Legal.digital (Page 13)

Sign in Subscribe

Ethnic Profiling

Ethnic Profiling

Whistleblower reveals Netherlands’ use of secret and potentially illegal algorithm to score visa applicantsIn 2022, a report commissioned by the Dutch Ministry of Foreign Affairs concluded that the agency’s internal culture was riddled with structural racism. Some employees recounted being described as “monkeys” while others were continually asked to

Advisory AP Google products in education

Advisory AP Google products in education

On April 20, 2023, the Ministry of Education, Culture and Science informed the House of Representatives how an earlier AP opinion on the use of Google products in education was followed up. The parliamentary letter also named some additional findings about the use of Google products. It is good that

The algorithm that blew up Italy’s school system Pierluigi Bizzini

The algorithm that blew up Italy’s school system Pierluigi Bizzini

tem of teacher recruitment in Italy, with the introduction of a GPS algorithm by former Minister of Education Lucia Azzolina. The algorithm evaluates teachers' CVs and preferences in location and class to match them with schools' vacancies. If the algorithm finds a better matching candidate, it selects them instead. With

Dutch Supreme Court Rules on Public Access to Civil Proceedings

Cassation in the interest of the law. Disclosure of civil proceedings. Are courts required to disclose to others than parties information about civil proceedings that are or have been pending? Art. 6 ECHR. Art. 121 Constitution. Art. 6 AVG. Art. 15 BODG. https://deeplink.rechtspraak.nl/uitspraak?id=ECLI:NL:

Garante publishes dark patterns resource

Garante publishes dark patterns resource

Italy's data protection authority, the Garante, published an information page on dark patterns. The Garante said the resource explores the "increasingly widespread phenomenon" of deceptive design patterns that are "still unknown to most users of digital services" and is "part of a large information and awareness project on data protection,

Garante publishes dark patterns resource

Garante publishes dark patterns resource

Italy's data protection authority, the Garante, published an information page on dark patterns. The Garante said the resource explores the "increasingly widespread phenomenon" of deceptive design patterns that are "still unknown to most users of digital services" and is "part of a large information and awareness project on data protection,

Money laundering and terrorist financing: CNIL and its counterparts address European legislators

Money laundering and terrorist financing: CNIL and its counterparts address European legislators

The context On 20 July 2021, the European Commission presented a proposal for an EU AML/CFT Regulation aimed at better detecting transactions that could constitute the criminal offences of money laundering and terrorist financing. On 5 December 2022, the Council of the European Union adopted its position on the

Spyware is only the tip of the iceberg: we need to protect journalists from all forms of surveillance

Spyware is only the tip of the iceberg: we need to protect journalists from all forms of surveillance

The EDRi network published amendments and recommendations for the European Media Freedom Act (EMFA) proposal calling for comprehensive protection for journalists, journalistic sources and human defenders against surveillance measures. https://edri.org/our-work/spyware-is-only-the-tip-of-the-iceberg-we-need-to-protect-journalists-from-all-forms-of-surveillance/

Can organizations realize efficiencies by combining DPO and whistleblower roles?

Following the implementation of the EU Whistleblower Directive in 2021, companies' data protection officers were tasked with setting up secure reporting channels. As these data protection and whistleblowing systems are exercised by the same unit, is it reasonable for companies to combine the DPO and whistleblower roles? PBK Technology Compliance

Civil society urges European Parliament to protect people’s rights in the AI Act

Civil society urges European Parliament to protect people’s rights in the AI Act

In the run up to the AI Act vote in the European Parliament, civil society organisations call on the European Parliament to prioritise fundamental rights and protect people affected by artificial intelligence systems. https://edri.org/our-work/civil-society-urges-european-parliament-to-protect-peoples-rights-in-the-ai-act/

Analysis: Tracking pixel use affecting cybersecurity risk assessments

Analysis: Tracking pixel use affecting cybersecurity risk assessments

Digital tracking pixels and similar technologies are posing an increasing cybersecurity risk, Corvus Insurance Senior Vice President of Risk and Response Lauren Winchester writes in InfoSecurity Magazine. Law firms, regulators and insurers are paying heightened attention to the tracking pixels' vulnerabilities when they assess a company's risk. Winchester said companies

Denmark, Lithuania DPAs carry out DPO reviews

Supervisory Authorities

Denmark, Lithuania DPAs carry out DPO reviews

Denmark's data protection authority, Datatilsynet, published a questionnaire circulated to gauge competencies of municipal data protection officers. The regulator pulled the curtain back on its questions after "a number of inquiries from citizens, companies and public authorities who are interested in the questions asked in the investigation." Lithuania's State Data

EDPB adopts final version of Guidelines on data subject rights - right of access

EDPB adopts final version of Guidelines on data subject rights - right of access

Following public consultation, the EDPB has adopted a final version of the Guidelines on data subject rights - Right of access. The Guidelines analyse the various aspects of the right of access and provide more precise guidance on how the right of access has to be implemented in different situations.

Garante fines marketing company 300K euros

Supervisory Authorities

Garante fines marketing company 300K euros

Italy's data protection authority, the Garante, fined a digital marketing services company 300,000 euros for allegedly illegally processing users' personal data for marketing purposes. The Garante said the company's online portals used dark patterns to entice users "to pay consent to the processing of data for marketing purposes and

Spain’s AI Doctor

Spain’s AI Doctor

Unpublished documents and inside sources give rare look into secretive AI system used to decide who is shirking workSpain has positioned itself as a leader in responsible AI within Europe. Yet promises of transparency have often fallen flat and public watchdogs have struggled to gain meaningful access to algorithms deployed

Fine for SVB after flawed identity check

Supervisory Authorities

Fine for SVB after flawed identity check

The Personal Data Authority (AP) is fining the Social Insurance Bank (SVB) 150,000 euros for inadequate identity verification by the telephone helpdesk. Clients with AOW benefits ran the risk that sensitive information would end up with people who are not entitled to it. The SVB has since taken measures.

EOKM seeks injunction against porn website

Judgment submitted by: Diederik Stols, Hanna van Til, and Otto Volgenant, Boekx AdvocatenRb. Amsterdam April 12, 2023, IEF 21357; ECLI:NL:RBAMS:2023:2192 (EOKM v. Hammy Media) The Expertise Bureau Online Child Abuse (EOKM) has filed a lawsuit against Hammy Media, the operator of the porn website 'xhamster.com'.

Austria DPA rules against newspaper cookie paywalls in NOYB complaint

Supervisory Authorities

Austria DPA rules against newspaper cookie paywalls in NOYB complaint

Austria’s Data Protection Authority ruled in favor of privacy advocacy group NOYB's complaints against multiple Austrian newspapers, Euractiv reports. In 2021, NOYB lodged complaints against seven Austrian and German news organizations for their use of cookie paywalls and the resulting "disproportionate cost between subscription fees and data sharing." The

Court mandates consent for recognizable individuals in non-professional pornographic content

Porn website must be able to prove that individuals who are recognizable in images in non-professionally created footage have given their consent to disclosure. https://deeplink.rechtspraak.nl/uitspraak?id=ECLI:NL:RBAMS:2023:2192&pk_campaign=rss&pk_medium=rss&pk_keyword=uitspraken

Digital legacy in the Netherlands: Risks and ambiguities

Digital legacy in the Netherlands: Risks and ambiguities

Via Ars Aequi. It appears that many Dutch people have not properly arranged their digital legacy. This can lead to risks such as online survival and identity fraud. A will can usually be a solution, but not everyone makes a will. Digital estate includes personal, financial, business and social media

"Pay or Okay" - the beginning of the end?

"Pay or Okay" - the beginning of the end?

"Pay or Okay" - the beginning of the end? "PUR Abo" on derStandard.at illegal according to Austrian DPA https://noyb.eu/en/pay-or-okay-beginning-end

Finally, the ECJ is interpreting Article 22 GDPR (on individual decisions based solely on automated processing, including profiling)

Finally, the ECJ is interpreting Article 22 GDPR (on individual decisions based solely on automated processing, including profiling)

Alessandra Silveira (Editor) ▪ 1) What is new about this process? Article 22 GDPR is finally being considered for before the European Court of Justice (ECJ) – and on 16 March 2023, the Advocate General’s Opinion in Case C-634/21 [SCHUFA Holding and Others (Scoring)][1] was published. Article 22 GDPR

Processor must disclose data breach

Processor must disclose data breach

The ruling concerns a dispute between market researcher Blauw and ICT service provider Nebu. Blauw uses the services of Nebu. A cyber attack took place at Nebu, during which data was stolen. Nebu informed its clients about this (to a limited extent); however, Blauw demanded more information. Thereupon Blauw initiated

What civil liability regime applies for artificial intelligence?

What civil liability regime applies for artificial intelligence?

Alongside the traditional profiles of civil liability for human acts, we must confront the legal profiles of civil liability arising from the use of artificial intelligence (AI) systems. Artificial intelligence systems are reaching increasingly advanced levels of autonomy, also thanks to the boost given by generative AI systems with the

EU Court: processing of teachers' personal data in live streaming of public education falls under GDPR

EU Court: processing of teachers' personal data in live streaming of public education falls under GDPR

The processing of teachers' personal data when live-streaming public education that they teach via videoconference falls within the material scope of the AVG. A national regulation that does not meet the conditions of the AVG cannot be considered a detailed regulation within the meaning of the AVG. The application of