The Swedish Data Protection Authority (IMY) has determined that it has the authority to initiate supervision of search services with publishing certificates following complaints from individuals. These services make a large amount of personal data available on the internet, including names, addresses, ages, household sizes, vehicle ownership, and involvement in companies, which has caused significant distress and concern among individuals. IMY’s reassessment is prompted by developments in European and Swedish legal precedents, which have strengthened individuals’ rights and emphasized the need to balance data protection with freedom of expression. The decision confirms IMY’s jurisdiction to investigate such services based on complaints under the General Data Protection Regulation (GDPR), but specific actions against these services will be determined on a case-by-case basis in future investigations.
***
The UK’s Information Commissioner’s Office (ICO) report emphasizes the need for organizations to enhance their cybersecurity measures to safeguard personal data in the face of escalating cyber threats. It underscores a concerning trend of increasing cyber breaches, with over 3,000 incidents reported in 2023, predominantly affecting the finance, retail, and education sectors. Through analyzing these breaches, the report identifies common security lapses, such as phishing attacks and misconfigurations, and offers practical advice to bolster defenses. Urging transparency and accountability, the report emphasizes the importance of foundational cybersecurity controls and outlines the consequences, including fines, for organizations failing to implement adequate security measures. Collaboration with authorities like the National Cyber Security Centre is encouraged, alongside timely reporting of breaches to facilitate expert support and mitigate further risks.
***
The European Commission has launched an investigation into Meta, focusing on potential shortcomings in the company’s protection measures for minors on its platforms, in accordance with the EU Digital Services Act. The Commission raised issues about whether Instagram and Facebook’s age verification systems are adequate and expressed concerns that their algorithms might encourage addictive behaviors in children, potentially leading them down a “rabbit hole” of content.
***
The UK’s House of Lords will begin the report stage for the proposed Data Protection and Digital Information Bill on June 10. During this stage, any member of the House of Lords can propose further amendments to the bill. These approved amendments will be incorporated into a reprinted version of the legislation before it undergoes a third reading in the same legislative body.
May 17, 2024 2:30:00 PM