The Polish data regulator launched a probe into OpenAI's ChatGPT for potential privacy violations of the European General Data Protection Regulation. The Polish regulator is the third European data protection agency to raise privacy concerns related to ChatGPT.
The British government on Thursday signed onto a European deal easing trans-Atlantic commercial data flows with the United States, telling Parliament that the United Kingdom will accede to a Brussels-led agreement that allows American firms such as Facebook and Google to store Europeans' data.
A Norway court sided with the country's data protection authority in a battle against Facebook over surveillance based-ads, ruling that the agency has the authority to tell the social media giant to temporarily halt behavioral tracking without explicit consent or face daily fines.
The French data regulator is calling on operators of large-scale databases to shore up defenses against a slew of threats including nation-states and sophisticated hackers capable of exploiting the supply chain or zero-day flaws. Next year CNIL will publish a set of cybersecurity recommendations.
Data protection agencies in Finland and Norway on Tuesday imposed a temporary data transfer ban on Russian ride-hailing app Yango over concerns that Moscow could access sensitive data of Europeans. The ban comes before a Russian law granting the FSB access to taxi users' data takes effect Sept. 1.
The Norwegian data regulator said it will start fining Facebook parent company Meta nearly $100,000 daily starting on Monday unless the social media giant stops showing users behavioral ads without their explicit consent. Privacy advocates call behavioral advertising a privacy violation.
Shadow IT strikes again: Britain's privacy watchdog has reprimanded the NHS Lanarkshire health board in Scotland after finding its staff used WhatsApp for the unauthorized sharing of patient data and images as a workaround for in-person clinical discussions during the coronavirus pandemic.
Unintended bias in artificial intelligence tops deliberate misuse when it comes to the privacy concerns around use of facial recognition in public areas, with data handled by AI, according to Harry Boje, data protection and privacy officer at Paydek.
Ransomware continues to be the biggest threat to the European healthcare sector, but the region also is experiencing an uptick in distributed denial-of-service attacks tied to hacktivist groups, the European Union Agency for Cybersecurity warned.
Swedish data privacy officials issued fines against two of four companies found to have violated rules against the export of European users' data due to their use of Google Analytics, which was found to contravene EU privacy regulations due to the potential risks of U.S. government surveillance.
The European cyber agency continues to remain underfunded despite the surge in ransomware and other cyberthreats, the organization's chief said in a recent hearing. The ENISA chief called on the European Commission to hold regulatory consultations to address the existing policy gaps.
Irish Parliament has proposed changes to a new bill that would make it a criminal offense to disclose privacy reprimands issued by the Data Protection Commission. Civil rights groups are accusing the government of shielding the country's privacy regulator from criticism.
Europe's continued efforts to control its data will not stifle competition and are not an act of "protectionism," a top European Union official said amid growing criticism of the EU's legislative proposal to introduce stringent data-sharing requirements for businesses.
The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.
Swedish privacy regulators ordered Spotify to pay 5 million euros after finding the music streaming service not forthcoming enough with how it uses consumer data. Spotify in an emailed statement said the investigation revealed that "only minor areas of our process" were at odds with the GDPR.