.png){kind=logo}
Google Pays agrees to settle for almost $392Million for Privacy issues, mainly concerning Location-tracking
According to the attorneys general, this is the largest consumer privacy settlement in US history, with a 40-state coalition of attorneys general.
$392million settlement, over allegations against the company’s location tracking practices - mostly, misleading users to believe location tracking were off, when Google kept amassing location data on users through various sources.
Last month, Google separately settled a similar location tracking lawsuit withArizona for $85 million. Google faces additional lawsuits brought by Washington, D.C., Indiana and Texas for deceptive location tracking.
CNIL Sanctions DISCORD INC. 800,000 euros for GDPR violations
The amount of this fine was decided with regard to the breaches identified, the number of people concerned, and considering the efforts made by the company to comply throughout the procedure.
The material violations revolve around Retention periods and purpose limitations, A breach of the obligation to inform, ensuring security, conducting a Data protection impact assessment, and most interesting - violation of Privacy by design principles. Apparently, when a user had used the top right ‘X’ to close a voice channel window, it kept running in the background, which may lead to users being overheard by other members present in the voice channel when they thought they had left it.
DigitalMarkets Act and Digital Services Act came into force
Both acts, DSA and DMA strive to tighten online safeguards with the aim to fully harmonize the rules on the safety of online services and the dissemination of illegal content online.
The DSA is broad in reach and is intended to apply to a range of key players across the digital ecosystem (online intermediaries, hosting services, online platforms) and has specific categories and requirements for VLOP - very large internet platforms.
The DMA defines when a large online platform qualifies as a “gatekeeper”. These are digital platforms that provide an important gateway between business users and consumers – whose position can grant them the power to act as a private rule maker, and thus creating a bottleneck in the digital economy. To address these issues, the DMA will define a series of obligations they will need to respect, including prohibiting gatekeepers from engaging in certain behaviours.
Israeli Privacy Authority releases draft on ‘Job applicants medical data collection’ for public notes – until 20.12.2212:00.
The draft concentrates on the hiring process in organizations and emphasizes the sensitivity of medical information requested and collected from applicants within the process. The authority’s main recommendations are as follows:
1. Employers should ask for medical disclosures only after the applicant has been accepted to work.
2. A request for medical disclosure should be specific and relevant to the job description. Employers should avoid using general disclosure forms.
3. The medical information, if possible, will be directed to an occupational doctor, who will return to the employer only with a fitness indication referring to the job.
4. Employers should review medical data retention annually, at least, to assure that no excess data is retained.
5. Employers should respect data subject access rights regarding said data.
