Meta Fined $1.3 Billion for Violating E.U. Data Privacy Rules; The New York Times, May 22, 2023

Adam Satariano, The New York Times ; Meta Fined $1.3 Billion for Violating E.U. Data Privacy Rules

"Meta on Monday was fined a record 1.2 billion euros ($1.3 billion) and ordered to stop transferring data collected from Facebook users in Europe to the United States, in a major ruling against the social media company for violating European Union data protection rules...

The ruling, which is a record fine under the General Data Protection Regulation, or G.D.P.R., could affect data related to photos, friend connections and direct messages stored by Meta. It has the potential to bruise Facebook’s business in Europe, particularly if it hurts the company’s ability to target ads. Last month, Susan Li, Meta’s chief financial officer, told investors that about 10 percent of its worldwide ad revenue came from ads delivered to Facebook users in E.U. countries. In 2022, Meta had revenue of nearly $117 billion."

Fair and unfair algorithms: What to take into account when developing AI systems to fight COVID-19; JD Supra, April 17, 2020

Fabia Cairoli and Giangiacomo Olivi, JD Supra; Fair and unfair algorithms: What to take into account when developing AI systems to fight COVID-19

"The regulatory framework includes a number of sources from which to draw inspiration when developing AI technology. One of the most recent ones, the White Paper on Artificial Intelligence of the European Commission, is aimed at defining the risks associated with the implementation of AI systems, as well as determining the key features that should be implemented to ensure that data subjects’ rights are complied with (please see our articles The EU White Paper on Artificial Intelligence: the five requirements and Shaping EU regulations on Artificial Intelligence: the five improvements for a more detailed analysis).

It is worth noting that, particularly in relation to the development of AI technologies to fight the pandemic, the legislator is required to pay great attention to the principles and security systems. Risks associated to AI relate both to rights and technical functionalities. EU member states intending to use AI against COVID-19 will also need to ensure that any AI technology is ethical and is construed and operates in a safe way.

With regards to ethics, it is worth noting that the European Commission issued Ethics Guidelines for Trustworthy AI in April 2019. Those guidelines stressed the need for AI systems to be lawful, ethical and robust (more particularly, AI should comply with all applicable laws and regulations, as well as ensure adherence to ethical principles / values and be designed in a way that does not cause unintentional harm).

With the aim of ensuring that fundamental rights are complied with, the legislator should consider whether an AI system will maintain respect for human dignity, equality, non-discrimination and solidarity. Some of these rights may be restricted for extraordinary and overriding reasons – such as fighting against a pandemic – but this should take place under specific legal provisions and only so far as is necessary to achieve the main purpose. Indeed, the use of tracking apps and systems that profile citizens in order to determine which ones may suffer from COVID-19 entails the risk that an individual’s freedom and democratic rights could be seriously restricted."

Why 'Right To Delete' Should Be On Your IT Agenda Now; Forbes, October 22, 2018

Yaki Faitelson, Forbes; Why 'Right To Delete' Should Be On Your IT Agenda Now

"As California goes, at least concerning data laws, so goes the rest of the country. In 2002, California became the first state to require organizations to report breaches to regulators. Now, it’s the law in all 50 states."

Embracing the privacy-first mindset in the post-GDPR world; AdNovum Singapore via Enterprise Innovation, July 23, 2018

Leonard Cheong, Managing Director, AdNovum Singapore via Enterprise Innovation; Embracing the privacy-first mindset in the post-GDPR world

"Privacy is a fundamental human right.

This is the proclamation that Apple made when updating their App Store policies to ensure that application developers can’t access consumer data without consent, in a bid to demonstrate their commitment to data privacy.

As the world becomes more digital, privacy has indeed become more sought after and consumers today are only willing to share data with companies they trust. On 25 May 2018 the European Union’s General Data Protection Regulation or EU-GDPR came into effect, sparking numerous conversations on privacy, ethics and compliance."

Article 13: Europe's hotly debated revamp of copyright law, explained; CNet, June 22, 2018

Katie Collins, CNet; Article 13: Europe's hotly debated revamp of copyright law, explained

"The European Union is trying to pass a hotly debated law on copyright. The European Copyright Directive has been two years in the making, and on June 20, the European Parliament's legal affairs committee voted to approve the draft legislation.

The vote happened less than a month after Europe's last big piece of internet-related legislation -- the General Data Privacy Regulation (GDPR) -- kicked in.

Both the Copyright Directive and GDPR could dramatically impact and change things about the internet as we know it. But they also differ significantly, not just in scope, but also in how they're viewed and received by the world beyond Brussels."

The 7 stages of GDPR grief; VentureBeat, April 29, 2018

Chris Purcell, VentureBeat; The 7 stages of GDPR grief

"All of the systems we’ve built around handling personal data will need to be re-engineered to handle the new General Data Protection Regulation (GDPR) rules that go into effect that day. That’s a lot to accomplish, with very little time left.

While the eve of the GDPR deadline may not start parties like we had back on New Year’s Eve 1999 — when people counted down to “the end of the world” — stakeholders in organizations across the globe will be experiencing a range of emotions as they make their way through the seven stages of GDPR grief at varying speeds.

Like Y2K, May 25 could come and go without repercussion if people work behind the scenes to make their organizations compliant. Unfortunately, most companies are in the earliest stage of grief – denial – believing that GDPR does not apply to them (if they even know what it is). Denial rarely serves companies well. And in the case of GDPR non-compliance, it could cost them fines of up to 20 million euros ($24 million) or four percent of global annual turnover, whichever value is greater.

Luckily, there are sure-tell signs for each grief stage and advice to help individuals and their employers move through each (and fast):..."

Can Europe Lead on Privacy?; The New York Times, April 1, 2018

Tom Wheeler, The New York Times; Can Europe Lead on Privacy?

"The United States government has a lot of explaining to do. Why is it that American internet companies such as Facebook and Google are required to provide privacy protections when doing business with European consumers but are free to not provide such protections for Americans? Why is it that Americans’ best privacy hope is the secondary effect of interconnected networks rather than privacy protections designed for Americans? Why shouldn’t Americans also be given meaningful tools to protect their privacy?"