Konsumentorganisationer anmäler Google
Norska Forbrukerrådet ifrågasätter i en ny rapport om Googles utformning av funktionerna “Location History” och “Web & App Activity” och företagets behandling av den persondata som samlas in av dessa är förenliga med dataskyddsförordningen. Forbrukerrådet menar också att användare manipuleras, bl a med hjälp av “deceptive design practices”. Läs också om Forbrukerrådets tidigare rapport “Deceived by design” här.
Sex europeiska konsumentorganisationer, bland dem Sveriges Konsumenter, anmäler nu Google till olika tillsynsmyndigheter. Sveriges Konsumenter bedömer i likhet med Forbrukerrådet att de samtycken som lämnas inte kan betraktas som informerade och fria. Organsationen menar och att legitimt intresse inte kan åberopas som legal grund, detta med hänvisning till den “betydande och påträngande inverkan” spårningen har på individens fri- och rättigheter.
– Våra rörelsemönster avslöjar väldigt mycket om vilka vi är och hur vi väljer att leva våra liv. Det måste vara upp till var och en av oss att bestämma hur mycket av våra privatliv vi vill avslöja för andra. Google ger oss inte den möjligheten och vi anser därför att de bryter mot GDPR, säger Sinan Akdag (bilden), digital expert vid Sveriges Konsumenter och en av talarna vid årets Nordic Privacy Arena.
Google m fl om dataetik – från Nordic Privacy Arena 2017
Online advertising and privacy – från Nordic Privacy Arena 2018
Amerikanska företagsledare efterfrågar dataskyddsreform
Google förlorar mål om rätten att bli glömd
Debatt: Självreglering räcker inte
Generalsekreterare Forum för dataskydd
Dataskyddsombudet i praktiken – VT 2019
Vår succékurs DP Academy är tillbaka till våren, i två olika upplagor. Hittills närmare 150 deltagare, som antingen ska bli dataskyddsombud eller redan är det och vill utvecklas i rollen, genomgått kursen.
Utöver en ordinarie omgång som sträcker sig över sju kursdagar under hela våren, anordnar vi denna gång även en alumnidag. Läs mer och anmäl dig här.
Den ordinarie kursen pågår under mars – juni vid sju tillfällen i centrala Stockholm. Hela schemat, detaljerad information om varje kursdag samt anmälningsformulär finns här.
Följande tas upp under båda kurserna:
- dataskyddsombudets roll
- hur du bygger ett dataskyddsprogram
- HR- och marknadsrelaterade frågor
- dataskyddsarbetet i praktiken – PIA, biträdesavtal och incidenthantering
- för offentlig sektor: offentlighet och sekretess
Begränsat antal platser – boka så snart som möjligt för att säkra din plats.
Video: Harmonisation and supervision
Panel discussion from Nordic Privacy Arena 2018. With Magnus Sjögren, Bisnode, Eija Warma, Castrén & Snellman, Albine Vincent, CNIL, and Viljar Peep, The Estonian Ministry of Justice.
Video: Online advertising and privacy
Online advertising – What’s wrong and how do we fix it? Keynote from Nordic Privacy Arena 2018 by Raegan MacDonald, head of EU public policy at Mozilla.
The keynote was followed by a panel discussion with Anna Colaps, EDPS, Per Meyerdierks, Google, Annie Ståhl, Schibsted, and Daniel Westman, independent researcher and advisor:
Call for speakers – Nordic Privacy Arena 2019
Want to present at Nordic Privacy Arena 2019 (Stockholm, 23-24 September)?. Let us know by filling out the form below. Please provide name, organization, contact information and your suggested topic.
Click here for information about and photos from Nordic Privacy Arena 2018.
Nordic Privacy Arena – Day Two
Nordic Privacy Arena – Day One
Around 400 data protection experts gathered at Münchenbryggeriet in Stockholm on Monday morning. The Swedish Data Protection Forum would like to thank all of you – attendees, moderators and speakers, sponsors, and staff – for making this possible.
During the first day of the conference, we welcomed the following keynote speakers:
Sarah van Hecke, Legal Design Adviser, Houthoff
Anne Berner, Minister of Transport and Communications, Finland
Raegan MacDonald, Head of EU public policy, Mozilla
Robert Bond, Partner, Bristows
Monday also saw panel discussions on harmonisation, ad tech, consumer attitudes towards data processing, data transfers, regulation of online platforms and the job market for privacy professionals.
Selected speeches will be published shortly. Tomorrow, we’ll explore some of these themes more in-depth. We’ll also discuss health data in the insurance industry, breach reporting and loyalty schemes, among other things.
Survey: Salaries for Swedish data protection specialists
Earlier this year The Swedish Data Protection Forum and HR Commitment gathered statistics on salaries among Swedish data protection specialists. We also asked the 172 respondents about work-life balance, if they were satisfied with their salaries, if they were planning on changing jobs and if they had been contacted by recruiters in the past six months.
- 50% say they have been contacted by recruiters during the past six months
- Women earn 51 380 SEK on average, men 55 082 SEK
- About a third are dissatisfied with their salaries
- Demand for privacy professionals is increasing
- Almost half of the respondents working in the private sector state their employer plans on recruiting more privacy professionals the coming 12 months
172 privacy professionals answered the survey, which was carried out in the spring of 2018.
Han är årets middagstalare
Aral Balkan är designern, programmeraren och aktivisten bakom trackerblockeraren Better Blocker. Han tagit fram ett manifest för etisk design, grundat initiativet Indienet och missionerar bl a för minskad övervakning på nätet.
Balkan har tidigare talat vid konferenser som The Conference, Thinking Digital, The Next Web Conference, Future Fest och TED. På måndag talar han inför omkring 400 nordiska dataskyddsexperter vid Nordic Privacy Arena.
“Current privacy communication is not working”
Helena Haapio is an Associate Professor at University of Vaasa, where she teaches strategic business law. She wrote her dissertation on Next Generation Contracts and has contributed to Stanford’s Legal Design Lab‘s library of Privacy Design Patterns, which covers examples of visual and interactive mechanisms for making privacy policies understandable. She’s also a contract counsel – or contract innovator – at her own company Lexpert.
– I used to work as an in-house counsel and draft complex contracts – now I find myself simplifying them, says Haapio.
– Not just drafting, but also restructuring and designing: working as part of a lawyer-designer team transforming contracting processes and documents, requests for proposals, legal guidebooks, and such, converting these from text-heavy documents gathering dust in legal compliance binders to interactive business tools and toolboxes people actually use.
Helena Haapio will give a keynote speech on Legal Design and privacy communication at Nordic Privacy Arena 2018. She will also represent the Legal Design Alliance during the pitching round later in the afternoon, which also includes speakers from Facebook, PrivacyAnt, Claudette, Synch and Signatu.
What is Legal Design, and how is it relevant for privacy pros?
– Legal Design is an umbrella term for merging forward-looking legal thinking with design thinking. It puts the user in the center and applies human-centered design to prevent or solve legal problems, says Haapio.
– Let’s face it: whether we talk about privacy or other topics, the people who use legal information, documents, services, and policies are not being served well by their current design. Legal Design seeks to change this. So where privacy pros seek to provide better legal communications, systems, or solutions, they can find allies in the emerging field of Legal Design. In many areas of Legal Tech and privacy, the design choices made can have a huge impact on both the processes and systems as well as their outputs.
– There is a growing need for easy-to-use solutions, on the one hand, and for protecting the users, on the other. Legal designers can bring a new perspective by identifying and making different expectations and requirements visible early on, helping embed them from the beginning into the design specifications, building in navigation tools, affordances and signifiers, and asking questions such as: How can we make privacy communication work better? How can we visualize and simplify things? How can we secure successful implementation?
What are Legal Design patterns?
– Like engineers and architects, we lawyers, too, want to make something useful and usable for our clients. We looked at the work of engineers and architects for inspiration – and what do they do? They look for patterns. Software engineers as well as UI and UX designers collect patterns and create pattern libraries: common solutions to recurring problems.
– So we borrowed from them the idea of design patterns and started to create our own pattern library. Our very first was a collection of design patterns for contracts. We wanted not just to improve the content of contracts, but also their communication and presentation, with a focus on the needs of business users, successful business outcomes, and the avoidance of misunderstandings and disputes.
– Legal design patterns provide a way to learn from each other and other fields and to communicate complex legal information. They are not templates or strict recipes intended to be copy-pasted. Rather, they are adaptable structures that can be re-purposed and re-mixed to serve specific challenges. We expanded the idea from contracts to other domains, including privacy.
Can you give an example of legal design being put to good use in a data protection context?
– The UK startup Juro did a remarkable job creating a privacy notice that people actually read and understand. They used several legal design patterns to gain and retain the reader’s attention, communicate as clearly as possible, and avoid information overload.
– They also applied other design patterns, such as accordion, showing an overview first and details on demand, letting readers drill down later, if they want to. They used conversational language, framing headings as questions users may have, borrowing techniques from the FAQ genre. They used floating menus and visual design patterns, such as a timeline, to map out all the privacy-sensitive interactions between the user and Juro, making the whole process more tangible and transparent. So they used a number of well thought-out legal design solutions that we will hopefully see more of.
What will be the main focus of your keynote speech at Nordic Privacy Arena?
– From many contexts we know that current privacy communication is not working. Most privacy notices are written by lawyers for lawyers: way too long, overly legalistic, uninformative, and unhelpful. My keynote will be on Legal Design for better privacy communication. I will introduce some of the work we and others have done to make legal information work better and easier to prepare. I will share examples of how different design patterns, especially visual ones, can help people navigate and make sense of complex messages. The goal of visualization is not to generate visuals, however, it is to generate understanding.
– I will encourage the attendees to see their policies and terms through the users’ eyes, and, where needed, simplify content and how it is presented. I hope they will be convinced of the opportunities offered by simplification and visualization, explore resources in our design pattern libraries, start experimenting with new designs, and share new and improved design patterns with the community. If they find this the way to go, I will encourage them to join the recently launched Legal Design Alliance, LeDA: a network of lawyers, designers, technologists, academics, and other professionals who are committed to making the legal system more human-centered and effective, through the use of design.
Secretary-General, The Swedish Data Protection Forum