Episodios
-
Laura and Panu are joined by Otto Lindholm to discuss recent CJEU case related to Finnish transparency laws and disclosing criminal conviction data via telephone. What is the Finnish tradition of transparency of official documents really about, are we now losing it and what’s going to happen?
If you ask Panu, doomsday is upon us. Transparency is dead and criminals, politicians and reality tv contestants will run amok with no accountability. Or then its just a storm in a tea cup. Panu does make a lot of mistakes, such as reads the European Charter of Fundamental Rights wrongly.
In other news, but no less important, the Court actually states that oral transfer of data from a filing system is processing of personal data. Did you see that one coming? The cool privacy kids did, Panu did not. The discussion twists and turns and reaches some kafkaesque levels but who cares - privacy theory is fun.
Hope you enjoyed our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
It’s been a heavy spring. So many new things are coming to privacy folk’s way, the world is (literally) shaking, we are killing our one planet, old men are driving the world to turmoil and horror. The world is getting darker.
Therefore, without forgetting the importance of discussing all the difficult things, we decided to treat you with an invitation to Milla’s happy place: to discuss something that is full of bright colors and makes everyone focus, just for a brief moment, on the importance of coming together and enjoying the beautiful wonders that people do. We are of course talking about the Eurovision!
Will ABBA serve a beautiful Swedish Suprise in May in Malmö? Which year did TIX compete for Norway (Milla gets this wrong)? What country did Flo Rida compete for? And whats the most efficient way to collect consent? One of these questions is not answered in this episode.
Even though the task was to talk a little bit about Eurovision and a lot about privacy, Pilvi kinda ends up interviewing Milla about her love for the Eurovision and all the wonderful twists and turns this performance art competition includes. We also asked the presenters to take few breaks for editing purposes, but guess that was too much to ask. And anyway we maybe did or didn’t have time to cover privacy-related news - one has to prioritize.
So put on your headphones, grab a glass of your favorite beverage, and slide into the bliss of Eurovision for a moment – it’s on us!
And Herkko, you can skip this episode!
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
¿Faltan episodios?
-
Friends, Romans, countrymen, lend us your ears!
We’ve come to discuss if transparency matters, not to bury it.
The insufficient privacy decisions that men do lives after them;
The efforts for better privacy is oft interred with their business minded decisions;
So let it be with transparency. The noble controllers
hath told you GDPR is impossibly ambitious:
if it were so, it was a grievous fault,
And grievously hath DPAs enforced it.
Here, under leave of our Executive Producer and the rest-
For he is an honorable man;
so are we all, all honorable people–
come we to battle this out for once and for all.
And battle we shall. It is no secret that the PrivacyPod back-chat is often turned into a gladiator arena where we battle our views to the very end. One of the most discussed subject is if transparency even matters and what is the point of it. This time, Floora has set up the challenge and armed our gladiators Milla and Pilvi with gladius swords and retes nets, and lets them lose on the arena.
Who barricades themselves on a hill of business minded decisions? Does better transparency create more risks or will it reduce risks? Is transparency a zero-sum game? Who tries to take a victory lap on a high horse only to be knocked down? Who has the high ground? Who tries to win all Partners to their side with icky frases? Will our friendship survive this or will this be the end of PrivacyPod?
So grab some popcorn and join in for a Shakespeare level drama!
Links:
Klarna case:
https://www.edpb.europa.eu/news/national-news/2022/swedish-authority-privacy-protection-imy-issues-administrative-fine-against_enhttps://www.imy.se/en/news/administrative-fine-against-klarna-after-investigation/
Whatsapp case:
https://www.dataprotection.ie/en/news-media/press-releases/data-protection-commission-announces-decision-whatsapp-inquiry
Shakespeare: Julius Caesar, Act III, scene II:
https://www.poetryfoundation.org/poems/56968/speech-friends-romans-countrymen-lend-me-your-ears
https://www.youtube.com/watch?v=q89MLuLSJgk
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
It’s about time you fell in love with something that will love you back, and that, our friends, is the crossroad of privacy, government openness, and freedom of speech. It doesn’t judge you, and we won’t either.
The European Court of Justice, however, will totally judge you, even if it goes against deep roots or local law in your country. In this episode, Pilvi and Jyri will discuss the new (Finnish!) European Court of Justice case “Endemol Shine”. Here a Finnish district court had denied the release of court documents due to GDPR to a producer conducting background checks for reality TV, despite local statutes on openness of court documents. We continue on the same path with discussing NOYB filing a complaint on MrKoll in Sweden, which touches upon the Nordic unwillingness to judge and define what journalism and media is. We end up wondering if GDPR is obliterating Nordic cultures and what consequences this may have.
On other news, the USA will totally judge you as well if you are TikTok or happen to be from Singapore. We discuss the “The US TikTok Ban” as an interesting reaction to possible cross-border data transfers to a country that might use that personal data for intelligence activities… sounds vaguely familiar.
We also discuss the Verkkokauppa.com case where the Finnish DPA decided on a record fine of 856 000 euros for not having defined retention times for online customers’ customer account data as well as forcing all online customers to create an account.
This episode will also include the first ever musical number of PrivacyPod.
So push play, hop on to this love boat, and we´ll take good care of you.
(Ps. If you missed it, the EU Parliament accepted the AI Act.)
Links:
Endemol Shine
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:62022CN0740NOYB and MrKoll:
https://noyb.eu/en/swedish-data-brokers-claim-journalists-legal-protection-evade-eu-law
How to get a media license in Sweden:
https://mediemyndigheten.se/ansokan-och-registrering/medier-pa-natet/
H.R.7521 - Protecting Americans from Foreign Adversary Controlled Applications Act:
https://www.congress.gov/bill/118th-congress/house-bill/7521?q=%7B%22search%22%3A%22TikTok%22%7D&s=1&r=5
Case Verkkokauppa.com (In Finnish, translatable):
https://tietosuoja.fi/-/verkkokauppa.comille-seuraamusmaksu-asiakastietojen-sailytysajan-maarittelematta-jattamisesta-myos-vaatimus-asiakkaan-rekisteroitymisesta-oli-lainvastainenDid you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
In this episode Milla, Pilvi, and Jyri try to save their faces after the Episode #51 meltdown only to discover that they are forever changed by that experience. Just when we brace ourselves to move forward like “a granny in a bog” as the Finns say, we hear a suspicious announcement: “Please remain calm, the end of the pre-DMA era has arrived, we cannot save you, enjoy the ride” that pushes us into observing the first signs of the DMA doomsday and ask: what is the point of all the new consents rolling onto our screens? Will it be an effective way to control the digital markets?
Furthermore, we peek to the other side of the pond and see how the new executive order that the frisky American president has issued will change the US privacy forever… or is it just a big whoop about nothing? We also take a look at the EDPB’s opinion on the main establishment that seems like a promising idea but in reality, we arrive again to the question if it is—you guessed it–a big whoop about nothing?
So turn up the volume and hold on to your doomsday hat, because this and much more awaits you and our other 5 listeners in this episode.
LINKS:
About DMA
https://digital-markets-act.ec.europa.eu/about-dma_enThe US Executive Order:
https://www.whitehouse.gov/briefing-room/statements-releases/2024/02/28/fact-sheet-president-biden-issues-sweeping-executive-order-to-protect-americans-sensitive-personal-data/
EDPB on main establishments:
https://edpb.europa.eu/system/files/2024-02/edpb_opinion_202404_mainestablishment_en.pdfDid you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
We started this episode with so much enthusiasm, positivity, and excitement but we ended up thinking that this is the episode we wish to exercise our right to be forgotten on. We start with the Google case on, you guessed it, right to be forgotten, where the Swedish court ordered Google to pay SEK 50 million in fines and declared that Google cannot provide publishers a list of de-listed websites to the webmasters thus confirming the EDPB’s (and WP29’s) guidance on the matter.
We question the EDPB guideline and the Court’s ruling and somehow we end up in a very confusing situation where Pilvi rambles on, Jyri refuses to understand, and Milla is desperately looking for an exi(s)t sign. We caution you to listen at your own risk.
We also cover the latest DMA drama regarding Apple app store including Spotify’s hot take on it. Furthermore, we return to Google and wonder how the consent mode v2 can be legal?
Join in for the episode and please have mercy on us.
LINKS:
The Irish Independent article:
https://m.independent.ie/irish-news/courts/google-forced-to-stop-telling-publishers-about-right-to-be-forgotten-decisions-after-court-ruling/a596519256.html
Sweden’s Aftonbladet article: https://www.dagensmedia.se/medier/digitalt/dom-mot-google-vinner-laga-kraft/On Google’s consent mode v2:
https://www.cookiebot.com/en/googles-consent-mode-deadline-ads-privacy-compliance/
Spotify’s take on Apple store changes and the issues with the DMA:
https://newsroom.spotify.com/2024-01-26/apples-proposed-changes-reject-the-goals-of-the-dma/
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
Take a tight grip on your cups listeners, because today we are spilling the hottest tea of the legal world, a behind the scenes story of the AI Act. We delve into this with a person who had the front seat at the closed-door tea party: Dan Nechita, the Head of Cabinet to Romanian MEP Dragos Tudorache (Renew Europe) at the European Parliament. Dragos Tudorache has served as a rapporteur on the file.
Renew Europe is liberal, pro-European political group of the European Parliament founded for the ninth European Parliament term. The group is the successor to the Alliance of Liberals and Democrats for Europe (ALDE) group which existed during the sixth, seventh and eighth terms from 2004 to 2019. Renew Europe has been pushing for AI systems that respect fundamental rights and the EU's democratic values, provide legal certainty concerning innovation and investment, and facilitate the development of a single market for lawful and safe AI.
Dan takes us to the room where it all happened and talks about what transpired during the all-nighter negotiations in December. He also sheds light on the background of the AI Act and whether or not we can breath already or will there be more changes. We try to guess why did the AI Act leak as well as what happened to the General Purpose AI, and if the Fundamental Rights Risk Assessments is just a DPIA that slays.
We also discuss whether the legislators understand how expensive this will be for the organizations: is it a case of because you’re worth it…or because they can afford it?
...And Milla and Pilvi totally forgot that this was our 50. podcast. Oh well, we will celebrate at 100 then.
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
A new year of PrivacyPod is kicked off with an episode covering the hottest topics and most intriguing privacy news so far!
Hosted by Milla and Laura, in this show our privacy DSARs speculate what the actual is up with Meta’s consent or subscribe. And it would not be a 2024 privacy show if we would not dip in to what to expect in 2024 regarding recently leaked the EU AI Act.
We discuss a German case where the local court raised the bar high for answering data subject access requests (commonly known as DSARs) on time. Somewhat unexpectedly we find ourselves defending data brokers and cursing the difficulty of meeting those tough transparency requirements.
LinksMeta decision coming: https://politico-tech.simplecast.com/episodes/an-exit-interview-with-europes-most-powerful-privacy-regulator
Leaked AI act:
https://iapp.org/news/a/eu-ai-act-draft-consolidated-text-leaked-online/
German casehttps://www.arbeitsrechtsiegen.de/artikel/bewerberanspruch-auf-auskunft-nach-art-15-dsgvo-und-schadensersatz-aus-art-82-dsgvo/
Black tiger casehttps://www.gegevensbeschermingsautoriteit.be/burger/gba-sanctioneert-gegevensbeheerder-black-tiger-belgium-wegens-gebrek-aan-transparantie
https://www.autoriteprotectiondonnees.be/citoyen/lapd-sanctionne-lentreprise-de-gestion-de-donnees-black-tiger-belgium-pour-manque-de-transparence
https://www.dataguidance.com/news/belgium-dpa-issues-174640-fine-black-tiger-unlawful
Poland Bisnode 2019:
https://iapp.org/news/a/polands-dpa-issues-first-gdpr-fine/
https://uodo.gov.pl/en/553/1572 (The Supreme Administrative Court upheld the decision of
the Personal Data Protection Office (UODO)
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
In this week’s episode Milla discusses with Gabriel Silva from TravelPerk the best practices for using AI to enhance your work as a privacy professional. TravelPerk has recently started using a custom-built Legal Bot, which crunches through hundreds of privacy and other legal questions. What do you need to consider when you outsource legal work to a bot?
How do you finetune the model to make sure that the answers are relevant? Gabriel shares his practical experience on all of this. We also discuss other AI tools that are available for anyone. What kind of work tasks is AI good for? How to get started with prompting - and how to get better at it?
Gabriel is based in Barcelona and works as Legal Manager for privacy at Travel Perk which is a platform for business travel bookings. Gabriel has previously worked at Google at Google’s legal operations.
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
This week on PrivacyPod: EDPB’s guidelines on the infamous cookie article! EDPB published a couple of weeks back guidelines on the technical scope of Article 5(3) of the ePrivacy Directive (also known as the golden rule… no, sorry, the cookie rule).
Hannes (!), Heikki (!!), Laura (!!!!) and Milla (????) go through the guidelines, speculating why do we get guidelines on this topic right now, considering that the legislation is not exactly fresh out of the oven. What exactly is then the technical scope of the cookie article? And how will organizations go about implementing the new guidelines, once they have been adopted after the consultation period?
Also in this episode: Hannes, Heikki and Milla share reflections on the recent IAPP Brussels conference. Don’t worry though privacy folks, we only discuss the official program - what happens in Brussels, stays in Brussels.
Links:
edpb_guidelines_202302_technical_scope_art_53_eprivacydirective_en.pdf (europa.eu)
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
In this awaited and exciting episode Milla and Pilvi are experiencing a true fangirl moment as they welcome Tobias Judin, the Head of International Department at the Norwegian Data Protection Authority, Datatilsynet.
Accompanied by our new co-host Jyri they will dive into to discuss the Meta case on its rocky road with its legal basis for behavior based advertising.
Norwegian DPA has not only talked the talk but it has also walked the walk: as Tobias states, they see that the GDPR has to be enforced now and that the GDPR does have tools to do that.We discuss, among other things, how has the Norwegian DPA become the renegade DPA that takes such firm action? What has the road been like from 2018 to the EAA wide ban? What does Tobias think about the newest Meta solution: consent or pay?
We also touch upon subjects such as does transparency matter at all? How do you measure it? What about the IAB case and advertising funding journalism? Is the new “consent or pay” just Meta buying time and gaslighting?
We also have a big scoop in the episode, which we recognize with “cool cool”. This and much more awaits you.
Links:
Datatilsynet 17.7.2023: “Midlertidig forbud mot adferdsbasert markedsføring på Facebook og Instagram” https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2023/midlertidig-forbud-mot-adferds basert-markedsforing-pa-facebook-og-instagram/Datatilsynet 8.8.2023: “Meta-saken opp i Oslo tingrett”
https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2023/tvangsmulkt-til-meta-hvis-forbu d-ikke-folges/Datatilsynet 6.9.2023: “Datatilsynet vant mot Meta i Oslo tingrett”
https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2023/datatilsynet-vant-i-oslo-tingrett/
Datatilsynet 25.10.2023: “Meta går til ny sak mot Datatilsynet”
https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2023/meta-gar-til-ny-sak-mot-datatils ynet/
Datatilsynet 28.9.2023: “Meta-saken løftes til europeisk nivå”
https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2023/meta-saken-loftes-til-europeisk- niva/
Datatilsynet 31.10.2023: “Datatilsynets vedtak mot Meta utvides til EU/EØS og gjøres permanent”
https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2023/datatilsynets-vedtak-mot-meta- utvides-til-eueos-og-gjores-permanent/
EDPB 1.11.2023: “EDPB Urgent Binding Decision on processing of personal data for behavioural advertising by Meta”
https://edpb.europa.eu/news/news/2023/edpb-urgent-binding-decision-processing-persona l-data-behavioural-advertising-meta_en
Meta: “How Meta Uses Legal Bases for Processing Ads in the EU”
https://about.fb.com/news/2023/01/how-meta-uses-legal-bases-for-processing-ads-in-the-eu/
TechCrunch 1.8.2023: “Meta says it will offer Europeans a free choice to deny tracking”
https://techcrunch.com/2023/08/01/meta-says-yes-to-consent/
TechCrunch 3.10.2023: “Meta planning ad-free subscription or tracking ads ‘choice’ in EU, per WSJ — in latest bid to keep snooping”
https://techcrunch.com/2023/10/03/meta-subscription-vs-consent/
Meta: “Facebook and Instagram to Offer Subscription for No Ads in Europe”
https://about.fb.com/news/2023/10/facebook-and-instagram-to-offer-subscription-for-no-a ds-in-europe/
Case C‐252/21 Judgment: https://curia.europa.eu/juris/document/document.jsf?text=&docid=275125&pageIndex=0& doclang=EN&mode=req&dir=&occ=first&part=1
Case C‐252/21Press release: https://curia.europa.eu/jcms/upload/docs/application/pdf/2023-07/cp230113en.pdf
DPC Meta decisions January 2023:
https://www.dataprotection.ie/en/news-media/data-protection-commission-announces-con clusion-two-inquiries-meta-irelandDid you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
In this news episode, Milla and Pilvi jump into the most interesting news (in their opinion at least) of the recent weeks and that takes us to a journey that will include Googling, Star Wars, elderly millennials trying to exists in the world they don’t understand, and Jean-Jacques Rousseau’s book Émile ou De l'éducation from 1762.
But we also actually go through the recent privacy news, including the recent CANAL+ case from France, EDPB’s coordinated action -action, an interesting case on legal bases legal obligation and public interest from Sweden that also include somewhat puzzling takes on CCTV and article 13..or 14 (there’s the question!)? We also discuss Meta being sued by 41 states in the US, EU Commission’s next DSA actions towards social media giants and the latest from the mysterious world of AI.
"So it seems like this internet thing is here to stay, huh?"
Chandler Bing
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
In this episode, Hannes and Milla welcome Jussi Leppälä, the of Valmet (a leading global developer and supplier of technologies, automation and services for the pulp, paper and energy industries) to delve into the interesting world of IoT -based data sharing of the future.
What is the underlying intent of the Data Act? How does it interact with other data laws? How will it be enforced?
Delving deeper into the Data Act, we look at the actual scope of data sharing obligations, how they would work in practice and alongside the GDPR’s data subject or towards third parties.
Join us to get insights on whether Data Act will be effective in fostering European small and medium sized companies … or enterprises outside of the EU. Are your data related trade secrets also protected tomorrow? And much, much more!
Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on harmonised rules on fair access to and use of data (Data Act)
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=COM%3A2022%3A68%3AFIN
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
Meta is considering a move to cookie-paywall some listeners may know (and already hate) from German newspaper websites. As the legal basis for Meta’s personalised ads (the company’s main money-maker) is being pushed towards consent from all fronts, Meta is considering desperate means. But is it all just a ruse, as convincing as Meta’s earlier threats about leaving the EU because of data transfer issues?
In other news, Pilvi and Milla discuss Irish Data Protection Commission’s 345 MEUR fine to TikTok. We also discuss once more the Grindr case from Norway, where the appeals board upheld the earlier fine. We also cover UK Information Commissioner’s preliminary enforcement notice against Snap, BBC blocking ChatGPT from using its content and lots more.
Links:
Meta (Facebook / Instagram) to move to a "Pay for your Rights" approach (noyb.eu)
Meta Plans to Charge $14 a Month for Ad-Free Instagram or Facebook - WSJ
UK Information Commissioner issues preliminary enforcement notice against Snap | ICO
Record fine in the Grindr case confirmed | Datatilsynet
BBC blocks ChatGPT from using its content (thetimes.co.uk)
Google adds a switch for publishers to opt out of becoming AI training data - The Verge
Irish Data Protection Commission announces €345 million fine of TikTok | 15/09/2023 | Data Protection Commission
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
In this episode, join Pilvi, Hannes, and Floora as they take a deep dive into the world of Mergers and Acquisitions (commonly known as M&A) from a privacy perspective. They'll explore the intriguing question of whether the M&A process differs in the realm of privacy compared to other areas of law. If so, what sets it apart, and does it make sense to approach privacy M&A in the traditional manner?
Listeners can expect a lively and informative discussion on the intricacies of privacy M&A. Our hosts will shed light on the varying perspectives of in-house counsel, external advisors, and walk you through the general M&A process, step by step. Additionally, they'll engage in a thoughtful conversation about proposals aimed at advancing the field of privacy M&A.
Tune in for an insightful and educational journey through the legal landscape of privacy M&A, where we explore the unique challenges and opportunities that arise in this ever-evolving field. Furthermore, tune your ears to the finest, because eagle ear listeners can hear our ultracute privacy poodle Hubert weigh in on M&A as well!
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
Joost Case Corner (JCC) is back! As per usual, there’s no way we will cover all of the Court of Justice of the European Union (CJEU) goodness in under one hour, so buckle up for an extra-long special episode.
Its a perfect catch up with the lates court action and since its been a while, we can hear our presenters (Milla mainly) trip over some pretty basic EU abbreviations. So all you EU nerds there, prepare to scream really hard to your earphones what TFEU stands for.
We discuss three cases with final judgments already out there: Meta v Bundeskartellamt (C-252/21), Pankki S (C-579/21) and Lietuvos Respublikos (C-162/22).
Under our section on ongoing cases we go through five cases that will likely shake the privacy world once decided: ILVA (C-383/23), Mousse (C-394/23), Österreichische Datenschutzbehörde (C-416/23, which Milla can pronounce perfectly, just wait for it), IAB Europe (C-604/22, sad that Heikki isnt here to rant) EDPS v SRB (C-413/23 P, yes, that annoying pseudonyisation case where normies claim that GDPR doesnt apply). The cases cover definition of personal data, pseudonymization and anonymization, calculation of fines and much more.
We know, you might be a bit lagging behind on the case law, so no worries! This is your cue to press play and dig through the intricacies of data protection case law with Joost, Milla and Pilvi.
Cases covered in the episode:
Cases with final judgments:
Meta v Bundeskartellamt (C-252/21)
Pankki S (C-579/21)
Lietuvos Respublikos (C-162/22)
Ongoing cases:
ILVA (C-383/23)
Mousse (C-394/23)
Österreichische Datenschutzbehörde (C-416/23)
IAB Europe (C-604/22)
EDPS v SRB (C-413/23 P)
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
This week Pilvi and Milla do a deep dive into two recent cookie related rulings from Nordic data protection authorities. First we discuss the Bonnier case from IMY, the Swedish data protection authority. Whilst not strictly only about cookies, this case discusses the further processing of data collected with cookies - and more specifically, whether this processing can be based on legitimate interest (IMY says no).
The second half of the show we discuss Traficom’s ruling on the Nordic media company Sanoma’s cookie practices. Lots to unpack there: necessity of certain analytics cookies, retention times, representation of legitimate interest in cookie banners and much more. Both of the cases have been appealed.
Links:
Sanoma Media Finland Oy.pdf (kyberturvallisuuskeskus.fi)
Tillsyn: Bonnier News AB | IMY
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
This week we are fangirling over Wolt’s approach to algorithmic transparency. We have Wolt’s public policy manager Ylwa Rein join us for this episode, where we walk through the process of creating an algorithmic transparency report: what’s the legal background and requirements, who to involve in the project, how to get management buy-in and much more.
We also chat with Ylwa about finding a job where you can make an impact, and how algorithmic transparency contributes to a more fair digital society.
Links:
Transparency at Wolt - Wolt (Finland)
Unveiling the second edition of the Wolt Algorithmic Transparency Report
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
In this episode, Milla and Pilvi take a look at the brand new Data Privacy Framework. The discussions include but you bet are not limited to topics such as the sadly-not-so-funky-name of the framework (why not Privacy Trampoline?) and the identity crisis that surely all privacy professionals shall now have to face: who are we without the discussions and work on US transfers? What should one do with all the time saved? How long will this last and should we already start buying toilet paper and canned food and prepare for the downfall of the worl…DPF?
We also take a look at the recent Google Analytics cases, discuss if all the issues with Google Analytics disappeared with the DPF and we also sniff the hot and humid air of Doha not forgetting the legendary summer sheepe of Milla.
Links:
Adequacy decision:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
Press release:
https://ec.europa.eu/commission/presscorner/detail/en/ip_23_3721
Data Privacy Framework (DPF) website (check out e.g. faq section Frequently Asked Questions):
https://www.dataprivacyframework.gov/s/
EDPB Information note on EU-US data transfers:
https://edpb.europa.eu/our-work-tools/our-documents/other/information-note-data-transfers-under-gdpr-united-states-after_en
NOYB Press Release July 10:
https://noyb.eu/en/european-commission-gives-eu-us-data-transfers-third-round-cjeu
IMY (Swedish DPA) press release on the 4 Google Analytics cases:
https://www.imy.se/en/news/four-companies-must-stop-using-google-analytics/
Norwegian DPA on Google Analytics:
https://www.datatilsynet.no/aktuelt/aktuelle-nyheter-2023/vedtak-i-google-analytics-saken/
https://www.datatilsynet.no/personvern-pa-ulike-omrader/internett-og-apper/rad-for-analyse-og-sporing-pa-nettsted/
Danish DPA on Google Analytics:
https://www.datatilsynet.dk/presse-og-nyheder/nyhedsarkiv/2023/jul/brug-af-google-analytics-kraever-ikke-kun-lovlige-overfoersler-til-usa
Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
-
In this episode of PrivacyPod, Joost and Panu talk to professor Herke Kranenborg who holds a chair in European Data Protection and Privacy Law at Maastricht University. In addition, professor Kranenborg is a member of the European Commission's Legal Service, which serves as an in-house legal counsel to the commission as well as represents the Commission in the Court of European Union in Luxembourg.
Professor Kranenborg has a interesting position in the commission as he has taken part in many of the privacy related cases in the European Court of Justice as a commission representative.
You can hear Joost being a bit starstruck with his hero in this episode, but in the end he handles it well.
Professor Kranenborg gives us an unique look into what it is like to prepare and argue in the one of the most important privacy cases in this decade from the commission perspective. We also discuss other landmark cases, so get your pencils ready! Or actually, you dont, since all the cases are listed here below.
And what is the most important case this year according to professor Kranenborg? Listen in, and you will find out.
Delivered judgments Judgment of 6 November 2003, Lindqvist, C-101/01, EU:C:2003:596
Judgment of 8 November 2007, Bavarian Lager v Commission, T-194/04, EU:T:2007:334
Judgment of 29 June 2010, Commission v Bavarian Lager, C-28/08 P, EU:C:2010:378
Judgment of 9 March 2010, Commission v Germany, C-518/07, EU:C:2010:125
Judgment of 16 October 2012, Commission v Austria, C-614/10, EU:C:2012:631 Judgment of 8 April 2014, Commission v Hungary, C-288/12, EU:C:2014:237
Judgment of 16 July 2020, Facebook Ireland and Schrems (Schrems II), C-311/18, EU:C:2020:559 Judgment of 6 October 2020, Privacy International, C-623/17, EU:C:2020:790 Judgment of 6 October 2020, La Quadrature du Net and Others, C-511/18, C-512/18 and C-520/18, EU:C:2020:791 Judgment of 15 June 2021, Facebook Ireland and Others, C-645/19, EU:C:2021:483 - Advocate General Bobek's opinion: https://eur-lex.europa.eu/legal-content/AUTO/?uri=ecli:ECLI:EU:C:2021:5 Judgment of 24 March 2022, Autoriteit Persoonsgegevens, C-245/20, EU:C:2022:216 - Advocate General Bobek's opinion: https://eur-lex.europa.eu/legal-content/AUTO/?uri=ecli:ECLI:EU:C:2021:822 Judgment of 5 April 2022, Commissioner of An Garda Síochána and Others, C-140/20, EU:C:2022:258
Judgment of 20 September 2022, VD and SR, C-339/20 and C-397/20, EU:C:2022:703
Judgment of 4 May 2023, Österreichische Datenschutzbehörde and CRIF, C-487/21, EU:C:2023:369
Pending cases CJEU DPC v EDPB I (Facebook) (T-70/23) CJEU DPC v EDPB II (Instagram) (T-84/23) CJEU DPC v EDPB III (Whatsapp) (T-111/23) CJEU Meta v EDPB I (T-682/22) CJEU Meta v EDPB II (Instagram) (T-128/23) CJEU Meta v EDPB III (Facebook) (T-129/23) CJEU WhatsApp Ireland v EDPB (C-97/23 P) CJEU Meta v Bundeskartellamt (C-252/21) CJEU Endemol Shine Finland (C-740/22) CJEU Österreichische Datenschutzbehörde (C-33/22) CJEU LQDN and Others (Personal data and the fight against counterfeiting (C-470/21) - Advocate General Szpunar's opinion: https://eur-lex.europa.eu/legal-content/AUTO/?uri=ecli:ECLI:EU:C:2022:838 Full list of pending cases available at https://digibeetle.euDid you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u
We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email:
Twitter: https://twitter.com/PodPrivacy, #privacypod
Instagram: @privacypod
LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/
Email: [email protected]
- Mostrar más
