{"id":6001,"date":"2022-08-16T09:48:44","date_gmt":"2022-08-16T07:48:44","guid":{"rendered":"https:\/\/s8.tgin.eu\/?p=6001"},"modified":"2024-01-23T14:23:25","modified_gmt":"2024-01-23T13:23:25","slug":"data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring","status":"publish","type":"post","link":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/","title":{"rendered":"Data protection &amp; privacy digest 2 &#8211; 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring"},"content":{"rendered":"\n<h4 class=\"wp-block-heading\"><em>TechGDPR\u2019s review of international data-related stories from press and analytical reports.<\/em><\/h4>\n\n\n\n<h4 class=\"wp-block-heading\">Legal processes: commercial surveillance, sensitive data \u201cby comparison\u201d, workers electronic monitoring, farming data<\/h4>\n\n\n\n<p>The CJEU\u2019s recent decision may have a major impact on digital services that use <a href=\"https:\/\/techcrunch-com.cdn.ampproject.org\/c\/s\/techcrunch.com\/2022\/08\/02\/cjeu-sensitive-data-case\/amp\/\">background tracking and profiling to target users with behavioral ads<\/a>, TechCrunch reports. The EU top court\u2019s decision related to the anticorruption law in Lithuania. It found out that the country\u2019s law covering online disclosure of data contained in the declaration of private interest of directors\u00a0of institutions receiving public funds, (data concerning the declarant\u2019s spouse, cohabitee, partner, etc.), is contrary to the fundamental rights to privacy and data protection in the EU.\u00a0The court believes disclosure online of relatives and associates\u2019 names and their significant financial transactions is not strictly necessary for the objective pursued and may constitute <a href=\"https:\/\/curia.europa.eu\/juris\/document\/document.jsf?text=&amp;docid=263721&amp;pageIndex=0&amp;doclang=EN&amp;mode=req&amp;dir=&amp;occ=first&amp;part=1&amp;cid=481514\">highly sensitive data<\/a> &#8220;by comparison&#8221;. <\/p>\n\n\n\n<p>It is likely to reveal information of sensitive aspects of the private life of the persons concerned and to make it possible to draw up a particular detailed portrait of them, such as their sex life and sexual orientation, (Art. 9 of the GDPR). Finally, such processing results in this data being freely accessible on the internet to a potentially unlimited number of people. Thus, some privacy law experts suggest the judgement\u2019s broad definition of what constitutes sensitive data, (involving the act of comparison or deduction), potentially covers a wide range of online processing, including online ads, dating and health apps, location tracking and more, concludes TechCrunch.\u00a0<\/p>\n\n\n\n<p>In the US, the Federal Trade Commission, (FTC), seeks public comment ahead of ruling on the prevalence of <a href=\"https:\/\/www.ftc.gov\/system\/files\/ftc_gov\/pdf\/commercial_surveillance_and_data_security_anpr.pdf\">commercial surveillance and data security practices that harm consumers<\/a>. The Commission invites comment on whether it should implement new trade regulation rules or other regulatory alternatives concerning the ways in which companies a) collect, aggregate, protect, use, analyze, and retain consumer data, as well as b), transfer, share, sell, or otherwise monetize that data in ways that are unfair or deceptive. The permissions that consumers give may not always be meaningful or informed.\u00a0Studies have shown that most people do not generally understand the market for consumer data that operates beyond their monitors and displays, the FTC states. Many privacy notices that acknowledge such risks are reportedly not readable to the average consumer or a minor. In the end, these practices that nowadays heavily rely on automated systems may have significant consequences for consumers\u2019 wallets, safety, and mental health.\u00a0 <\/p>\n\n\n\n<p>The EDPS published its opinion on the proposal for a <a href=\"https:\/\/edps.europa.eu\/system\/files\/2022-08\/22-08-11_opinion_farm_sustainability_data_network_en_0.pdf\">regulation regarding conversion of the Farm Accountancy Data Network into a Farm Sustainability Data Network (FSDN)<\/a>. The proposal aims to regulate the processing of personal data in the context of the collection of individual farm\u2019s economic, environmental and social data as well as the further management and use of such data. The EDPS positively notes that in case individual data will be shared by the Commission or liaison agencies, the data of the farmers and all other individual details obtained would be anonymised or pseudonymised. However the EDPS considers that the proposal does not provide a specific reason of public interest justifying the publication of personal data in identifiable form, even if the data were to be pseudonymised prior to publication.&nbsp;<\/p>\n\n\n\n<p>The EDPS therefore recommended specifying that only duly anonymised FSDN data may be made publicly available. That being said, the regulator considered it important to preserve a clear distinction between these concepts, as pseudonymous data can still be related to an identifiable individual and therefore qualifies as personal data. Moreover, the EDPS considered that it is not clear whether the proposal refers only to the exchange of data between the national liaison agencies and the Commission or also extends to the sharing of data with the general public or otherwise making it available for reuse. Finally, the interoperability provisions include the need to identify all the IT tools and linked databases, data protection roles and responsibilities and relevant applicable safeguards. Read the full opinion <a href=\"https:\/\/edps.europa.eu\/system\/files\/2022-08\/22-08-11_opinion_farm_sustainability_data_network_en_0.pdf\">here<\/a>.<\/p>\n\n\n\n<p>Meanwhile Ontario provided updated guidance on a new legislation <a href=\"https:\/\/www.bennettjones.com\/Blogs-Section\/New-Guidance-on-Ontarios-Electronic-Monitoring-in-the-Workplace-Policy\">which includes an electronic monitoring policy for workers<\/a>. &#8220;Electronic monitoring&#8221; may include GPS systems to track employee movement, using sensors to track how quickly an employee performs a task or tracking the websites an employee visits during working hours. The policy must include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A statement as to whether or not the employer electronically monitors employees.<\/li>\n\n\n\n<li>How the employer may electronically monitor employees.<\/li>\n\n\n\n<li>The circumstances in which the employer may electronically monitor employees; and<\/li>\n\n\n\n<li>The purposes for which information obtained through electronic monitoring may be used by the employer.<\/li>\n\n\n\n<li>The date the Policy was prepared, and the date any revisions were made.<\/li>\n<\/ul>\n\n\n\n<p>Any employer that employs 25 or more people in total across all of its locations in Ontario will be required to have a written policy. When determining whether the 25-employee threshold has been met, an employer must count all employees across all of its locations in Ontario, regardless of the number of hours worked by the employees or if they are full or part-time, including probationary employees, employees on layoff, leave of absence or strike and employees who are trainees.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Official guidance: use of cloud, sports associations, dpo, government data, customer research<\/h4>\n\n\n\n<p>The Danish data protection authority has published a<a href=\"https:\/\/www.datatilsynet.dk\/presse-og-nyheder\/nyhedsarkiv\/2022\/aug\/datatilsynets-spoergeskema-ved-tilsyn-med-cloud\"> questionnaire after recent inspections of the use of the cloud, (in Danish only), by public authorities and private companies<\/a>. The questionnaire covers most of the points that data controllers must be aware of if they use&nbsp; cloud solutions. It is divided into four parts:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>know your services,<\/li>\n\n\n\n<li>know your suppliers,<\/li>\n\n\n\n<li>supervision of suppliers,<\/li>\n\n\n\n<li>transfer to third countries.<\/li>\n<\/ul>\n\n\n\n<p>Furthermore, each part is subdivided into two parts: a) the first part concerns the organisation&#8217;s general rules, policies, procedures, etc. to enable the organisation to comply with the relevant data protection rules; b) the second part looks at whether the organisation has followed these policies, etc. with regard to the specific cloud service and provider, and if not, how the organisation ensures compliance with the relevant data protection rules. The questionnaire can be downloaded via this <a href=\"https:\/\/www.datatilsynet.dk\/Media\/637949399194822703\/Datatilsynets%20sp%C3%B8rgeskema%20ved%20tilsyn%20med%20cloud.XLSX\">link<\/a>.<\/p>\n\n\n\n<p>The French regulator CNIL offers amateur sport associations a self-assessment tool to test their compliance with the GDPR. The data subjects in this case include member athletes, athletes of an opposing team, paid or volunteer sports educators, referees, etc. The information collected responds to very different uses: storing the file of members, organizing competitions and tournaments, managing the club&#8217;s website, etc. The life cycle of the personal information contained in the files created by sports structures is likely to include 4 stages:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>collection,<\/li>\n\n\n\n<li>sharing and exchange,&nbsp;<\/li>\n\n\n\n<li>reuse,&nbsp;<\/li>\n\n\n\n<li>retention and destruction. (You can access the original <a href=\"https:\/\/www.cnil.fr\/fr\/sport-amateur-hors-contrat-et-rgpd-la-cnil-publie-des-outils-pedagogiques-pour-accompagner-les\">questionnaire here<\/a>).<\/li>\n<\/ul>\n\n\n\n<p>The Dutch data protection authority recommends adjusting the proposal for an amendment of <a href=\"https:\/\/autoriteitpersoonsgegevens.nl\/nl\/nieuws\/ap-stel-grenzen-aan-opnieuw-gebruiken-van-persoonsgegevens-uit-overheidsdata\">the Reuse of Government Information Act<\/a>. The proposal, in which the government encourages government institutions to make government data, including personal data, available for reuse, does not set sufficient limits, raising the risk that personal data is shared without the permission or knowledge of the people involved. According to the proposal, that data must also be searchable with software and can be combined with other data. Personal data in the country\u2019s Trade Register and the Land Registry is already public and that is already causing problems. By running an algorithm on it and combining the personal data with other sources, companies can, for example, create profiles of people to sell it. <\/p>\n\n\n\n<p>The Latvian privacy regulator published <a href=\"https:\/\/www.dvi.gov.lv\/lv\/jaunums\/%23DAS_12082022\">guidance on the mandatory appointment of a data protection officer<\/a>. Especially in cases where the economic activity of the company is directly related to the processing of personal data on a large scale, any company is obliged to involve a <a href=\"https:\/\/techgdpr.com\/blog\/dpo-misconceptions-about-the-role-of-a-data-protection-officer\/\">data protection specialist<\/a> in the organisation of specific processes:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>for a company whose main activity is related to the profiling of natural persons, with the intention of carrying out an assessment of their creditworthiness;<\/li>\n\n\n\n<li>for a security company that uses video surveillance of publicly accessible areas as part of its core service;<\/li>\n\n\n\n<li>for a company that performs customer behavior analysis, (products a customer has viewed, purchased, etc.), in order to send targeted marketing communications;<\/li>\n\n\n\n<li>to a person who conducts customer research for the purpose of preventing money laundering;<\/li>\n\n\n\n<li>mobile apps that process user geolocation data for the maintainer;<\/li>\n\n\n\n<li>for companies that collect customer data as part of loyalty programs;<\/li>\n\n\n\n<li>for persons who monitor clients&#8217; well-being, physical fitness and health data through wearable devices;<\/li>\n\n\n\n<li>for companies that process information obtained from devices connected to the IoT, (smart meters, connected cars, home automation devices, etc.).<\/li>\n<\/ul>\n\n\n\n<p>Another guidance by the Latvian privacy regulator refers to the prevention of money laundering and financing of terrorism and arms proliferation. According to the country\u2019s legislation anyone must conduct <a href=\"https:\/\/www.dvi.gov.lv\/lv\/jaunums\/dviskaidro-05082022\">customer research before starting a business relationship, as well as during the maintenance of a business relationship<\/a>. Taking into account the fact that customer research applies not only to legal entities, but also to natural persons, the regulator explains new procedures that determine the licensing of common customer research tools for service providers, as well as the monitoring of their activities. Considering that personal data will be processed in the customer research tool, the privacy regulator has the following rights:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>re-registration, suspension or cancellation of the service provider&#8217;s license;<\/li>\n\n\n\n<li>inspections of the customer research tool service;<\/li>\n\n\n\n<li>receiving information and documents free of charge from the service provider, which are necessary for the verification of the operation or for the consideration of the customer complaint received about its operation;<\/li>\n\n\n\n<li>information erroneously or illegally included in the shared customer research tool be corrected or deleted;<\/li>\n\n\n\n<li>requiring the service provider of the customer research tool to review its information systems, facilities and procedures and appoint an independent expert.<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Investigations and enforcement actions: profiling, video surveillance and geolocation, access codes, privacy notice, reused mail box<\/h4>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\" style=\"grid-template-columns:36% auto\"><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" width=\"1024\" height=\"683\" src=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/social-media-g496c44580_1920-1024x683.png\" alt=\"sensitive data &quot;by comparison&quot;\" class=\"wp-image-6007 size-full\" srcset=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/social-media-g496c44580_1920-1024x683.png 1024w, https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/social-media-g496c44580_1920-300x200.png 300w, https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/social-media-g496c44580_1920-768x512.png 768w, https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/social-media-g496c44580_1920-1536x1024.png 1536w, https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/social-media-g496c44580_1920.png 1920w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<p><\/p>\n\n\n\n<p>The Lower Saxony data protection commissioner has imposed <a href=\"https:\/\/lfd.niedersachsen.de\/startseite\/infothek\/presseinformationen\/900-000-euro-bussgeld-gegen-kreditinstitut-wegen-profilbildung-zu-werbezwecken-213925.html\">a fine of 900,000 euros on a bank for profiling for advertising purposes<\/a>. The company had evaluated data from active and former customers without their consent. To do this, it analysed digital usage behaviour and the total volume of purchases in app stores, the frequency of use of account statement printers and the total amount of transfers in online banking compared to the use of branch counters. For this it used a service provider. In addition, the results of the analysis were compared with a credit agency and enriched from there. The aim was to identify customers with an increased inclination for digital media and to prioritise electronic communication channels to contact them. Information was sent to most customers in advance along with other documents. However, these do not replace the necessary consents. The fine is not yet final. <\/p>\n<\/div><\/div>\n\n\n\n<p>The Luxembourg data protection authority recently issued a 3000 euro fine to an unnamed company for intrusive use of CCTV cameras and failing in their obligation to inform their workers and third-party visitors. The company neither justified not demonstrated <a href=\"https:\/\/cnpd.public.lu\/fr\/decisions-sanctions\/2022\/decision-12-fr-2022.html\">how the video surveillance, (installed and operated by subcontractor firms), of the interior of the premises using door cameras was appropriate and necessary to protect the property<\/a>, (fencing in this case could be a replacement measure), and in particular to prevent burglary. It also considered the psychological pressure that the cameras exerted on employees and third-party visitors, who felt observed at their workstations or meeting tables because of the cameras, which did not indicate if were working, or not.<\/p>\n\n\n\n<p>In another recent case the Luxembourg regulator fined an unnamed company 1500 euros for <a href=\"https:\/\/cnpd.public.lu\/fr\/decisions-sanctions\/2022\/decision-13-fr-2022.html\">performing geolocation on its employees while using a vehicle to travel to customers<\/a>. The following purposes of geolocation were stated by the data controller: geographical tracking, asset protection, optimal fleet management, optimisation of work processes as well as the provision of responses to customer complaints.\u201d Further investigation found out other undisclosed purposes such as: combatting theft, reduction of the number of kilometres driven, justification in the event of a dispute, monitoring and invoicing of services, and finally, monitoring of working time and setting remuneration.<\/p>\n\n\n\n<p>&nbsp;In the regulator\u2019s opinion, the lack of clear policy, an unidentified legal basis for all the above-mentioned processing, as well as a one-year data retention period, were in violation with the requirements of Art. 5, (lawfulness, fairness and transparency), and Art. 13, (information obligation), of the GDPR. Finally, the employees were unaware that their data could have been transferred to the parent company, situated in a third country.&nbsp;<\/p>\n\n\n\n<p>In Denmark, citizens\u2019 information was exposed to an unnecessary risk, as Lolland Municipality&#8217;s <a href=\"https:\/\/www.datatilsynet.dk\/afgoerelser\/afgoerelser\/2022\/aug\/lolland-kommune-indstilles-til-boede\">employees were able to disable access codes on phones and tablets<\/a>. The Danish data protection authority issued a fine of approx. 6000 euros. In 2020 an employee in the municipality had a work phone stolen. Via the phone there was access to the employee&#8217;s work email account, which contained information about several citizens&#8217; names, social security numbers, health information and sensitive events. The phone was not protected by a code as it was switched off, so access to its information was unlimited. The municipality stated that over a number of years it had been possible for employees to remove the otherwise mandatory access codes, so that telephones could be used without the use of a code. It had immediately initiated restorative measures in the form of new precautions and changes in the technical set-up of telephones handed out.&nbsp;<\/p>\n\n\n\n<p>The Romanian data protection authority has fined the CDI Transport Intern si Internazionale, (among the largest passenger transport companies in Romania), 7000 euros after a complaint that<a href=\"https:\/\/www.dataprotection.ro\/index.jsp?page=Comunicat_Presa_09.08.2022_1&amp;lang=ro\"> the company&#8217;s website contained no information regarding the method of collecting personal data<\/a>. It also failed to inform users of the rights provided for in Art. 15-22 of the GDPR that data subjects benefit from, such as those relating to the purpose of processing and the legal basis, the identity and contact details of the operator, the period for which the data will be stored or the criteria used to establish this period, nor the fact that the operator has the obligation to inform the data subjects in the event of a breach of personal data security.<\/p>\n\n\n\n<p>Finally, the Spanish data protection authority AEPD punished an online teaching institution&nbsp;to the tune of&nbsp;3000 euros after a claimant, <a href=\"https:\/\/www.aepd.es\/es\/documento\/ps-00581-2021.pdf\">a newly hired tutor, was offered a corporate email box that belonged to the person they were replacing<\/a>. The organisation stated that the plaintiff started working as an employee to replace another worker in the same field and with the same tasks on sick leave, so that their work was a continuation of those specific teaching activities and tutoring with students, for which it was necessary to have knowledge of all the background and communications between teacher and pupil. It argued that the data to which the plaintiff could have access was needed for the exercise of their duties. The data in the mailbox included pupils\u2019 personal information, but also tax documentation, banking details, invoices, etc. The new tutor was instructed that she could access and delete folders in the inbox if needed. The regulator decided that the basic security measures were not respected in this case.&nbsp;<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Data security: email aliases, IoT devices<\/h4>\n\n\n\n<p>According to the US cybersecurity guru Brian Krebs, <a href=\"https:\/\/krebsonsecurity.com\/2022\/08\/the-security-pros-and-cons-of-using-email-aliases\/\">one way to protect your email inbox is to get into the habit of using unique email aliases when signing up for new accounts online<\/a>. You can create an endless number of different email addresses linked to the same account by adding a &#8220;+&#8221; character after the username section of your email address, followed by a notation relevant to the website you&#8217;re signing up at. It is said that many threat actors will remove any aliases from their distribution lists because they believe that these consumers are more concerned with security and privacy than other users and are therefore more likely to report spam to their aliased addresses. Finally, email aliases are so uncommon that finding just a few email addresses using the same alias in a database breach can make it easy to determine which organization was probably hacked and which database was released.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.hhs.gov\/sites\/default\/files\/internet-of-things-security-analyst-note.pdf\">The US Health Sector Cybersecurity Coordination Center published an advisory note for the healthcare sector of the risks posed by Internet of Things devices<\/a>. Since these devices can collect data that includes personally identifiable information it is important to secure these systems. Ultimately, the goal is to protect the entire system, but there are steps that can be taken to help accomplish this: a) securely store, process, and transfer data, b) keep devices safeguarded, c) update devices to reduce vulnerabilities. To minimize risks from IoT devices you need to:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Change default router settings: Most people do not rename their router and keep the manufacturer\u2019s default settings. Those settings typically benefit manufacturers more than the user.&nbsp;<\/li>\n\n\n\n<li>Pick a strong password: Make sure to use a secure password for each device.&nbsp;<\/li>\n\n\n\n<li>Avoid using Universal Plug and Play: It makes it easier to network devices without additional configuration.&nbsp;<\/li>\n\n\n\n<li>Keep your software and firmware updated: Firmware keeps you protected with the latest security patches and reduces the chances of cyber-attacks.&nbsp;<\/li>\n\n\n\n<li>Implement a Zero Trust Model: A zero trust model assumes that nothing can be trusted in or outside of the network. Only a limited amount of people require access to certain resources to accomplish their jobs. For this strategy to be effective administrators must determine who the users are and what role they play.&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Big Tech: drivers data, cyberattack on NHS software, Meta\u2019s tracking code<\/h4>\n\n\n\n<p><a href=\"https:\/\/themarkup.org\/the-breakdown\/2022\/07\/27\/who-is-collecting-data-from-your-car\">Only 28% of drivers have any idea what sort of data they generate, and is collected, when they drive<\/a>, and they may never have heard of the at least 37 companies that are leading a growing vehicle data market says a report in The Markup. It&#8217;s a market with vast amounts of personal data all for sale: by whom, for whom, and with what aim? With the growth of third party vehicle data hubs concentrating data, and the range of data presenting a risk to anonymisation, the report notes a lack of regulation that High Mobility&#8217;s CEO and founder Ristro Vahtra warns could be a &#8220;privacy hell&#8221;. The report also criticises car manufacturers for failing to develop clear screen interfaces like mobile phones for drivers to choose privacy settings, which in some cases are entirely lacking. Legislation tackling this is currently in the committee stage in the US Congress.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.theguardian.com\/society\/2022\/aug\/11\/fears-patient-data-ransomware-attack-nhs-software-supplier?fbclid=IwAR2uIZVzzuZ2V2XqzMcsCsGuDINXl74b_cc0Hv7vseoEZb0oeCslATeGpro\">UK government agencies along with the National Cyber Security Centre are investigating if patient data was stolen in a severe cyberattack<\/a> on NHS software supplier Advanced. It was hit by ransomware on August 4th, taking several urgent treatment centres, the 111 phoneline for, among other things, booking a doctor&#8217;s appointment, and some mental health facilities offline. The hack could take nearly two weeks to resolve, and updates on the status of the data are awaited, although Advanced says it has &#8220;contained&#8221; the breach.<\/p>\n\n\n\n<p>When you click on anything you see on Facebook or Instagram, <a href=\"https:\/\/www.theguardian.com\/technology\/2022\/aug\/11\/meta-injecting-code-into-websites-visited-by-its-users-to-track-them-research-says\">owner Meta has been inserting code into the websites you visit, allowing your navigation to be tracked<\/a>. That&#8217;s according to former Google engineer and privacy activist Felix Krause, who has published new research. It&#8217;s unknown how long Meta have been using the tracking code on their in-app browser. Krause built a tool to see how many extra instructions were added to a website by a browser. In most cases none were added, but navigation via Facebook or Instagram added as many as 18 lines of code. This so-called &#8220;Javascript injection&#8221; is often classified as a &#8220;malicious attack&#8221;, but there is no suggestion Meta has used it beyond monitoring all user interactions, like every button and link tapped, text selections, or screenshots.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>TechGDPR\u2019s review of international data-related stories from press and analytical reports. Legal processes: commercial surveillance, sensitive data \u201cby comparison\u201d, workers electronic monitoring, farming data The CJEU\u2019s recent decision may have a major impact on digital services that use background tracking and profiling to target users with behavioral ads, TechCrunch reports. The EU top court\u2019s decision [&hellip;]<\/p>\n","protected":false},"author":21,"featured_media":6003,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[94],"tags":[133,129,99,89,58,132,214,104],"class_list":["post-6001","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-protection-digest","tag-cloud-services","tag-consumer-data-protection","tag-data-reuse","tag-dpo","tag-gdpr-compliance","tag-online-tracking","tag-sensitive-data","tag-workers-rights"],"acf":[],"featured_image_urls":{"full":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png",1920,1120,false],"thumbnail":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-150x150.png",150,150,true],"medium":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-300x175.png",300,175,true],"medium_large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-768x448.png",640,373,true],"large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-1024x597.png",640,373,true],"1536x1536":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-1536x896.png",1536,896,true],"2048x2048":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png",1920,1120,false],"image-200-200":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-200x200.png",200,200,true]},"post_excerpt_stackable":"<p>TechGDPR\u2019s review of international data-related stories from press and analytical reports. Legal processes: commercial surveillance, sensitive data \u201cby comparison\u201d, workers electronic monitoring, farming data The CJEU\u2019s recent decision may have a major impact on digital services that use background tracking and profiling to target users with behavioral ads, TechCrunch reports. The EU top court\u2019s decision related to the anticorruption law in Lithuania. It found out that the country\u2019s law covering online disclosure of data contained in the declaration of private interest of directors\u00a0of institutions receiving public funds, (data concerning the declarant\u2019s spouse, cohabitee, partner, etc.), is contrary to the fundamental&hellip;<\/p>\n","category_list":"<a href=\"https:\/\/techgdpr.com\/blog\/category\/data-protection-digest\/\" rel=\"category tag\">Data Protection Digest<\/a>","author_info":{"name":"Olya Vasylyk","url":"https:\/\/techgdpr.com\/blog\/author\/olyav\/"},"comments_num":"0 comments","featured_image_urls_v2":{"full":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png",1920,1120,false],"thumbnail":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-150x150.png",150,150,true],"medium":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-300x175.png",300,175,true],"medium_large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-768x448.png",640,373,true],"large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-1024x597.png",640,373,true],"1536x1536":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-1536x896.png",1536,896,true],"2048x2048":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png",1920,1120,false],"image-200-200":["https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920-200x200.png",200,200,true]},"post_excerpt_stackable_v2":"<p>TechGDPR\u2019s review of international data-related stories from press and analytical reports. Legal processes: commercial surveillance, sensitive data \u201cby comparison\u201d, workers electronic monitoring, farming data The CJEU\u2019s recent decision may have a major impact on digital services that use background tracking and profiling to target users with behavioral ads, TechCrunch reports. The EU top court\u2019s decision related to the anticorruption law in Lithuania. It found out that the country\u2019s law covering online disclosure of data contained in the declaration of private interest of directors\u00a0of institutions receiving public funds, (data concerning the declarant\u2019s spouse, cohabitee, partner, etc.), is contrary to the fundamental&hellip;<\/p>\n","category_list_v2":"<a href=\"https:\/\/techgdpr.com\/blog\/category\/data-protection-digest\/\" rel=\"category tag\">Data Protection Digest<\/a>","author_info_v2":{"name":"Olya Vasylyk","url":"https:\/\/techgdpr.com\/blog\/author\/olyav\/"},"comments_num_v2":"0 comments","yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Data protection &amp; privacy digest 2 - 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring - TechGDPR<\/title>\n<meta name=\"description\" content=\"TechGDPR\u2019s review of the most important data-related stories: commercial surveillance, sensitive data \u201cby comparison\u201d, workers monitoring\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Data protection &amp; privacy digest 2 - 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring - TechGDPR\" \/>\n<meta property=\"og:description\" content=\"TechGDPR\u2019s review of the most important data-related stories: commercial surveillance, sensitive data \u201cby comparison\u201d, workers monitoring\" \/>\n<meta property=\"og:url\" content=\"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/\" \/>\n<meta property=\"og:site_name\" content=\"TechGDPR\" \/>\n<meta property=\"article:published_time\" content=\"2022-08-16T07:48:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-23T13:23:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1120\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Olya Vasylyk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@techgdpr\" \/>\n<meta name=\"twitter:site\" content=\"@techgdpr\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Olya Vasylyk\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"15 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/\"},\"author\":{\"name\":\"Olya Vasylyk\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/person\\\/07e9c14fd01b25bd2c1907537e8547e8\"},\"headline\":\"Data protection &amp; privacy digest 2 &#8211; 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring\",\"datePublished\":\"2022-08-16T07:48:44+00:00\",\"dateModified\":\"2024-01-23T13:23:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/\"},\"wordCount\":3292,\"publisher\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2022\\\/08\\\/bank-teller-6330466_1920.png\",\"keywords\":[\"Cloud services\",\"consumer data protection\",\"data reuse\",\"dpo\",\"GDPR Compliance\",\"online tracking\",\"sensitive data\",\"workers rights\"],\"articleSection\":[\"Data Protection Digest\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/\",\"name\":\"Data protection &amp; privacy digest 2 - 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring - TechGDPR\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2022\\\/08\\\/bank-teller-6330466_1920.png\",\"datePublished\":\"2022-08-16T07:48:44+00:00\",\"dateModified\":\"2024-01-23T13:23:25+00:00\",\"description\":\"TechGDPR\u2019s review of the most important data-related stories: commercial surveillance, sensitive data \u201cby comparison\u201d, workers monitoring\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/#primaryimage\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2022\\\/08\\\/bank-teller-6330466_1920.png\",\"contentUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2022\\\/08\\\/bank-teller-6330466_1920.png\",\"width\":1920,\"height\":1120},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/techgdpr.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Data protection &amp; privacy digest 2 &#8211; 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#website\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/\",\"name\":\"TechGDPR\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/techgdpr.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#organization\",\"name\":\"TechGDPR\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/staging.techgdpr.com\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/TGDPR_logo_500px.png\",\"contentUrl\":\"https:\\\/\\\/staging.techgdpr.com\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/TGDPR_logo_500px.png\",\"width\":501,\"height\":334,\"caption\":\"TechGDPR\"},\"image\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/techgdpr\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/techgdpr\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/person\\\/07e9c14fd01b25bd2c1907537e8547e8\",\"name\":\"Olya Vasylyk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/readyIMG_3694-1-2-150x150.jpg\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/readyIMG_3694-1-2-150x150.jpg\",\"contentUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/readyIMG_3694-1-2-150x150.jpg\",\"caption\":\"Olya Vasylyk\"},\"description\":\"Creator and editor of TechGDPR\u2019s weekly Digest. Postgraduate masters Diploma in Data Protection, Digital law and Management. Over a decade Olga previously was a broadcast journalist in Ukraine and France specializing in international affairs.\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/author\\\/olyav\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Data protection &amp; privacy digest 2 - 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring - TechGDPR","description":"TechGDPR\u2019s review of the most important data-related stories: commercial surveillance, sensitive data \u201cby comparison\u201d, workers monitoring","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/","og_locale":"en_US","og_type":"article","og_title":"Data protection &amp; privacy digest 2 - 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring - TechGDPR","og_description":"TechGDPR\u2019s review of the most important data-related stories: commercial surveillance, sensitive data \u201cby comparison\u201d, workers monitoring","og_url":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/","og_site_name":"TechGDPR","article_published_time":"2022-08-16T07:48:44+00:00","article_modified_time":"2024-01-23T13:23:25+00:00","og_image":[{"width":1920,"height":1120,"url":"https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png","type":"image\/png"}],"author":"Olya Vasylyk","twitter_card":"summary_large_image","twitter_creator":"@techgdpr","twitter_site":"@techgdpr","twitter_misc":{"Written by":"Olya Vasylyk","Est. reading time":"15 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/#article","isPartOf":{"@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/"},"author":{"name":"Olya Vasylyk","@id":"https:\/\/techgdpr.com\/#\/schema\/person\/07e9c14fd01b25bd2c1907537e8547e8"},"headline":"Data protection &amp; privacy digest 2 &#8211; 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring","datePublished":"2022-08-16T07:48:44+00:00","dateModified":"2024-01-23T13:23:25+00:00","mainEntityOfPage":{"@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/"},"wordCount":3292,"publisher":{"@id":"https:\/\/techgdpr.com\/#organization"},"image":{"@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/#primaryimage"},"thumbnailUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png","keywords":["Cloud services","consumer data protection","data reuse","dpo","GDPR Compliance","online tracking","sensitive data","workers rights"],"articleSection":["Data Protection Digest"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/","url":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/","name":"Data protection &amp; privacy digest 2 - 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring - TechGDPR","isPartOf":{"@id":"https:\/\/techgdpr.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/#primaryimage"},"image":{"@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/#primaryimage"},"thumbnailUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png","datePublished":"2022-08-16T07:48:44+00:00","dateModified":"2024-01-23T13:23:25+00:00","description":"TechGDPR\u2019s review of the most important data-related stories: commercial surveillance, sensitive data \u201cby comparison\u201d, workers monitoring","breadcrumb":{"@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/#primaryimage","url":"https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png","contentUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2022\/08\/bank-teller-6330466_1920.png","width":1920,"height":1120},{"@type":"BreadcrumbList","@id":"https:\/\/techgdpr.com\/blog\/data-protection-digest-16082022-commercial-surveillance-sensitive-data-by-comparison-worker-electronic-monitoring\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/techgdpr.com\/"},{"@type":"ListItem","position":2,"name":"Data protection &amp; privacy digest 2 &#8211; 15 Aug 2022: commercial surveillance, sensitive data \u201cby comparison\u201d, worker electronic monitoring"}]},{"@type":"WebSite","@id":"https:\/\/techgdpr.com\/#website","url":"https:\/\/techgdpr.com\/","name":"TechGDPR","description":"","publisher":{"@id":"https:\/\/techgdpr.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/techgdpr.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/techgdpr.com\/#organization","name":"TechGDPR","url":"https:\/\/techgdpr.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techgdpr.com\/#\/schema\/logo\/image\/","url":"https:\/\/staging.techgdpr.com\/wp-content\/uploads\/2018\/04\/TGDPR_logo_500px.png","contentUrl":"https:\/\/staging.techgdpr.com\/wp-content\/uploads\/2018\/04\/TGDPR_logo_500px.png","width":501,"height":334,"caption":"TechGDPR"},"image":{"@id":"https:\/\/techgdpr.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/techgdpr","https:\/\/www.linkedin.com\/company\/techgdpr"]},{"@type":"Person","@id":"https:\/\/techgdpr.com\/#\/schema\/person\/07e9c14fd01b25bd2c1907537e8547e8","name":"Olya Vasylyk","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/10\/readyIMG_3694-1-2-150x150.jpg","url":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/10\/readyIMG_3694-1-2-150x150.jpg","contentUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/10\/readyIMG_3694-1-2-150x150.jpg","caption":"Olya Vasylyk"},"description":"Creator and editor of TechGDPR\u2019s weekly Digest. Postgraduate masters Diploma in Data Protection, Digital law and Management. Over a decade Olga previously was a broadcast journalist in Ukraine and France specializing in international affairs.","url":"https:\/\/techgdpr.com\/blog\/author\/olyav\/"}]}},"_links":{"self":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts\/6001","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/users\/21"}],"replies":[{"embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/comments?post=6001"}],"version-history":[{"count":23,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts\/6001\/revisions"}],"predecessor-version":[{"id":7518,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts\/6001\/revisions\/7518"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/media\/6003"}],"wp:attachment":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/media?parent=6001"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/categories?post=6001"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/tags?post=6001"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}