The recent a nnouncement of multi-state investigations and actions by the CPPA (California Privacy Protection Agency) show that that US enforcement of laws to protect online privacy are catching up with Europe, and could even soon surpass it. On top of the large fines imposed on companies such as Honda ...

The UK's Data Use and Access Act has been agreed by Parliament and will soon become law From the Data Protection Act 2018:

In 2019, in an attempt to sideline decades of widespread demands for online privacy, Google agreed to sunset third-party cookies. They said this would be complete by 2022, but then proceeded to postpone it 3 times - till last July. They then they announced a changed plan to keep the ...

It’s tough for poorly funded enforcement agencies to take on monopoly power. Lina Khan has pointed out the hard work & dedication needed when outnumbered 20:1 by corporate defence teams. https://lnkd.in/gk3AJzQT Online, an alternative to complex litigation is to leverage the gatekeeper role of obligatory software systems such as browsers ...

This week the European General Court ordered the European Commission pay €400 damages to a European individual who had visited one of their websites, resulting in their personal data, i.e. their IP address, being sent to a US website server. This is important because it signals an acceptable value for ...

Introduction Explanation Conclusion tweets I see people are still confused about fingerprinting. It is not possible to uniquely identify someone's browser this way, only a purposefully stored identify can do that, in a cookie or other browser storage. Fingerprinting can be used to correlate these identifiers, but does not replace ...

The Information Commissioner’s Annual Report 2023/2024 reports that they "warned 53 of the UK’s top 100 websites that they faced enforcement action if they did not make changes to comply with data protection law". Following this, according to the ICO, "8 had changed their cookie banners to be compliant and ...

The European Data Protection Board (EDPB), an independent European body setup to ensure that the General Data Protection Regulation and the Law Enforcement Directive are applied consistently The EDPB is composed of the heads of the national data protection authorities ( Supervisory Authorities ) of the countries in the European ...

In 2002 the ePrivacy Directive was established to safeguard the privacy of European citizens using online services. It mandated giving individuals the ability to refuse the use of data stored in their online devices, complementing the 1995 Data Protection Direcive that regulated personal data processing. Despite this, the burgeoning surveillance industry largely disregarded this requirement. Instead, it ramped up lobbying efforts and initiatives aimed at influencing political processes against strict data protection and privacy legislation...

Recently US states such as California and Colorado have introduced laws demanding websites respect browser opt-out signals, or “universal opt-out mechanisms” indicating that consumers do not want their personal data used commercially or more generally do not want to tracked across websites and services. Existing examples of such browser based ...