Weekly Privacy News Update – Episode 08

European Parliament bans targeted ads in DMA

The Internal Market and Consumer Protection Committee of the European Parliament voted 42-2 approving an amended draft Digital Markets Acts (DMA), which will impose a targeted advertising ban. The amended draft will demand companies to “refrain from combining personal data for the purpose of delivering targeted or micro-targeted advertising” and emphasize the ban on targeted advertising to minors. The  “clear, explicit, renewed, informed consent” from users will be an exception for targeted ads on adults, based on the EU General Data Protection Regulation (GDPR).

Source: IAPPEuropean Parliament

France’s DPA publishes guidance on the use of third-party cookie alternatives

The data protection authority (DPA) of France, Commission nationale de l’informatique et des libertés (CNIL), issued guidance on using third-party cookie alternatives and assures that it is compliant with data protection legal framework. CNIL audits first-party cookies, fingerprinting, single sign-on systems, unique identifiers, and cohort-based ad targeting.  The guidance also affirms that “the CNIL reminds that the development of alternative to third-party cookies must not be made at the expense of the Internet user’s right to protection of their personal data and privacy.”

Source: IAPP, CNIL

Proposed bill to create federal privacy enforcement agency

The bill was proposed by U.S. Representatives Anna Eshoo and  Zoe Lofgren. It will set up a federal agency that will enforce and penalize companies for violations of privacy rights. The Digital Privacy Agency could impose the penalty of $ 42,530 per incident thru the proposed Online Privacy Act. The amount is the same as with U.S. Federal Trade Commission can carry out. The bill will also allow the citizens to “access, correct, delete and transfer data about them.” The agency will be funded and staffed with 1,600 employees based on the fact sheet. According to the lawmakers, the bill would not preempt the California Consumer Privacy Act (CCPA) and other state legislation.


China’s PIPL test U.S. privacy performance

The U.S. lags behind the privacy race with China’s Personal Information Protection Law (PIPL) implementation.  The U.S. is “being left behind from a policy perspective on the global stage,” with the lack of federal privacy law, according to Cillian Kieran, CEO of Ethyca. The PIPL affects U.S. companies as a few of them are now “re-evaluating their exposure (to PIPL), and asking is it worth it or not,”  said Samm Sack, a New America Foundation Cyber Policy Fellow. Also, according to Center for a New American Security Senior Fellow Martijn Rasser. the lack of a federal law “impairs America’s global leadership on the issue.”


WhatsApp alters privacy policy in Europe

After a EUR 225 million penalty by Ireland’s Data Protection Commission, WhatsApp revises its privacy policy. This is due to violations of the EU’s General Data Protection Regulation violations (GDPR). According to the company, the changes will “add additional detail around our existing practices,” and the revision “does not change how we process, use or share user data with anyone, including (parent company) Meta, nor does it change how we operate our service.”


Masha Komnenic CIPP/E, CIPM, CIPT, FIP
More about the author

Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP

Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author

Related Articles

Explore more resources