Questions tagged [data-protection]
For questions about the legal obligations of protecting data (personal or otherwise) and the consequences of failing to do so.
335 questions
16
votes
5
answers
4k
views
When can open-source intelligence lead to legal consequences?
If you gather publicly available information on a private individual without ever using prohibited means of gathering that info, and you never use that information for a business purpose or to ...
- 973
2
votes
1
answer
112
views
Does triggering google analytics prior to consent constitute a gdpr breach?
I am an academic researcher investigating GDPR compliance on gambling websites. During my analysis, I use browser developer tools to examine third-party data transfers occurring before the user gives ...
0
votes
2
answers
193
views
Could an international buyer of 23andMe do anything they wanted with the data?
If an international buyer were to purchase 23andMe, could they do anything they wanted with the data of the company as they would not be located in the United States? Would any protections exist to ...
- 467
2
votes
0
answers
139
views
Are Chinese authorities allowed to ask and obtain any user data from firms under China's jurisdiction?
I read on OpenAI calls DeepSeek ‘state-controlled,’ calls for bans on ‘PRC-produced’ models:
The proposal, a submission for the Trump administration’s “AI Action Plan” initiative, claims that ...
- 7,791
1
vote
1
answer
90
views
Cross-border personal data management in Europe for a foreign firm
I am curious about Europe’s regulation with regards to cloud data centers and personal data management by GDPR. The presence of American providers of cloud services in Europe is noticeable, while ...
- 11
-1
votes
1
answer
66
views
DSAR Request to company which holds data on behalf of clients, but which shares this data to a wider audience (UK) [closed]
Thanks in advanced for any help which anyone can offer on this matter.
It has recently come to my attention that an organisation holds data about me, some of which is shared (in the form of metadata ...
- 1
0
votes
0
answers
98
views
Compensation for a data breach by a company under a non-notified law DPDP act 2023
This is to understand the applicable law on a certain day in India and specifically about laws that are published by gazette notification but are awaiting a followup rule publication.
Representative ...
- 1
1
vote
0
answers
264
views
How do I object under GDPR to Microsoft GitHub sending me "free access to GitHub Copilot"? [closed]
Like millions of others, I've received a marketing email from Microsoft GitHub, "You have free access to GitHub Copilot" (announcement).
I didn't find a way to unsubscribe: the unsubscribe ...
- 128
12
votes
3
answers
590
views
Using AI assistants in virtual meetings
As of Friday I became aware of otter.ai as it was used in one of my online interviews. I'm not seeking legal advice about the situation but it has certainly raised some big questions for me on the ...
- 427
0
votes
3
answers
130
views
Using phonebooks or public data for commercial purposes, GDPR
I'm wondering if it is legal for individuals or companies to use phonebook data for commercial purposes, such as contacting people found on the phone book to sell them products or services, or even ...
- 1
12
votes
2
answers
4k
views
Is marking an advertisement/tracker cookie strictly necessary legal?
Suppose Bob has a website that is really popular. Bob has promised users that he will never sell user data, but he never said that he wouldn't put a third party tracker in his website, and he also ...
- 359
2
votes
1
answer
506
views
How does the First Amendment protect collection of information?
A comment on an answer to another question makes the assertion
The First Amendment protects both the collection and dissemination of information.
The First Amendment, according to the Library of ...
- 1,514
0
votes
2
answers
192
views
Do patients have the right to foot moulds / models from chiropodists? [closed]
If a chiropodist produces a 3D model or mould from a patient's foot in order to produce orthotic insoles, is the chiropodist required to retain the model or mould for a particular period of time? Does ...
- 97
1
vote
2
answers
266
views
Does a company have an obligation to attempt to answer a GDPR request if the requestor may not have provided sufficient identification information?
An individual has asked to provide information on his personal data which is stored by a company (GDPR). He has only provided his name and surname. He has signed the document electronically, i.e., we ...
- 175
1
vote
1
answer
86
views
EU Data Act - Receive access logs of managed wifi access points from service provider
As an employee of company A I would like to statistically analyse access logs of wifi access points, which are located in offices of company A, but managed by a service provider (company B). company B ...
- 119