Articles about GDPR

Austria-based data protection and privacy advocating NGO noyb (none of your business) has filed a series of complaints against AliExpress, SHEIN, Temu, TikTok, WeChat, and Xiaomi for violating European general data protection regulation (GDPR).

The six firms stand accused of unlawfully transferring user data to China. In its complaints, noyb says that “given that China is an authoritarian surveillance state, companies can’t realistically shield EU users’ data from access by the Chinese government”.

Continue reading →

Governments around the world are increasingly legislating for cybersecurity and privacy. But regions often have differing views on how this should be achieved.

We spoke to Christian Have, CTO of Logpoint, to get insight into how US surveillance laws could serve as a catalyst for Europe to take greater control over its data, pushing forward the concept of digital sovereignty.

Continue reading →

A new report finds that 75 percent of the 100 most visited websites in the US and Europe are not compliant with current privacy regulations.

The study from privacy solution provider Privado.ai shows despite stricter privacy enforcement in Europe a surprising 74 percent of top websites do not honor opt-in consent as required by Europe's General Data Protection Regulation (GDPR).

Continue reading →

Regulation, compliance, and security always entwine themselves into modern day discussions around the latest innovations and technological advancements. Most recently, the fanfare around AI has quickly given rise to conversations about how it is impacting companies’ ability to comply with the General Data Protection Regulation (GDPR). 

GDPR demands that companies stick within data guardrails, yet 100 percent compliance can often seem like a thin tightrope on which companies must balance.  Fortunately, various technologies exist that can help with this, such as Data Loss Prevention (DLP).

Continue reading →

Transatlantic data flows underpin more than $7 trillion in cross-border trade and investment per year, according to the U.S. Department of Commerce. The recently announced EU-US Data Privacy Framework (TADPF), in place as of July 10 2023, is expected to further promote opportunity and economic fruitfulness on both sides of the Atlantic.

However, many are rightfully questioning the staying power of this latest version of the TADPF. Will it be third-time lucky or Groundhog Day all over again? Against this backdrop of uncertainty, many companies must evaluate their short- and long-term regulatory resilience.

Continue reading →

Managing third-party cybersecurity risk across inter-connected supplier ecosystems is becoming increasingly more daunting. Software and systems that used to be managed in-house are now routinely delivered as hosted services by multiple vendors and contractors. Other third parties frequently get brought in at departmental level, often bypassing contracting procedures, and have access to applications that hold sensitive data and business critical information.

A single mistake anywhere in the supply chain could result in data breaches, compliance fines, as well as revenue losses, reputational damage, and a wide range of negative business consequences for months, or even years, down the line.

Continue reading →

Data privacy regulation, GDPR, has been in force for five years but it will soon be superseded by UK GDPR. The Data Protection and Digital Information Bill, now wending its way through parliament, will see organisations move to a UK equivalent following the country's withdrawal from the EU. But what will the change mean in practice?

We spoke to Jon Fielding, managing director of EMEA at Apricorn, to find out how UK GDPR will affect businesses and how they handle and protect data.

Continue reading →

The General Data Protection Regulation (GDPR) turned five years old on May 25, and it has changed the way businesses think about data privacy and security. Whilst GDPR has provided plenty of benefits when it comes to improving the overall security of companies, it also brings about its own set of challenges.

As we reach the five-year anniversary of GDPR, it is the perfect time to reflect on what remains an ongoing challenge for businesses and how they can ensure protection to personal data as we see new threats arise.

Continue reading →

Five years on from the introduction of the EU's General Data Protection Regulation (GDPR), 66 percent of UK IT leaders polled in a new survey from Macro4 say the regulation has made customers less willing to trust businesses with their personal information.

On its introduction the landmark legislation was hailed as raising awareness of the need to protect personal information. Indeed a year after its introduction 36 percent of adults said it made them trust organizations more with their data.

Continue reading →

Facebook owner Meta has been fined a record €1.2 billion (around $1.3 billion) by Ireland's Data Protection Commission (DPC). The fine was issued for breaching EU data sharing regulations by failing to sufficiently protect user data.

In addition to the record fine, Meta has been ordered to cease the transfer of user data from the EU to the US for processing within six months. Responding to the demand to stop the "unlawful processing, including storage, in the US" of European user data, Meta points out that it "uses the same legal mechanisms as other organizations" and indicated that it intends to appeal against the ruling.

Continue reading →

The UK's new Data Protection and Digital Information Bill is set to reduce costs and burdens for British businesses and charities, and remove barriers to international trade.

We know from when it was first brought before parliament last summer that it will also cut the number of repetitive data collection and cookie pop-ups online.

Continue reading →

On the 25th of May, 2018, the General Data Protection Regulation (GDPR) was passed, bringing into law a number of privacy and data protection regulations for those within the EU. Any business that operated within the EU had to immediately begin to respect the regulations laid out by this law.

Yet, even businesses outside of the EU are impacted, due to the fact that anyone that does business with someone within the EU area still must fall under these regulations. This meant that the vast majority of international companies, stretching from Asia and South America to North America and beyond, all had to start abiding by these laws.

Continue reading →

No longer shop with a brand? Pay more for goods and services from a company with a better privacy record? Stop using an app?

All of these and more are actions people are prepared to take if they find out organizations aren't keeping their data safe, according to a new report from DataGrail.

Continue reading →

The European Union's relationship with big tech companies has long been a fractious one. Its Digital Markets Act is aimed at reigning in their power and, among other things, it's credited with forcing Apple to adopt the USB-C standard.

In the latest development a number of European governments are working with Nextcloud to create a 'digitally sovereign' office platform, the aim being to help governments regain their independence from a small number of tech giants and allow them to confidently roll out digitization efforts.

Continue reading →

It’s been four years since the introduction of the General Data Protection Regulation (GDPR), the landmark law governing how organizations operating within the EU use, process, and store consumers’ personal data.

The revolutionary regulation has become one of the world's strictest privacy and security laws. Since its inception, it has seen hefty fines imposed on large and small companies who have been non-compliant, with high-profile cases including British Airways, Marriott Hotels and Amazon.

Continue reading →