Weekly Privacy News Update – Episode 17

FEB 14 featured image

Meta hints service shutdown with no Privacy Shield alternative

Meta published in its annual financial report the possibility that Facebook and Instagram may stop European operations if the EU and the US can’t come to a resolution on data flows. Meta currently relies on Standard Contractual Clauses for its EU data transfers and formerly relied on the EU-US Privacy Shield Framework, which was invalidated in 2020. In its filing to the US Securities and Exchange Commission, Meta warned that it will be unable to maintain its “most significant products and services” if the EU and US can’t create a replacement for Privacy Shield or allow the current transfer system and mechanisms to stay in place.

Source: IAPP, City AM

European Commission release data flow study

The European Commission published a study that quantifying data flows in Europe. They created a tool to map data flows across the EU, Iceland, Norway, Switzerland, and the UK, forecast data outflows, and analyze data flows by sector, company size, and cloud service type. They estimate that by 2030 the flow of data from European enterprises will be fifteen times higher than in 2020. According to the Commission, understanding data flow trends “will work in synergy with the upcoming Data Act in order to foster a more vivid, dynamic and fluid cloud market.”

Source: IAPPEuropean Commission

A study found which apps track the most personal data

The study published by URL Genius, a mobile marketing company, found that YouTube and TikTok track the most personal data out of 10 popular social media apps. Both apps had fourteen network contacts separately before a user logged in to their account. The social media app category, which included Facebook, Twitter, and Instagram, averaged six contacts before a user logged in. For YouTube, 10 out of the 14 network contacts were first-party, while 13 out of the 14 network contacts of TikTok were third parties.


Irish DPC drafts children’s privacy guidance

Ireland’s Data Protection Commission (DPC) will publish a series of children’s privacy guidance materials “to explain basic principles of data protection and to assist children in exercising their data protection rights…” In a blog post reflecting on Safer Internet Day, the DPC highlighted their focus on children’s data protection issues in 2021, including publishing their guidance “Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing.” They plan to continue to prioritize their work protecting the data privacy of children and other vulnerable groups throughout 2022.


Masha Komnenic CIPP/E, CIPM, CIPT, FIP
More about the author

Written by Masha Komnenic CIPP/E, CIPM, CIPT, FIP

Masha is an Information Security and Data Privacy Specialist and a Certified Data Protection Officer. She has been a Data Protection Officer for the past six years, helping small and medium-sized enterprises achieve legal compliance. She has also been a privacy compliance mentor to many international business accelerators. She specializes in implementing, monitoring, and auditing business compliance with privacy regulations (HIPAA, PIPEDA, ePrivacy Directive, GDPR, CCPA, POPIA, LGPD). Masha studied Law at Belgrade University, and she passed the Bar examination in 2016. More about the author

Related Articles

Explore more resources