Meta hints service shutdown with no Privacy Shield alternative
Meta published in its annual financial report the possibility that Facebook and Instagram may stop European operations if the EU and the US can’t come to a resolution on data flows. Meta currently relies on Standard Contractual Clauses for its EU data transfers and formerly relied on the EU-US Privacy Shield Framework, which was invalidated in 2020. In its filing to the US Securities and Exchange Commission, Meta warned that it will be unable to maintain its “most significant products and services” if the EU and US can’t create a replacement for Privacy Shield or allow the current transfer system and mechanisms to stay in place.
European Commission release data flow study
The European Commission published a study that quantifying data flows in Europe. They created a tool to map data flows across the EU, Iceland, Norway, Switzerland, and the UK, forecast data outflows, and analyze data flows by sector, company size, and cloud service type. They estimate that by 2030 the flow of data from European enterprises will be fifteen times higher than in 2020. According to the Commission, understanding data flow trends “will work in synergy with the upcoming Data Act in order to foster a more vivid, dynamic and fluid cloud market.”
Source: IAPP, European Commission
A study found which apps track the most personal data
The study published by URL Genius, a mobile marketing company, found that YouTube and TikTok track the most personal data out of 10 popular social media apps. Both apps had fourteen network contacts separately before a user logged in to their account. The social media app category, which included Facebook, Twitter, and Instagram, averaged six contacts before a user logged in. For YouTube, 10 out of the 14 network contacts were first-party, while 13 out of the 14 network contacts of TikTok were third parties.
Irish DPC drafts children’s privacy guidance
Ireland’s Data Protection Commission (DPC) will publish a series of children’s privacy guidance materials “to explain basic principles of data protection and to assist children in exercising their data protection rights…” In a blog post reflecting on Safer Internet Day, the DPC highlighted their focus on children’s data protection issues in 2021, including publishing their guidance “Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing.” They plan to continue to prioritize their work protecting the data privacy of children and other vulnerable groups throughout 2022.