EU-US data flow agreement welcomed by the EDPB
The European Data Protection Board (EDPB) released a statement welcoming the recently announced US-EU Trans-Atlantic Data Privacy Framework. In the statement, EDPB Chair Andrea Jelinek lauded US efforts to protect the personal data of European Economic Area (EEA) individuals. However, she emphasized that the announcement does not equate to a new legal framework, and that the EDPB plans to carefully review several aspects of the new framework, including details on data collection for national security purposes and how the US will deal with EEA individuals’ rights to “an effective remedy and to a fair trial.”
Data Governance Act passed
The European Parliament approved the Data Governance Act (DGA) on April 6, 2022. The law seeks to expand safe data sharing, enabling companies and startups to obtain access to more data. Supporters of the legislation hope that it will encourage innovation and new product development and benefit individual consumers. Angelika Niebler, a German member of the European Parliament, said, “The possibilities are virtually limitless” when it comes to potential consumer benefits, though she added that “The neutrality of the data intermediation services is key.” The DGA still needs to be adopted by EU countries in the council before becoming a law.
Source: IAPP, European Parliament
Google and YouTube’s consent banners fail Hamburg’s data protection requirements
The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has advised Google that its consent banner failed to meet its data protection requirements. The consent banner made giving consent easier and more accessible than rejection, which is unacceptable under several data protection regulations. French supervisory authority Commission nationale de l’informatique et des libertés (CNIL) fined Google in 2021 for the same issue. Hamburg Commissioner for Data Protection and Freedom of Information Thomas Fuchs said that Google is willing to implement the appropriate changes and that “Overall, a ‘reject all button’ must now become the standard for cookie banners.”
A spotlight on First-party data
Tech giants Google and Apple are distancing themselves from third-party tracking and moving towards first-party tracking, which relies on user consent to collect data. First-party tracking allows companies to collect data on consumers while they are on the company’s website or using the company’s app. Third-party tracking, which is losing favor due to privacy concerns, involves tracking consumers even as they go to other websites or apps. This switch to first-party tracking also has implications for small businesses that rely on targeted tracking for advertising, as it may be necessary for them to move towards working with large companies that gather first-party tracking data.
Source: IAPP, The New York Times
