum of Understanding (MOU) for developing tests for the most advanced AI models. Following the commitments made at the AI Safety Summit in Bletchley Park in November 2023, this partnership will see the two countries align their scientific investigations to ensure a shared approach to AI safety testing.
Michelle Donelan, UK Secretary of State for Science, Innovation, and Technology, said, ‘I have no doubt that our shared expertise will continue to pave the way for countries tapping into AI’s enormous benefits safely and responsibly.’
A number of UK politicians, advisors, and journalists have been targeted in a phishing attack on the WhatsApp messaging service over the past 18 months. The malicious actor, introducing themselves as ‘Abigail’ or ‘Abi’, claimed to have met the individuals in various settings related to their work. The most recent message was received in March 2024.
The messages came from the same two numbers, which were not registered with a mainstream UK phone network. Concerned parliamentary employees have been urged to contact the parliamentary security team.
Phishing attacks on organisations have significantly increased over the past few years. We discuss this and how to identify phishing attacks in our recent blog
EU and US continue strong trade and technology cooperation
On 5 April 2024, the EU and US held the 6th meeting of the EU-US Trade and Technology Council (TTC) in Leuven, Belgium. Discussing a wide range of transatlantic trade and technology issues, the meeting confirmed the strong commitment on both sides to making transatlantic trade easier. There was an emphasis on economic security, the defence of human rights, and continuing with a risk-based approach to AI.
It was announced that the EU AI Office and the US Safety Institute will further discuss developing tools, methodologies, and benchmarks for measuring and evaluating AI models.
Administration fine imposed on Finnish online retailer
On 18 March, Finland’s Office of Data Protection Ombudsman fined Verkkokauppa.com €856,000 for violating the GDPR. The online retailer was found to have failed to specify the storage period for its online shop customers and operated an illegal data protection practice by requiring customer registration for online purchases.
The Sanctions Board imposed the fine based on factors including the company’s turnover. Verkkokauppa.com was ordered to rectify its practice and define an appropriate storage period for customer account information.
Historic American Privacy Rights Act unveiled
On 7 April 2024, the American Privacy Rights Act was introduced to the House of Representatives and the Senate. Seen as an historic draft legislation, it aims to eliminate the existing patchwork of state data privacy laws and establish clear national data privacy rightsand protections for Americans.
The bill represents years of collaboration between members of different political parties. A key safeguard outlined in the bill is restricting Big Tech’s ability to profit from unauthorised tracking and manipulation of personal data.
Google to delete incognito search data to end privacy suit
Following a class-action lawsuit, originally filed in June 2020, Google has proposed a settlement by agreeing to delete a vast amount of search data. The suit alleges Google secretly collected data from users in ‘incognito’ mode on the Chrome web browser. The claimants state that Google’s practices violated users’ privacy and that the incognito option was misleading.
A hearing is scheduled for 30 July 2024, where Judge Yvonne Gonzalez Rogers will decide whether to approve the deal and allow Google to avoid a trial.
Ethiopia approves personal data protection bill
On 4 April 2024, Ethiopia’s Parliament deliberated on and ratified the Personal Data Protection Proclamation (PDPP), establishing a robust legal framework for data protection in Ethiopia. The legislation sets out individuals’ personal data rights and the obligations for data controllers, including the requirement of a legitimate reason for collecting and using data.
The PDPP shares certain similarities with the GDPR, with both having common privacy goals, but there are also notable differences in provisions and application.
To support our ongoing requirement to continuously grow our remarkable and extraordinary #ONETEAM, we are seeking candidates for the following positions:
Data Protection Officers (UK, Netherlands)
Data Subject Access Request (DSAR) Officer
Marketing Assistant
Project Administrator
If you are looking for a new and exciting challenge, and the opportunity to work for both a Great Place to Work-Certified™ company and one of the UK's Best Workplaces in Consulting & Professional Services,apply today!
You have been sent this newsletter under legitimate interest, for more information please read our Privacy Notice
The DPO Centre is a limited company registered in England and Wales (Company Number: 10874595) Registered Office: Suffolk Enterprise Centre, Felaw Street, Ipswich, IP2 8SJ, United Kingdom
The DPO Centre, 50 Liverpool Street, London, Greater London EC2M 7PR, United Kingdom