European Parliament bans targeted ads in DMA
The Internal Market and Consumer Protection Committee of the European Parliament voted 42-2 approving an amended draft Digital Markets Acts (DMA), which will impose a targeted advertising ban. The amended draft will demand companies to “refrain from combining personal data for the purpose of delivering targeted or micro-targeted advertising” and emphasize the ban on targeted advertising to minors. The “clear, explicit, renewed, informed consent” from users will be an exception for targeted ads on adults, based on the EU General Data Protection Regulation (GDPR).
Source: IAPP, European Parliament
France’s DPA publishes guidance on the use of third-party cookie alternatives
The data protection authority (DPA) of France, Commission nationale de l’informatique et des libertés (CNIL), issued guidance on using third-party cookie alternatives and assures that it is compliant with data protection legal framework. CNIL audits first-party cookies, fingerprinting, single sign-on systems, unique identifiers, and cohort-based ad targeting. The guidance also affirms that “the CNIL reminds that the development of alternative to third-party cookies must not be made at the expense of the Internet user’s right to protection of their personal data and privacy.”
Proposed bill to create federal privacy enforcement agency
The bill was proposed by U.S. Representatives Anna Eshoo and Zoe Lofgren. It will set up a federal agency that will enforce and penalize companies for violations of privacy rights. The Digital Privacy Agency could impose the penalty of $ 42,530 per incident thru the proposed Online Privacy Act. The amount is the same as with U.S. Federal Trade Commission can carry out. The bill will also allow the citizens to “access, correct, delete and transfer data about them.” The agency will be funded and staffed with 1,600 employees based on the fact sheet. According to the lawmakers, the bill would not preempt the California Consumer Privacy Act (CCPA) and other state legislation.
China’s PIPL test U.S. privacy performance
The U.S. lags behind the privacy race with China’s Personal Information Protection Law (PIPL) implementation. The U.S. is “being left behind from a policy perspective on the global stage,” with the lack of federal privacy law, according to Cillian Kieran, CEO of Ethyca. The PIPL affects U.S. companies as a few of them are now “re-evaluating their exposure (to PIPL), and asking is it worth it or not,” said Samm Sack, a New America Foundation Cyber Policy Fellow. Also, according to Center for a New American Security Senior Fellow Martijn Rasser. the lack of a federal law “impairs America’s global leadership on the issue.”
WhatsApp alters privacy policy in Europe
After a EUR 225 million penalty by Ireland’s Data Protection Commission, WhatsApp revises its privacy policy. This is due to violations of the EU’s General Data Protection Regulation violations (GDPR). According to the company, the changes will “add additional detail around our existing practices,” and the revision “does not change how we process, use or share user data with anyone, including (parent company) Meta, nor does it change how we operate our service.”
