June 2021 – Privacy Design®

Coordinated cookie practice review by German DPAs.

Observations on

Wrong order – loading cookies/trackers prior to consent
Wrong information – Insufficient or wrong information on user tracking on first level of the consent banner
Wrong consent – Insufficient scope of consent. Many cookies/trackers remain active even if users deny consent on first level of banner to “All”
No easy consent denial/revocation – Often no easy way to deny consent on first level of consent banner, or to close banner without a decision.
Manipulation of users – dark design patterns, nudging..

June 30, 2021June 30, 2021

Germany: Sammlung Informationsmaterial zu DSGVO (GDPR) der deutschen DPA (28 April 2021)

https://fragdenstaat.de/dokumente/118035-sammlung-informationsmaterial-zur-ds-gvo/

June 30, 2021June 30, 2021

Spain, AEPD: “Risk management and impact assessment in personal data processing” guide (160 pages) (DPIA guidance)

Announcement:
https://www.aepd.es/es/es/prensa-y-comunicacion/notas-de-prensa/agencia-presenta-guia-riesgo-tratamiento-datos-y-evaluaciones-impacto

Report:
https://www.aepd.es/es/documento/gestion-riesgo-y-evaluacion-impacto-en-tratamientos-datos-personales.pdf

June 25, 2021June 25, 2021

zama.ai – full homomorphic encryption (FHE) – also github

https://zama.ai/

https://6min.zama.ai/

https://github.com/google/fully-homomorphic-encryption/tree/main/transpiler

from github:
“This is currently an exploratory proof-of-concept. While it could be deployed in practice, the run-times of the FHE-C++ operations are likely to be too long to be practical at this time. This transpiler heavily relies on the TFHE library for security guarantees. Since TFHE is relatively new, there are yet to be robust cryptanalyses of TFHE. Thus, before including this library in a live production deployment, be aware that there may be yet undiscovered vulnerabilities in TFHE.”

June 25, 2021June 25, 2021