Data Protection Authorities of a number of European countries (notably, France, Spain, Belgium, Netherlands) has announced a formal action in the Facebook case. The announcement and summaries are available here. To tackle this particular issue DPAs formed a devoted Contact Group allowing a coordinated analysis. Pretty unprecedented move.
Few years…
Read more
In this post we describe and demonstrate a neat trick to exfiltrate sensitive information from your browser using a surprising tool: your smartphone or laptop’s ambient light sensor.
In short:
1. We provide background about the light sensor API and current discussions to expose it more broadly to websites.…
Read more
When is Privacy Impact Assessment (PIA) or Data Protection Impact Assessment (DPIA) necessary and mandatory according to the General Data Protection Regulation (GDPR)? So far there has been a lot of ambiguity surrounding the issue.
I previously wrote about the DPIA guidelines (and its challenges) suggested by the Privacy Commission…
Read more
ePrivacy is one of the most crucial European privacy and data protection regulations.
I already wrote about ePrivacy, analysing its leaked and the later official draft versions. The ePrivacy regulation is important because it touches a number of influential aspects such as: electronic communication, web technologies, and web browsers. To…
Read more
Designing standards with privacy in mind should be a standard in itself. Historically this was not always the case and the idea of designing systems with privacy is relatively new - it dates from the beginning of this decade. One of the milestones is accepting this view on the IETF…
Read more