Category: Personal Data

WhatsApp will share user information with Facebook

26. August 2016

Jan Koum, one of WhatsApp’s founders, stated shortly after selling WhatsApp to Facebook in 2014 that the deal would not affect the digital privacy of his mobile messaging service with millions of users.

However, according to the New York Times WhatsApp is about to share user information with Facebook. This week, WhatsApp published a statement saying that it will start to disclose phone numbers and analytics data of its users to Facebook. By doing so, it will be the first time that WhatsApp will connect the data of its users to Facebook.

Furthermoere, due to the fact that WhatsApp begins to built a profitable business after its previous little emphasis on revenue, it is now changing its privacy policy to the extent that WhatsApp wants to allow businesses to contact customers directly through its platform.

WhatsApp commented on the new privacy policy “We want to explore ways for you to communicate with businesses that matter to you, too, while still giving you an experience without third-party banner ads and spam”.

The new privacy policy will allow Facebook to use a users’s phone number to improve other Facebook-operated services like making new Facebook friend suggestions or better-tailored advertising.

However, WhatsApp underlines that neither it nor Facebook will be able to read users’ encrypted messages and emphasizes that individual phone numbers will not be given to advertisers.

Koum explained that “Our values and our respect for your privacy continue to guide the decisions we make at WhatsApp” and went on “It’s why we’ve rolled out end-to-end encryption, which means no one can read your messages other than the people you talk to. Not us, not Facebook, nor anyone else” and concluded “Our focus is the same as it’s always been — giving you a fast, simple and reliable way to stay in touch with friends and loved ones around the world.”

WhatsApp’s new privacy policy raises concerns due to the lack of data protection. Therefore, the president of the Electronic Privacy Information Center, Marc Rotenberg commented that it is about to file a complaint next week with the Federal Trade Commission in order to prevent WhatsApp from sharing users’ data with Facebook. Rotenberg justified this approach as “Many users signed up for WhatsApp and not Facebook, precisely because WhatsApp offered, at the time, better privacy practices” he explained “If the F.T.C. does not bring an enforcement action, it means that even when users choose better privacy services, there is no guarantee their data will be protected.”

 

Microsoft acquires LinkedIn: privacy issues arise

16. June 2016

Early this week, Microsoft announced the acquisition of LinkedIn, a professional network with more than 400 million users. This makes LinkedIn to be one of the largest databases worldwide. The acquisition will allow Microsoft to have access to the professional profiles of LinkedIn users.

According to Microsoft´s CEO, Satiya Nadella, this operation will make possible that, for example, LinkedIn´s newsfeed shows articles related to the project the user is working on and on the other hand, Office may suggest professionals in LinkedIn who are experts in the task that is being completed at the time.

However, privacy related issues have aroused upon the acquisition, especially regarding the amount of personal data that LinkedIn processes. Dimitri Sirota, CEO of BigID, a customer data protection company, states that Microsoft should show that this acquisition “can enrich the software offerings from Microsoft in areas such as CRM, communication, productivity, etc.” He also remarks the importance of personal data management, so that there is no infringement of local data privacy legislations.

Software companies, such as Microsoft, gain marketing, sales and intelligence value through these kind of operations, but they also have to deal with privacy risk and compliance legislation.

In this scenario, LinkedIn should continue handling personal data as stipulated in its terms of service. This does not prevent Microsoft from signing a data transfer agreement with LinkedIn in order to have access to the data. Such access would allow Microsoft to analyze the personal data received.

Several IT-Security experts agree on the fact that data privacy and data protection should stay at the foreground.

Is an exam personal data?

11. May 2016

EU data protection legislation has been lately updated in several aspects. Last week, the GDPR was finally published in the Official Journal of the EU, also the Passenger Name Record (PNR) Directive and the Directive related to criminal records held by authorities have been published in the Official Journal of the EU.

In this evolving landscape, new questions related to the application of EU data protection legislation are arising. Recently, the Irish Supreme Court raised a question to the ECJ related to the scope of application of the definition of personal data. A man that took an accounting exam exercised his right to data subject access request regarding this exam on the basis of Irish Data Protection Laws. However, this access request was refused based on the argument that the data he wrote on the accounting exam could not be referred to as “personal data”, as it was not his “own” personal data, but data related to the subject of the exam in question.

According to the EU definition, personal data is “any information relating to an identified or identifiable natural person”. The scope of this definition is essential in order to determine if data protection laws are applicable or not. In this case, the ECJ will have to answer to this question in a preliminary ruling. In a similar case, an applicant for a Dutch residence permit exercised an access request, which had been refused. The refusal was based on a legal opinion. The ECJ stated that a legal opinion refers to a situation and not to personal data. However, counter-arguments may be given in order to support the inclusion of an exam in the definition of personal data, such as the person´s handwriting or the remarks of the examiner that may be related to the person who wrote the exam, etc.

The ECJ will have to decide whether such data is subject to data protection legislation and, therefore, the data subject access request should be accepted.

Pages: Prev 1 2 3 ... 6 7 8 9 10 11 12 13 14 15 16
1 14 15 16