AI Regulation, Eurostar’s SmartCheck & Privacy Safeguards

In this week’s episode of the Data Protection Made Easy podcast, our hosts delved into some crucial news and developments in the world of data protection. Here are the key points discussed:

New Regulation on GDPR Enforcement Harmonization: The European Commission proposed a new Regulation aiming to streamline the handling of cross-border data protection cases. The proposal aims to harmonize administrative procedures and cooperation rules between EU Supervisory Authorities. It also introduces standardized complaint procedures and the possibility of resolving complaints through amicable settlements.

UK’s Associate Status in Global Cross Border Privacy Rules Forum: The UK has become the first country to be granted ‘associate’ status in the Global Cross Border Privacy Rules Forum. This status allows the UK to cooperate on international data flows with member countries, including the US, Canada, Mexico, and others, while safeguarding data protection and privacy standards.

Data Protection Bill Likely to be Tabled Again: The draft Digital Personal Data Protection Bill (DPDP) is set to be tabled in the Indian Parliament’s monsoon session. This will be the second attempt to pass the bill, which includes provisions for penalties for violations and aims to protect data privacy in the country.

Joint Letter on Data Protection and Effective Communications to Savings Customers: The ICO and the FCA published a joint letter addressing data protection provisions and effective communications to savings customers. The letter clarifies that data protection regulations do not prevent firms from providing customers with information on better deals and options.

WhatsApp’s Shift to Legitimate Interest Legal Basis: WhatsApp updated its privacy policy and switched to the ‘legitimate interest’ legal basis for processing personal data in Europe. This shift followed an Irish Data Protection Commissioner’s sanction and aims to ensure compliance with GDPR requirements.

Apple’s Concerns over UK Surveillance Law Changes: Apple expressed concerns about the UK’s planned surveillance law changes, fearing potential impacts on user privacy and encryption. The Investigatory Powers Act 2016 may force Apple to withdraw certain security features, such as iMessage and FaceTime, if not adequately addressed.

Eurostar Introduces SmartCheck Facial Recognition System: Eurostar introduced the SmartCheck facial recognition system at St Pancras London, allowing passengers to go through a single passport check by scanning their documents and verifying their face and ticket using the iProov.me app.

Nigel Farage’s SAR and IT Worker Blackmail Hack: Nigel Farage’s subject access request (SAR) revealed details supporting his claim that Coutts Bank closed his account for political reasons. Additionally, an IT security analyst received a prison sentence for attempting to extort £300,000 worth of Bitcoin from an Oxford-based gene and cell therapy company.

EDPB’s Recommendations on Controller Binding Corporate Rules: The European Data Protection Board published recommendations on the application and content of Controller Binding Corporate Rules, aiming to provide standard guidelines for compliance.

Brazil’s First Sanction for Non-Compliance with LGPD: The Brazilian National Data Protection Authority issued its first sanction for non-compliance with the Brazilian General Data Protection Law (LGPD). A small business entity faced penalties for violating data protection articles and Resolution CD/ANPD No. 1/2021.

Join Data Protection People’s Community of Experts: Stay updated with the latest developments in data protection and cybersecurity. Join our community of over 1200 data protection enthusiasts and practitioners by visiting https://dataprotectionpeople.com/events/ to explore upcoming events and sessions.

Be sure to tune in to the full podcast episode for in-depth discussions on these critical data protection topics. Keep data protection easy, secure, and compliant with Data Protection People!