The Danish Data Protection Authority (Datatilsynet) has published a catalogue of security measures which can be considered and implemented in different scenarios and contexts. 

According to the official press release,”the catalog contains a large number of technical and organizational measures, which can be read independently of each other. Many of the current measures have been written with a view to a future guidance on rights management, but the intention is that the catalog will be expanded over time so that it will encompass more broadly, and future guidance may refer to different measures in the catalogue”.

The official press-release can be accessed here, the catalogue itself can be accessed here.

***

Google has confirmed that it will start to phase-out third-party cookies from its Chrome browser in January 2024. 

As MediaPost reports, “Johann Hofmann, senior software engineer at Google, published an in-depth series of processes that the company will take to complete its transition to Privacy Sandbox for the web. The 1% of third-party cookie blocking will begin in “early” January 2024. Named M120, it would be the first release that contains the technical capabilities that enable this rollout, Hofmann wrote. He also explained that this rollout will likely take a significant amount of time”. Click here for more details.

***

Spanish supervisory authority (AEPD) has published guidance on the use of biometric technologies to collect and further process biometric data. 

According to the official press release, “the document establishes the criteria for the use of this technology for both work and non-work purposes, establishing the measures to be taken into account so that personal data processing that uses this technology complies with the GDPR among other regulations. Biometric systems and the processing of data that can be obtained from them are evolving very quickly. The new systems increase the detail of the information collected and even allow the possibility of collecting information without the cooperation of the person, who sometimes is not even aware of it. Added to this is the development of artificial intelligence, which can be used to infer additional information about people”. Click here for more details.

***

As Reuters reports, Meta’s “paid no-ads subscription service launched in Europe this month faced one of its biggest tests as advocacy group NOYB on Tuesday filed a complaint with an Austrian regulator, saying that it amounted to paying a fee to ensure privacy.

Meta announced the service for Facebook and Instagram last month. It said the move was in compliance with EU rules that users must be given a choice on whether their data can be collected and used for targeted ads”. Click here for more details.