#privacy-law — Public Fediverse posts

FYI: German court asks CJEU: must platforms publish GDPR joint controller details?: Dusseldorf court sends GDPR Article 26(2) to the CJEU, asking if joint controller terms must appear online - with major implications for ad tech platforms. https://ppc.land/german-court-asks-cjeu-must-platforms-publish-gdpr-joint-controller-details/ #GDPR #PrivacyLaw #DataProtection #AdTech #CJEU

“Our #privacy #law is dangerously out of date. It was largely drafted before the internet, let alone the age of #ArtificialIntelligence," he said.

"If you can update our #PrivacyLaw, that's probably the single biggest step you could take to protect #Australians from their personal information being used against them in the age of #AI." — Professor #EdSantow

#Straya / #AusPol / #Policy <https://abc.net.au/news/2026-06-08/federal-government-ai-policy-retreat-data-centres-four-corners/106753596>

“Our #privacy #law is dangerously out of date. It was largely drafted before the internet, let alone the age of #ArtificialIntelligence," he said.

"If you can update our #PrivacyLaw, that's probably the single biggest step you could take to protect #Australians from their personal information being used against them in the age of #AI." — Professor #EdSantow

#Straya / #AusPol / #Policy <https://abc.net.au/news/2026-06-08/federal-government-ai-policy-retreat-data-centres-four-corners/106753596>

ICYMI: Eight years of GDPR: 40% of the €7.1B in fines annulled or under challenge: Eight years after GDPR took effect, nearly 40% of the €7.1B in announced fines have been annulled or are under active legal challenge, enforcement data shows. https://ppc.land/eight-years-of-gdpr-40-of-the-eur7-1b-in-fines-annulled-or-under-challenge/ #GDPR #DataProtection #PrivacyLaw #LegalChallenge #DataPrivacy

Digital driver's licenses have been around for a while now. When they first came out, privacy groups expressed concerns. I haven't heard much since then, though, and NY just rolled out their version of it.

Anyone have any recommended resources (recent) or thoughts about the current benefits or risks of downloading an app and uploading my drivers license into it?

#privacylaw #privacy

Digital driver's licenses have been around for a while now. When they first came out, privacy groups expressed concerns. I haven't heard much since then, though, and NY just rolled out their version of it.

Anyone have any recommended resources (recent) or thoughts about the current benefits or risks of downloading an app and uploading my drivers license into it?

#privacylaw #privacy

ICYMI: Italian court kills OpenAI's €15M fine - and it wasn't even close: A Rome court annulled the Italian Garante's €15M ChatGPT fine, ruling the authority had no jurisdiction once OpenAI established its Irish subsidiary in 2024. https://ppc.land/italian-court-kills-openais-eur15m-fine-and-it-wasnt-even-close/ #OpenAI #ChatGPT #ItalianCourt #AIRegulation #PrivacyLaw

ICYMI: Italian court kills OpenAI's €15M fine - and it wasn't even close: A Rome court annulled the Italian Garante's €15M ChatGPT fine, ruling the authority had no jurisdiction once OpenAI established its Irish subsidiary in 2024. https://ppc.land/italian-court-kills-openais-eur15m-fine-and-it-wasnt-even-close/ #OpenAI #ChatGPT #ItalianCourt #AIRegulation #PrivacyLaw

Children’s privacy is now critical infrastructure in the AI era
#AI #Tech #ChildPrivacy #DigitalRights #AIRegulation #DataProtection #PublicPolicy #CanadaPolicy #EdTech #UNICEF #OECD #CyberSafety #PrivacyLaw #Media #Culture #Privacy #Education #Social
https://the-14.com/childrens-privacy-is-now-critical-infrastructure-in-the-ai-era/

Children’s privacy is now critical infrastructure in the AI era
#AI #Tech #ChildPrivacy #DigitalRights #AIRegulation #DataProtection #PublicPolicy #CanadaPolicy #EdTech #UNICEF #OECD #CyberSafety #PrivacyLaw #Media #Culture #Privacy #Education #Social
https://the-14.com/childrens-privacy-is-now-critical-infrastructure-in-the-ai-era/

Inotiv settles cybersecurity class action — here's what boards and executives should know.

The company filed an 8-K today confirming a settlement agreement resolving litigation stemming from its August 2025 data breach. PHI and PII were among the data potentially acquired.

The settlement, if court-approved, provides class members with:
• Compensation for lost time and out-of-pocket expenses
• Recovery for extraordinary losses
• An alternative flat cash payment
• Two years of credit monitoring

Attorneys' fees are capped at $275,000. The company anticipates full insurance coverage for all settlement payments.

No admission of liability. Three federal cases were dismissed and refiled in Indiana state court before this resolution.

This is a useful case study in how post-breach litigation tends to consolidate and settle — and why cyber liability insurance structuring matters from day one.

Full incident profile: https://www.board-cybersecurity.com/incidents/tracker/inotiv-cybersecurity-incident-f965dc60?utm_source=mastodon&utm_medium=social&utm_campaign=inotiv-update

#CyberSecurity #DataBreach #BoardGovernance #CyberRisk #PrivacyLaw

Inotiv settles cybersecurity class action — here's what boards and executives should know.

The company filed an 8-K today confirming a settlement agreement resolving litigation stemming from its August 2025 data breach. PHI and PII were among the data potentially acquired.

The settlement, if court-approved, provides class members with:
• Compensation for lost time and out-of-pocket expenses
• Recovery for extraordinary losses
• An alternative flat cash payment
• Two years of credit monitoring

Attorneys' fees are capped at $275,000. The company anticipates full insurance coverage for all settlement payments.

No admission of liability. Three federal cases were dismissed and refiled in Indiana state court before this resolution.

This is a useful case study in how post-breach litigation tends to consolidate and settle — and why cyber liability insurance structuring matters from day one.

Full incident profile: https://www.board-cybersecurity.com/incidents/tracker/inotiv-cybersecurity-incident-f965dc60?utm_source=mastodon&utm_medium=social&utm_campaign=inotiv-update

#CyberSecurity #DataBreach #BoardGovernance #CyberRisk #PrivacyLaw

Portugal's data watchdog issued just 2 fines in all of 2025: Portugal's CNPD opened 3,201 cases and 2,037 investigations in 2025 but applied only 2 fines totalling €47,000, raising questions about GDPR enforcement. https://ppc.land/portugals-data-watchdog-issued-just-2-fines-in-all-of-2025/ #GDPR #DataPrivacy #DataProtection #Portugal #PrivacyLaw

Portugal's data watchdog issued just 2 fines in all of 2025: Portugal's CNPD opened 3,201 cases and 2,037 investigations in 2025 but applied only 2 fines totalling €47,000, raising questions about GDPR enforcement. https://ppc.land/portugals-data-watchdog-issued-just-2-fines-in-all-of-2025/ #GDPR #DataPrivacy #DataProtection #Portugal #PrivacyLaw

🤯 Your face is data. And if you don't know who owns it, you're already at risk. #Deepfakes, facial recognition, and #biometrics. These technologies are blurring the line between who you are and who controls your data. But is the law keeping up? We break down the fight for digital rights! ✊

#DigitalPrivacy #Biometrics #Deepfakes #CivilLiberties #DataGovernance #LegalTech #PrivacyLaw #AIethics #PersonalIdentity #TechEthics

🤯 Your face is data. And if you don't know who owns it, you're already at risk. #Deepfakes, facial recognition, and #biometrics. These technologies are blurring the line between who you are and who controls your data. But is the law keeping up? We break down the fight for digital rights! ✊

#DigitalPrivacy #Biometrics #Deepfakes #CivilLiberties #DataGovernance #LegalTech #PrivacyLaw #AIethics #PersonalIdentity #TechEthics

FYI: Yango's €100M GDPR fine: Dutch watchdog cracks down on data flows to Russia: Dutch DPA fines Yango parent MLU 100 million euros for transferring Finnish and Norwegian driver and passenger data to Russia without adequate GDPR safeguards. https://ppc.land/yangos-eur100m-gdpr-fine-dutch-watchdog-cracks-down-on-data-flows-to-russia/ #GDPR #DataProtection #PrivacyLaw #Yango #DutchDPA

FYI: Finland's top court rules church envelope did not breach GDPR: Finland's Supreme Administrative Court rules a parish election envelope revealing church membership did not breach GDPR, setting a nuanced Article 9 precedent. https://ppc.land/finlands-top-court-rules-church-envelope-did-not-breach-gdpr/ #GDPR #Finland #PrivacyLaw #DataProtection #SupremeCourt

FYI: Finland's top court rules church envelope did not breach GDPR: Finland's Supreme Administrative Court rules a parish election envelope revealing church membership did not breach GDPR, setting a nuanced Article 9 precedent. https://ppc.land/finlands-top-court-rules-church-envelope-did-not-breach-gdpr/ #GDPR #Finland #PrivacyLaw #DataProtection #SupremeCourt

FYI: Ninth Circuit shuts door on late Google Incognito class damages bid: The Ninth Circuit on April 20, 2026, affirmed the denial of a late intervention bid in the Google Incognito class action, blocking a damages class appeal. https://ppc.land/ninth-circuit-shuts-door-on-late-google-incognito-class-damages-bid/ #NinthCircuit #GoogleIncognito #ClassAction #LegalNews #PrivacyLaw

ICYMI: Finland's top court rules church envelope did not breach GDPR: Finland's Supreme Administrative Court rules a parish election envelope revealing church membership did not breach GDPR, setting a nuanced Article 9 precedent. https://ppc.land/finlands-top-court-rules-church-envelope-did-not-breach-gdpr/ #Finland #GDPR #DataProtection #PrivacyLaw #ChurchAndState

Canadian regulators find ChatGPT privacy rules broken from the start: Four Canadian privacy regulators find ChatGPT's GPT-3.5 and GPT-4 models breached federal and provincial privacy laws on consent, accuracy, and data retention. https://ppc.land/canadian-regulators-find-chatgpt-privacy-rules-broken-from-the-start/ #PrivacyLaw #ChatGPT #DataProtection #AIRegulation #CanadianLaw

Finland's top court rules church envelope did not breach GDPR: Finland's Supreme Administrative Court rules a parish election envelope revealing church membership did not breach GDPR, setting a nuanced Article 9 precedent. https://ppc.land/finlands-top-court-rules-church-envelope-did-not-breach-gdpr/ #Finland #GDPR #DataProtection #PrivacyLaw #ChurchMembership

RE: https://universeodon.com/@jaykuo/116517237161842520

We always knew this was coming.
Next, bans for this kind of medication.
This is no surprise from the people that force children to carry and birth their rapists babies.

#Women #Rights #HumanRights #WomensHealthcare #AbortionIsHealthcare #AbortionIsAPrivacyLawIssue #PrivacyLaw #GOPWarOnWomen

RE: https://universeodon.com/@jaykuo/116517237161842520

We always knew this was coming.
Next, bans for this kind of medication.
This is no surprise from the people that force children to carry and birth their rapists babies.

#Women #Rights #HumanRights #WomensHealthcare #AbortionIsHealthcare #AbortionIsAPrivacyLawIssue #PrivacyLaw #GOPWarOnWomen

EDPB's first-ever DPIA template finally lands - but experts want more: The EDPB adopted a standardised DPIA template on 10 March 2026, opening a public consultation until 9 June 2026. Here is what marketers and DPOs need to know. https://ppc.land/edpbs-first-ever-dpia-template-finally-lands-but-experts-want-more/ #EDPB #DPIA #DataProtection #PrivacyLaw #GDPR

US State legislative tracker re "chatbots." https://fpf.org/2026-chatbot-legislation-tracker/
#lawfedi #ai #privacylaw

US State legislative tracker re "chatbots." https://fpf.org/2026-chatbot-legislation-tracker/
#lawfedi #ai #privacylaw

𝗛𝗼𝘄 𝘁𝗼 𝗣𝗿𝗼𝘁𝗲𝗰𝘁 𝗬𝗼𝘂𝗿 𝗣𝗿𝗶𝘃𝗮𝗰𝘆 𝗶𝗻 𝘁𝗵𝗲 𝗔𝗜 𝗘𝗿𝗮: 𝗨𝗞 𝗚𝗗𝗣𝗥 & 𝗧𝗵𝗲 𝗡𝗲𝘄 𝗖𝗼𝗱𝗲 𝗼𝗳 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗲

#ArtificialIntelligence #UKGDPR #DataProtection #PrivacyLaw #AutomatedDecisionMaking #DataRights #TechLaw #AICodeOfPractice #MachineLearning #DigitalRights

https://youtu.be/qTiqqX2YukU

𝗛𝗼𝘄 𝘁𝗼 𝗣𝗿𝗼𝘁𝗲𝗰𝘁 𝗬𝗼𝘂𝗿 𝗣𝗿𝗶𝘃𝗮𝗰𝘆 𝗶𝗻 𝘁𝗵𝗲 𝗔𝗜 𝗘𝗿𝗮: 𝗨𝗞 𝗚𝗗𝗣𝗥 & 𝗧𝗵𝗲 𝗡𝗲𝘄 𝗖𝗼𝗱𝗲 𝗼𝗳 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗲

#ArtificialIntelligence #UKGDPR #DataProtection #PrivacyLaw #AutomatedDecisionMaking #DataRights #TechLaw #AICodeOfPractice #MachineLearning #DigitalRights

https://youtu.be/qTiqqX2YukU

If you are a US citizen wondering which law enables your government to purchase your personal data (using your money), the answer can be found at https://odysee.com/@NaomiBrockwell:4/3rd-party-doctrine:7

#surveillance #privacy #dataprivacy #privacylaw #privacylaws #thirdpartydoctrine

Laws are only as strong as their enforcement.

This is the core problem with most privacy laws. We need to demand better laws, with stronger, faster enforcement mechanisms.

#Privacy #PrivacyLaw #HumanRights

Laws are only as strong as their enforcement.

This is the core problem with most privacy laws. We need to demand better laws, with stronger, faster enforcement mechanisms.

#Privacy #PrivacyLaw #HumanRights

RE: https://social.openrightsgroup.org/@openrightsgroup/116403024808284896

I’m looking at you, Canada. Are you paying attention?

#Canada #NationalSecurity #DigitalSovereignty #Cybersecurity #PrivacyLaw #DataProtection #Never51 #ElbowsUp

RE: https://social.openrightsgroup.org/@openrightsgroup/116403024808284896

I’m looking at you, Canada. Are you paying attention?

#Canada #NationalSecurity #DigitalSovereignty #Cybersecurity #PrivacyLaw #DataProtection #Never51 #ElbowsUp

IAB backs Seattle Children's Hospital in Washington wiretap case that could reshape ad measurement: IAB filed an amicus brief on April 10, 2026, at Washington's Supreme Court arguing that applying the state's 1967 wiretapping law to routine browser-to-server interactions would threaten digital advertising measurement and basic website operations. https://ppc.land/iab-backs-seattle-childrens-hospital-in-washington-wiretap-case-that-could-reshape-ad-measurement/ #DigitalAdvertising #AdMeasurement #PrivacyLaw #WiretapCase #IAB

Internet Privacy Law and Practice – The Conversation

Recently The Conversation hosted Anne Toomey McKenna, Guy Kawasaki and Florian Schaub for a discussion of Internet privacy. This was a great overview of where Internet privacy law now stands (it is not good) as well as suggestions on how to improve your privacy. You can watch a recording of the session here:

https://www.youtube.com/watch?v=PPUPyj8Ltc0

If you have an interest in privacy you can follow these folks on social media. I find their commentary helpful.

You will also enjoy Guy Kawasaki’s cheerleading about the Signal application. I think it is fair to say that he is a fan of Signal’s privacy.

Fun fact: Does the name Guy Kawasaki ring a bell? Yes, he’s THAT Guy Kawasaki from the early days of Apple. We were both at Apple computer in the 80’s. I was an IT contractor working at the Bandley Drive IT building and Guy was the one who developed the Apple Evangelist program. Our paths did not cross but I definitely remember when the Apple internal communication group started promoting open positions for “Apple Evangelists.” We were all scratching our heads wondering what an Apple Evangelist was. Now we know that it was one of the very successful Apple marketing campaigns.

One thing I do share with Guy is a deep respect for the security and privacy of the Signal application. I’ve written free guides about Signal available here:

https://MyPersonalPrivacy.net

Guy has written an electronic book about Signal entitled “Everybody has Something to Hide.” It is available on Amazon as a Kindle book for about $1.00. You can get it here:

https://a.co/d/07ynsh5S

#Security #Privacy #PrivacyLaw #Signal

FTC Takes Action Against Match and OkCupid for Deceiving Users by Sharing Personal Data with Third Party
#lawfedi #ftc #privacylaw
https://www.ftc.gov/news-events/news/press-releases/2026/03/ftc-takes-action-against-match-okcupid-deceiving-users-sharing-personal-data-third-party

ICYMI: EDPB's damning digest: how 'legitimate interest' fails in practice: EDPB's case digest on Article 6(1)(f) GDPR reveals how controllers routinely fail the legitimate interest test - what advertisers and marketers need to know. https://ppc.land/edpbs-damning-digest-how-legitimate-interest-fails-in-practice/ #GDPR #DataProtection #DigitalMarketing #LegitimateInterest #PrivacyLaw

GDPR's AI training legal battle: regulators converge but still clash: A new academic study maps 19 regulatory guidelines and global enforcement actions on GDPR legal bases for AI training, revealing surface consensus masking deep divergence. https://ppc.land/gdprs-ai-training-legal-battle-regulators-converge-but-still-clash/ #GDPR #AI #DataProtection #LegalTech #PrivacyLaw

Being well-informed about the data protection regulations in your own jurisdiction can be a significant asset for your personal and collective battles to improve privacy.

📘 Learn more on what to look for when researching your local privacy laws.

🧰 Check our Privacy Activist Toolbox tip to Know Your Privacy Laws: https://www.privacyguides.org/en/activism/toolbox/tip-know-your-privacy-laws/

#PrivacyGuides #Activism #PrivacyActivistToolbox #Privacy #PrivacyLaw

ICYMI: Reddit fined £14.47m by UK regulator over children's data failures: UK's ICO fines Reddit £14.47m for failing to verify users' ages and processing children's data without a lawful basis, marking a significant UK enforcement action. https://ppc.land/reddit-fined-14-47m-by-uk-regulator-over-childrens-data-failures/ #Reddit #ICO #DataProtection #ChildrensData #PrivacyLaw

Colombia takes data privacy seriously 🇨🇴

Law 1581 of 2012, fully regulated by Decree 1377 of 2013, protects personal data as a constitutional right under habeas data. Influenced by EU privacy principles but adapted to Latin American legal traditions, it gives people the right to access, correct, and control their data.

Enforced by the Superintendencia de Industria y Comercio — with real penalties for non-compliance.
#DataPrivacy #Colombia #HabeasData #PrivacyLaw #CyberSecurity

Canada’s main privacy law, PIPEDA, remains the backbone of its data protection framework. While modernization efforts like Bill C-27 stalled in 2025, PIPEDA still governs how personal data is handled and transferred 🍁

As Canada and Mexico deepen economic ties, privacy compliance increasingly affects cloud services, HR systems, analytics, and cross-border digital trade.
Data governance is now part of trade strategy.
#Canada #PrivacyLaw #Trade #USMCA

Australia’s new Social Media Minimum Age law will bar under-16s from holding accounts on major social media platforms starting Dec 10, 2025.

Platforms must take “reasonable steps” to prevent underage access — and fines for failure can reach A$49.5M.

Messaging, education, gaming, and some community platforms are exempt — but for large social networks, this is a major privacy + age-assurance compliance shift.
#Australia #PrivacyLaw #Compliance

Why People Don’t Demand Data Privacy, Even As Governments & Corporations Collect More Personal Info

https://fed.brid.gy/r/https://www.techdirt.com/2025/11/21/why-people-dont-demand-data-privacy-even-as-governments-corporations-collect-more-personal-info/

I feel this needs to be repeated 🍪

The annoyance of cookie banners
doesn't come from the regulations, but from the malicious compliance of the corporations who want to exploit your personal data.

No data-harvesting cookies = No banner.
Simple.

My websites have no cookie banners,
because they don't use any non-essential cookies and don't track visitors.

Yours shouldn't either.

#Privacy #Cookies #PrivacyLaw