• Privacy Law Update

Privacy Law Update: August 30, 2021


Rick Buck Chief Privacy Officer

Stay up to date with this weekly release covering key developments on data privacy laws, technology, and other hot privacy topics!

Newsworthy Updates

UK Announces Independent Adequacy Decisions

In June, the European Commission adopted a pair of adequacy decisions for the U.K., and now the British government has laid out a new slate of initiatives to clarify the picture even further. The U.K. plans to strike independent data adequacy decisions with its international partners, with the goal of delivering alternative data transfer mechanisms and to remove barriers for international data flows.

A Digital World Without Dark Patterns: ‘That’s Not a Huge Ask, Is It?’

Remember the mail-order compact discs popular in the ’90s that automatically turned into a monthly subscription, when all you wanted to do was listen to a few favorite songs? Ways to manipulate or sway consumers in a certain direction are nothing new; they’ve been around for years. Known today as “dark patterns,” such practices continue to advance in the digital age and are catching the attention of companies, regulators and consumers.

Would Anyone In Their Right Mind Reopen The GDPR? The IAF’s Answer Is Yes.

The Information Accountability Foundation believes the EU General Data Protection Regulation should be amended to explicitly include knowledge creation and scientific research as legal bases to process personal data, providing a foundation for the responsible use of artificial intelligence. The IAF’s blog summarizing its comments on the European Commission’s proposed regulation on artificial intelligence suggested that the GDPR “should make possible technology applications such as AI” and that “there are unresolved tensions between the AI Regulation and the GDPR.” In particular, it is the IAF’s view the GDPR needs to be revised to accommodate knowledge creation. Data-driven knowledge creation and scientific research are increasingly the basis for progress. To encourage and effectively control these activities, data protection law must regulate them and set sensible boundaries but not inadvertently preclude them. The AI Regulation is just the latest example of why the GDPR needs to be changed to add both knowledge creation and scientific research as legal bases to process data pertaining to people. The current approach does not enable a clear legitimate way to process data for these purposes and applies the same approach and requirements to the risks associated with the application of knowledge.

Privacy Legislation

Future proof your privacy program with WireWheel’s Trust Access and Consent Center and WireWheel’s Privacy Operations Manager.

Request Demo
Rick Buck is the WireWheel Chief Privacy Officer and acts as a Privacy Advisor to WireWheel clients, helping them with the implementation and optimization of their privacy programs. Over the past 20 years, Rick has…