The European Data Protection Board (EDPB) has issued new guidelines on the pseudonymization of personal data, emphasizing how it differs from anonymization, yet is still a valuable tool for data controllers to meet their GDPR obligations. According to the guidelines, pseudonymization is the processing of personal data in such a manner that it can no longer be attributed to a ...
In a lawsuit brought by WhatsApp (owned by Meta) against NSO Group Technologies, the court granted partial summary judgment in favor of WhatsApp, finding NSO liable for violations of the federal Computer Fraud and Abuse Act (CFAA), the California Comprehensive Computer Data Access and Fraud Act (CDAFA), and breach of contract.
NSO was accused of sending malware through WhatsApp’s system ...
The Federal Trade Commission (FTC) has taken action against Mobilewalla, Inc., a data broker, for collecting and selling sensitive location data without obtaining proper consent from consumers. The FTC’s complaint alleges that Mobilewalla gathered data from real-time online ad bidding exchanges and third-party aggregators, often without consumers’ knowledge. This data included precise locations of individuals, such as visits to health ...
The Digital Operational Resilience Act (DORA) became effective on January 17, 2025, significantly impacting any supplier of technology to the financial sector in the European Union (EU), regardless of their location.
This EU regulation represents a major shift aimed at ensuring that financial institutions are resilient to operational disruptions, particularly those stemming from ICT (Information and Communication Technology) vulnerabilities. DORA ...
In a unique decision, the Haifa Magistrate Court in Israel ruled that documents generated by artificial intelligence (AI) may be misleading and could compromise the independent judgment of a court-appointed expert. While the decision is not a binding precedent, it signals Israeli courts’ possible skepticism towards AI-generated evidence, particularly where impartiality is mandated.
The legal dilemma arose in an ordinary ...
The Israeli Privacy Protection Authority (PPA) recently issued a new directive detailing the requirements for transferring ownership of databases of personal data. Directive No. 2/2024 emphasizes the transferor’s obligation to notify data subjects when ownership changes.
According to the directive, any change in ownership warrants notification to data subjects regarding the new owner’s identity and contact information, giving them the ...
New user? Click here to register