PrivacyPod

And we are back once again with Joosts Case Corner! This time we dive deep into the past, present and future of the Court of Justice of the European Union with upcoming cases as well as latest judgments. Panu and Joost explore the continous push and pull of GDPR enforcement. On the other hand, it seems like the GDPR puts aside any rights (the Luxembourg Business Registers case). On the other, there seems to be forming limits to the GDPR application in some areas (the Pankki S case). If you have missed the CJEU action lately, no worries, this episode will put you back in track on what has been happening in the highest court in the EU. The hosts discuss in this loong episode about several cases and in the process of doing that, they give Milla a good chance to issue an correction. So load up your earpods and get your pencils ready, because this is going to be a pleasure. Reading material: Report about 22 GDPR: https://fpf.org/blog/fpf-report-automated-decision-making-under-the-gdpr-a-comprehensive-case-law-analysis/ New cases: C-672/22 (DKV) + Advocate General conclusion of 15 December 2022, C-487/21 (Österreichische Datenschutzbehörde and CRIF) C-693/22 (I) T-682/22 (Meta v EDPB) C-740/22 (Endemol Shine Finland) C-757/22 (Meta Platforms Ireland) Questions and overview of all pending cases available at: https://gdprbeetle.eu/which-cjeu-data-protection-cases-are-currently-pending/ Judgments C-129/21 (Proximus) C-37/20 and C-601/20 (Luxembourg Business Registers) C-154/21 (RW)   Hearing C-634/21 (SCHUFA Holding and Others (Scoring)) on 26 January 2023 at 14:30 (First Chamber)   A-G opinion C-579/21 (Pankki S.) Did you enjoy our show? Support us by buying us a coffee here: https://bmc.link/privacypod4u We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email: Twitter: https://twitter.com/PodPrivacy, #privacypod Instagram: @privacypod LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/ Email: tietosuojapod@protonmail.com

25 Jan 20231h 28min

We start this year of PrivacyPod with a recap of recaps of year 2022. Milla and Hannes Saarinen (from our Finnish podcast) go head-to-head on a quirky quiz drawn up by Panu. I have a bad feeling about this. Milla and Hannes will be scratching their heads on terms like "privacy zuckering" as well as trying to once again remember what was Privacy Shield 2.0 all about. And of course, Panu makes few mistakes, which dont effect the end result. What was case C-245/20 about? Can you remember cases by their number? If you can, you would shine in the lightning round of Privacy/Not Privacy! We have also asked our guests and presenters to give predictions on the privacy year 2023 and dare I say, they are very intruiging. And no, not all of them are about data transfers to the US.  Who will take on the crown of privacy champion of 2022? Well, for that, you need to listen to the episode, they are both pretty competetive. We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email: Twitter: https://twitter.com/PodPrivacy, #privacypod Instagram: @privacypod LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/ Email: tietosuojapod@protonmail.com

20 Jan 202351min

There's no such thing as too much talk about Schrems II, right? Tune in for our talk with the absolute expert on this topic, Eduardo Ustaran. We discuss the current state of international data transfers and when we can expect the new transfer deal to be finalized.   Eduardo tells us his learnings from assessing third country privacy laws: every country has some sort of surveillance regime in place, but when are the safeguards imposed on it sufficient in the EU's eyes? And of course, lots of talk about assessing risk in data transfers. We are not done with the risk based approach yet.   Eduardo also brings us greetings from IAPP's Brussels Congress, where he had the chance to discuss the Schrems II decision with Schrems himself. Should we already be expecting a Schrems III decision?   Recording of Schrems & Ustaran conversation moderated by Caitlin Fennessy at IAPP Brussels: https://iapp.org/news/video/schrems-ii-the-eu-us-dpf-stakeholders-volley-iapp-europe-data-protection-congress-2022/    We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email: Twitter: https://twitter.com/PodPrivacy, #privacypod Instagram: @privacypod LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/ Email: tietosuojapod@protonmail.com

25 Nov 20221h 5min

Time for another Case Corner with Joost Gerritsen! What's been cooking in the CJEU, you ask? We're here to tell you! In this extra-long episode we discuss Digi, concerning the use of personal data in testing environments and whether that can be considered compatible use. Also on our list a few upcoming decisions - AG Decision on Österreichische Post regarding data protection damages, the pending log data case and lots more. In case you're interested in watching the cases live, the streaming website is this: https://curia.europa.eu/jcms/jcms/p1_1477137/en/ Only Grand Chamber judgments and opinions are streamed (so not the hearings, as far as we know). The stream will appear automatically around 09:15 – 09:30. At 09:30 the stream starts. Digi, C-77/21; https://curia.europa.eu/juris/liste.jsf?num=C-77/21 Spacenet, C-793/19; https://curia.europa.eu/juris/liste.jsf?lgrec=fr&td=%3BALL&language=en&num=C-793/19&jur=C VD and others, C-339/20; https://curia.europa.eu/juris/liste.jsf?language=en&td=ALL&num=C-339/20%20and%20C-397/20 UI v Österreichische Post AG, C-300/21; https://curia.europa.eu/juris/liste.jsf?language=en&td=ALL&num=C-300/21 Meta Platforms and Others, C-252/21; https://curia.europa.eu/juris/liste.jsf?language=en&td=ALL&num=C-252/21 IAB Europe, C-604/22; https://curia.europa.eu/juris/liste.jsf?language=en&td=ALL&num=C-604/22 KNLTB v Autoriteit Persoonsgegevens, C-621/22; https://curia.europa.eu/juris/liste.jsf?language=en&td=ALL&num=C-621/22 Pankki S, C-579/21, https://curia.europa.eu/juris/liste.jsf?num=C-579/21&language=en    We would love to get feedback – so please tag us, follow us, DM us, or send us traditional email: Twitter: https://twitter.com/PodPrivacy, #privacypod Instagram: @privacypod LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/ Email: tietosuojapod@protonmail.com

27 Okt 20221h 30min

In this episode, Milla and Pilvi are pressing play on their inner gamers as today's guest, Jussi Honkasalo, Senior Legal Counsel and DPO at Rovio (the home of the legendary Angry Birds), gives us a let's play tour around the privacy of mobile games. (Ok, did we get any previous gaming sayings right?)  We discuss, for example, how is it possible to build a global mobile game in the jungle of different kinds of privacy regulations globally -- especially when the target audience of mobile games is vast not just geographically but also age-wise? What are the most critical privacy aspects to take into account? What would be the best ways to comply with transparency requirements with such a broad audience -- could, for example, the amazing game designers be of help here? We also discuss what kind of privacy requirements gaming platforms, from where mobile games are downloaded, have and if these requirements have an impact on gaming companies.    We also briefly discuss the new "EO" (Executive Order on Enhancing Safeguards for United States Signal Intelligence Activities), which tries to patch up the holes exposed by Schrems II.  Press play on the console/device of your choice, and jump into the world of gaming! Executive Order on Enhancing Safeguards for United States Signal Intelligence Activities: https://www.whitehouse.gov/briefing-room/presidential-actions/2022/10/07/executive-order-on-enhancing-safeguards-for-united-states-signals-intelligence-activities/   We know we are not going to get any, but we would love to get feedback – so please tag us, follow us, DM us, or send us traditional email: Twitter: https://twitter.com/PodPrivacy, #privacypod Instagram: @privacypod LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/ Email: tietosuojapod@protonmail.com

21 Okt 20221h 3min

This week we discuss the latest developments in ad tech privacy with Peter Hense. Peter is a partner at Spirit Legal, where he specializes in data privacy litigation, particularly in the area of advertising technology. In this episode we cover the Danish DPA's guidance on Google Analytics as well as CNIL's guidance on using proxy servers as a supplementary measure to combat Schrems II issues.   Also on the table: is Google Analytics 4 any better for privacy than Universal Analytics, where is ad tech headed in the future and what is the one thing Peter would change about the GDPR.   Danish DPA - press release on Google Analytics https://www.datatilsynet.dk/english/google-analytics/use-of-google-analytics-for-web-analytics   Danish DPA Q&A https://www.datatilsynet.dk/english/google-analytics   CNIL guidelines for making GA compliant https://www.cnil.fr/en/google-analytics-and-data-transfers-how-make-your-analytics-tool-compliant-gdpr We’d love to get feedback – so please tag us, follow us, DM us… or send us traditional email: Twitter: https://twitter.com/PodPrivacy, #privacypod Instagram: @privacypod LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/ Email: tietosuojapod@protonmail.com

29 Sep 20221h 24min

We're back from our summer break! This week on the podcast we discuss privacy and security issues in in-app browsers. Many apps do some tracking, but TikTok seems to win the price this time around on being the most intrusive social media app in this regard. Panu and Milla are disagreeing on what level of concerned one should be about this. We also discuss the Finnish Prime Minister's party scandal (from a very serious privacy angle, not just gossiping), the Danish DPA banning the use of Chromebooks in schools and lots more.   TikTok https://krausefx.com/blog/announcing-inappbrowsercom-see-what-javascript-commands-get-executed-in-an-in-app-browser   Dutch Football case https://www.fedma.org/2022/07/dutch-court-closes-voetbaltv-case-but-balance-to-the-gdpr-legitimate-interest-is-yet-to-be-restored/ https://www.raadvanstate.nl/uitspraken/@132243/202100045-1-a3/?highlight=voetbaltv#toonpersaankondiging   Danish DPA banning use of Chromebooks https://techcrunch.com/2022/07/18/denmark-bans-chromebooks-and-google-workspace-in-schools-over-gdpr/ https://www.datatilsynet.dk/presse-og-nyheder/nyhedsarkiv/2022/aug/ny-afgoerelse-datatilsynet-fastholder-forbud-i-chromebook-sag   We’d love to get feedback – so please tag us, follow us, DM us… or send us traditional email: Twitter: https://twitter.com/PodPrivacy, #privacypod Instagram: @privacypod LinkedIn: https://www.linkedin.com/company/tietosuojapod/about/ Email: tietosuojapod@protonmail.com

24 Aug 20221h 7min

Dear listeners - technology is not neutral. That's the premise of the book from our this week's guest, Stephanie Hare.   In this episode, Stephanie shares with us her insights on technology ethics. Sure, privacy is an important part of ethical design, but what else does it entail? And who bears the responsibility for raising their voice, when something doesn't seem right?   More on Stephanie and her book "Technology Is Not Neutral: A Short Guide to Technology Ethics" here: https://www.harebrain.co/   We’d love to get feedback – so please tag us, follow us, DM us… or send us traditional email: Twitter:  https://twitter.com/PodPrivacy, #privacypod Instagram: @privacypod LinkedIn:  https://www.linkedin.com/company/tietosuojapod/about/ Email: tietosuojapod@protonmail.com

25 Mai 20221h 1min