{"id":5261,"date":"2021-11-08T10:07:05","date_gmt":"2021-11-08T09:07:05","guid":{"rendered":"https:\/\/s8.tgin.eu\/?p=5261"},"modified":"2024-02-01T14:47:21","modified_gmt":"2024-02-01T13:47:21","slug":"weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus","status":"publish","type":"post","link":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/","title":{"rendered":"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d"},"content":{"rendered":"\n<h4 class=\"wp-block-heading\"><em>TechGDPR\u2019s review of international data-related stories from press and analytical reports.<\/em><\/h4>\n\n\n\n<h4 class=\"wp-block-heading\">Legal processes<\/h4>\n\n\n\n<p><a href=\"https:\/\/www.whitecase.com\/publications\/alert\/china-personal-information-protection-law-will-become-effective-soon\">China\u2019s Personal Information Protection Law, PIPL, came into effect on November 1.<\/a> It largely blends\u00a0the EU (GDPR) and California (CCPA) privacy rules for the handling of personal and sensitive information, including different legal bases, as well as general principles for data processors, including the conducting of regular audits, training and data management programs, as well as the appointment of personal data protection officers, and places restrictions on the cross-border transfer of personal information. The PIPL contains penalties for breach of its provisions, including fines of up to 6.7 mln euros or up to 5% of the preceding year&#8217;s business income, whichever is higher. Finally, foreign companies, (even with no presence in China), engaging in the processing of personal information of individuals in the country\u00a0 are required to establish a dedicated entity or appoint an agent or designated representative in China to be responsible for dealing in related matters. The name and contact details of such local agents or representatives will need to be provided to the relevant authority. Read more analysis by <a href=\"https:\/\/www.whitecase.com\/publications\/alert\/china-personal-information-protection-law-will-become-effective-soon\">WhiteCastle<\/a>.<\/p>\n\n\n\n<p>The <a href=\"https:\/\/hsfnotes.com\/data\/2021\/11\/02\/a-new-direction-for-the-uks-data-protection-regime-the-devil-is-in-the-detail\/\">UK government steps into the active phase of consultations on reform of the national data protection<\/a> regime, with the <a href=\"https:\/\/www.gov.uk\/government\/consultations\/data-a-new-direction\">deadline for organisations to respond expiring<\/a> on November 19. The proposed reforms aim to establish a \u201cpro-growth and innovation friendly\u201d data protection regime, shifting away from a \u201cone size fits all\u201d approach to compliance with data regulations. The consultation concentrates on 6 key areas:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Reducing barriers to responsible innovation by relaxing the rules around organisations\u2019 reliance on the legitimate interests, or automated decision making under Art. 22 of the GDPR.&nbsp;<\/li>\n\n\n\n<li>Reducing burdens on businesses by amending privacy management programmes, DPIAs, appointing DPOs and maintaining detailed records of processing which align with Article 30 of the GDPR, increasing the threshold for reportable data breaches, etc.<\/li>\n\n\n\n<li>Reworking rules in relation to cookies and direct marketing by allowing the use of analytics cookies and similar technologies without user\u2019s consent, or collecting information from a user\u2019s device without their consent for other limited purposes.<\/li>\n\n\n\n<li>Boosting trade and reducing barriers to data flows including the use of alternative transfer mechanisms and a \u201crisk-based\u201d approach to granting adequacy decisions to other jurisdictions.<\/li>\n\n\n\n<li>Allowing the processing of personal data for public health and emergency situations.<\/li>\n\n\n\n<li>Reforming the Information Commissioner\u2019s Office by refocusing its statutory commitments away from handling a high volume of low-level complaints.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>In Germany, The Federal Ministry of the Interior, Building and Community, the BMI, has evaluated the new Federal Data Protection Act, the BDSG, which came into force in 2018. Both public and private users, including the data protection supervisory authorities as well as leading business associations and other institutions, were interviewed. The new BDSG, a German equivalent of the GDPR,&nbsp; has proven to be appropriate, practical and with clear standards, despite various criticisms. In addition, the Federal Statistical Office carried out a cost re-measurement as part of the evaluation and found that the compliance effort of the BDSG for the economy has been reduced by about one million euros. The complete evaluation in German can be accessed <a href=\"https:\/\/www.bmi.bund.de\/SharedDocs\/evaluierung-von-gesetzen\/evaluierung-bdsg.html;jsessionid=0A47286CB9738F9B7B58983C18FE0F8F.1_cid373\">here<\/a>.&nbsp;<\/p>\n\n\n\n<p>The latest insight from EURACTIV, an independent pan-European media network specialized in EU affairs, oversees the <a href=\"https:\/\/www.euractiv.com\/section\/data-protection\/news\/leak-draft-impact-assessment-sheds-some-light-on-upcoming-data-act\/\">upcoming EU Data Act<\/a>. The aim is to make more data in the EU usable to support sustainable growth and innovation across all sectors (B2B and B2G). However, the independent quality-checks so far have led to rejection of the proposal for reportedly not providing sufficient information on the conditions for public bodies to access data,&nbsp; compensation for businesses and integration with other legislative measures.&nbsp; A data-sharing arrangement would be \u2018encouraged\u2019 via smart contracts and application programming interfaces. However, the text also refers to the introduction of \u2018essential\u2019 technical measures for interoperability, raising the question of whether these measures would be mandatory or not. Transparency obligations would force service providers to specify in the agreement what type of data is likely to be generated and how it can be accessed by customers, with SMEs exempted. Machine-generated data may be also excluded from the scope, making this type of data more accessible. The adoption of the Data Act is expected by the first quarter of 2022.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Official guidance<\/h4>\n\n\n\n<p>The US National Institute of Standards and Technology, NIST, explains the role of <a href=\"https:\/\/csrc.nist.gov\/projects\/pec\">privacy-enhancing cryptography, PEC, and Differential Privacy<\/a> techniques. In large, the PEC and the Differential Privacy paradigms can be composed to enable better privacy protection, namely in scenarios where sensitive data should remain confidential for each individual original source. Differential privacy adjusts the query result into a noisy approximation of the accurate answer, which PEC can compute without exfiltrating additional information to any party.\u00a0 For more practical guidance, such as secure multiparty computation, private set intersection, private information retrieval, zero-knowledge proofs, and fully-homomorphic encryption, followed by a case study related to private medical data research, see the <a href=\"https:\/\/www.nist.gov\/blogs\/cybersecurity-insights\/privacy-enhancing-cryptography-complement-differential-privacy\">full article<\/a>.<\/p>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\" style=\"grid-template-columns:36% auto\"><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" width=\"1024\" height=\"683\" src=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/hal-gatewood-tZc3vjPCk-Q-unsplash-1024x683.jpg\" alt=\"\" class=\"wp-image-5266 size-full\" srcset=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/hal-gatewood-tZc3vjPCk-Q-unsplash-1024x683.jpg 1024w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/hal-gatewood-tZc3vjPCk-Q-unsplash-300x200.jpg 300w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/hal-gatewood-tZc3vjPCk-Q-unsplash-768x512.jpg 768w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/hal-gatewood-tZc3vjPCk-Q-unsplash-1536x1024.jpg 1536w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/hal-gatewood-tZc3vjPCk-Q-unsplash-2048x1365.jpg 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<p><\/p>\n\n\n\n<p>The Luxembourg data protection authority, the CNPD, published a comprehensive update of the <a href=\"https:\/\/cnpd.public.lu\/fr\/actualites\/national\/2021\/10\/lignes-drectrices-cookies.html\">guidelines, (in French), on cookies and similar technologies<\/a>, such as\u00a0 \u201cfingerprinting\u201d, \u201cweb beacons \u201d, \u201cflash cookies\u201d, used for excessive tracking, profiling and targeting users and customers. The guidance clearly distinguishes essential and non-essential cookies, draws a line where there is an obligation on data controllers to obtain consent, explains the danger of using consent management platforms set up by third parties, and provides plenty of visual examples on what a \u201ccookie banner\u201d should and should not look like.<\/p>\n<\/div><\/div>\n\n\n\n<p>The Italian Data Protection Authority, Garante, provided <a href=\"http:\/\/blog.galalaw.com\/post\/102h9sl\/the-italian-data-protection-authority-provides-clarification-on-direct-marketing\">clarification on direct marketing through social media platforms.<\/a> A data subject complained of receiving a marketing communication sent by the company through LinkedIn. The communication offered real estate services for a specific property owned by the claimant. The company justified this practice on the following grounds: the claimant\u2019s LinkedIn profile was set to allow them to receive communication from any other LinkedIn user. Garante did not accept the company\u2019s arguments.&nbsp; LinkedIn specifically is a platform whose purpose is to connect users who share the same professional interests or who are seeking job opportunities, and not for sale of products and services. Garante also found the personal data acquired via the public real estate register was in breach of Art. 5 of the GDPR. The real estate register may be accessed only to verify ownership of a certain property, but not for direct marketing purposes. Garante did not sanction the company as it is a micro-enterprise whose business has been strongly impacted by the pandemic, but imposed a 5000 euro fine for failing to respond to its requests during the investigation.<\/p>\n\n\n\n<p>The Polish data protection authority, UODO, continued a series of blog posts, (in Polish), on creating a successful Code of Conduct. This time it pays attention to effective mechanisms for <a href=\"https:\/\/uodo.gov.pl\/pl\/138\/2203\">monitoring compliance with the provisions of the code<\/a> for private entities (Art.41 of the GDPR). First of all, the code of conduct must designate the entity that monitors compliance with this document by the organizations that accede to it. The monitor, in order to be accredited,\u00a0 must demonstrate its independence in relation to the code&#8217;s creator and have appropriate financial, human, organizational and technical resources. From this point, the monitoring entity would be responsible for all preliminary audits and regular checks, as well as for ad hoc audits in case of data breach complaints. Further steps include issuing comments, post-inspection recommendations and their\u00a0 implementation, imposing sanctions, suspension and exclusion, handling appeals, cooperating with the supervisory authority and authors of the code, participation in the code review mechanism, education and promotion of data protection principles, ongoing cooperation with members of the code, (e.g. in the event of a data breach notification), clarifying doubts and assistance in ensuring an adequate level of personal data protection.<\/p>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\" style=\"grid-template-columns:36% auto\"><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" width=\"1024\" height=\"683\" src=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/compare-fibre-Y8TiLvKnLeg-unsplash-1-1024x683.jpg\" alt=\"\" class=\"wp-image-5268 size-full\" srcset=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/compare-fibre-Y8TiLvKnLeg-unsplash-1-1024x683.jpg 1024w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/compare-fibre-Y8TiLvKnLeg-unsplash-1-300x200.jpg 300w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/compare-fibre-Y8TiLvKnLeg-unsplash-1-768x512.jpg 768w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/compare-fibre-Y8TiLvKnLeg-unsplash-1-1536x1024.jpg 1536w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/compare-fibre-Y8TiLvKnLeg-unsplash-1-2048x1365.jpg 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<p><\/p>\n\n\n\n<p>The Dutch data protection authority, the AP, has mapped out the <a href=\"https:\/\/autoriteitpersoonsgegevens.nl\/nl\/nieuws\/ap-waarschuwt-voor-privacyrisicos-het-onderwijs\">trends and risks for the protection of personal data in education<\/a>. <em>\u201cDue to the autonomous position of teachers and the &#8216;proliferation&#8217; of apps and software in education this makes it difficult for educational institutions to keep control over the data processing\u201d, <\/em>the AP states. The regulator<em> <\/em>identifies three key trends and risks: excessive monitoring of pupils and students and their learning performance; dependence on major suppliers and the growing exchange of data in partnerships. The recommendations of the AP focus on setting up the basics of privacy and management programs, such as keeping up-to-date records of processing activities and running self risk assessments and employee training. The AP has also called on ministers to table a package of measures to help institutions with the task.<\/p>\n<\/div><\/div>\n\n\n\n<h4 class=\"wp-block-heading\">Enforcement actions<\/h4>\n\n\n\n<p>The Romanian supervisory authority, the ANSPDCP, found IKEA Romania in violation of Art. 32 of the GDPR. The company organized a drawing contest in which the children of IKEA Family members participated. The participants uploaded to the online platform dedicated to the members their own drawings, together with participation forms which contained their personal data but also that of their parents\/legal guardians. In order to vote for the best drawing, the <a href=\"https:\/\/www.dataprotection.ro\/?page=Comunicat_Presa_01_11_2021_2&amp;lang=ro\">children&#8217;s drawings were mistakenly published on the online platform, together with the personal data<\/a> contained in the participation forms. The disclosed data included name, surname and age of minors, name, surname, city, country, e-mail, IKEA Family membership number and\u00a0 handwritten signatures. The exposure lasted for about 40 hours, affecting 114 individuals, so a minor fine of 1000 euros was issued.<\/p>\n\n\n\n<p>A British firm &#8211; <a href=\"https:\/\/www.bbc.com\/news\/technology-59063766\">Huq &#8211; which sells people&#8217;s location data has admitted that some of its information was gained without seeking permission from users<\/a>. Huq uses location data from apps on people&#8217;s phones, and sells it on to clients, which include dozens of English and Scottish city councils. The apps in question\u00a0 measured wi-fi strength and scanned barcodes. So a council could use the data they provided to estimate how many people visited a High Street within a given timeframe, for example. Huq claimed it was aware of two &#8220;technical breaches&#8221;, and had asked for code revisions and for the apps to be republished. Firms that collect location data from apps and then sell it on are under increased scrutiny in the EU. The Danish data protection authority is currently looking into whether there is &#8220;a legal basis&#8221; for the way Huq has processed personal data. Meanwhile, the UK&#8217;s Information Commissioner&#8217;s Office has issued a reprimand to another UK-based location data collection firm, Tamoco, for failing to provide sufficient user privacy information.<\/p>\n\n\n\n<p>The Danish data protection agency also received a data breach notification from a company, (Coop Danmark A\/S), concerning <a href=\"https:\/\/www.datatilsynet.dk\/presse-og-nyheder\">personal information that was located on the company&#8217;s shared drive without adequate access control<\/a>. The information concerned a total of 477 employees and external consultants. Coop discovered the breach while testing a new scanning tool. The regulator found that Coop had not complied with the requirement for necessary security measures. The company should have previously been aware that employees could have incorrectly placed personal data on the company&#8217;s shared drive. The company should have checked and cleaned up the company&#8217;s common drive and introduced relevant security measures at an earlier stage. However, Coop reported the security breach to the authority in a timely manner, as the notification took place within the time limit of 72 hours, so no fine was issued.\u00a0<\/p>\n\n\n\n<p>The French regulator, the CNIL, sanctioned the RATP &#8211; Paris\u2019s public transportation company,&nbsp; with a fine of 400,000 euros after noting that several bus centers had counted <a href=\"https:\/\/www.cnil.fr\/fr\/fichiers-devaluation-des-agents-sanction-de-400-000-euros-lencontre-de-la-ratp\">the number of days of strikes by workers in evaluation files which were used to prepare promotion offer<\/a>s. It also noted an excessive data retention period and data security breaches. The RATP had failed in its obligations, particularly because only data strictly necessary for the assessment agents should have been in the promotion files. The indication of the number of days of absence was sufficient here, without it being necessary to specify the reason for the absence linked to the exercise of the right to strike. The CNIL thus imposed a fine and decided to make its decision public.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Opinion<\/h4>\n\n\n\n<p><a href=\"https:\/\/hsfnotes.com\/ip\/2021\/11\/02\/challenges-of-processing-genetic-data-on-the-basis-that-it-has-been-anonymised\/#page=1\">Challenges with anonymising genetic data<\/a> are analysed in Herbert Smith Freehills blog series.<em> <\/em><\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>\u201cAs soon as one dataset is merged with another relating to the same set of data subjects, it becomes more likely that the information could be used to re-identify a data subject. For example, it was reported last year that the British National Health Service had sold medical records to pharmaceutical companies that could be used to re-identify \u201canonymised\u201d genetic information collected for diagnostic purposes.\u201d <\/em><\/p>\n<\/blockquote>\n\n\n\n<div class=\"wp-block-media-text is-stacked-on-mobile\" style=\"grid-template-columns:36% auto\"><figure class=\"wp-block-media-text__media\"><img decoding=\"async\" width=\"1024\" height=\"683\" src=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/national-cancer-institute-oCLuFi9GYNA-unsplash-1024x683.jpg\" alt=\"\" class=\"wp-image-5270 size-full\" srcset=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/national-cancer-institute-oCLuFi9GYNA-unsplash-1024x683.jpg 1024w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/national-cancer-institute-oCLuFi9GYNA-unsplash-300x200.jpg 300w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/national-cancer-institute-oCLuFi9GYNA-unsplash-768x512.jpg 768w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/national-cancer-institute-oCLuFi9GYNA-unsplash-1536x1024.jpg 1536w, https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/national-cancer-institute-oCLuFi9GYNA-unsplash-2048x1365.jpg 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure><div class=\"wp-block-media-text__content\">\n<p><\/p>\n\n\n\n<p>Advances in AI are also making it harder to anonymise data, because it is increasingly easy to match up various pieces of data and link them to one individual. And sometimes anonymisation just isn\u2019t desirable \u2013 the more identifiable information that is collated, the more valuable the dataset for research. As a result, an attempt to anonymise genetic data might even end up falling short, resulting in pseudonymisation only.\u00a0 Unlike anonymised data, pseudonymised data does fall within the GDPR, states the analysis.<\/p>\n<\/div><\/div>\n\n\n\n<h4 class=\"wp-block-heading\">Data security<\/h4>\n\n\n\n<p>Brian Krebs\u2019s cybersecurity blog shows how t<a href=\"https:\/\/krebsonsecurity.com\/\">he holiday shopping season is a perfect attack vector for phishers.<\/a> Krebs analyses a fairly elaborate SMS-based phishing scam that spoofs Fedex delivery in a bid to extract personal and financial information from unwary recipients. A phishing link usually implies that the recipient could reschedule delivery. Clicking \u201cSchedule new delivery\u201d brings up a page that requests your name, address, phone number and date of birth. Those who click \u201cNext Step\u201d are asked to add a payment card to cover the \u201credelivery fee.\u201d After clicking \u201cPay Now,\u201d the visitor is prompted to verify their identity by providing their Social Security number, driver\u2019s license number, email address and email password. So the main rule is to Avoid clicking on links or attachments that arrive unbidden in emails, text messages and other mediums, or visit the site or service in question manually. Also most phishing scams invoke a temporal element that warns of negative consequences should you fail to respond or act quickly.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Big Tech<\/h4>\n\n\n\n<p>The Federal Trade Commission has found that <a href=\"https:\/\/www.ftc.gov\/news-events\/press-releases\/2021\/10\/ftc-staff-report-finds-many-internet-service-providers-collect\">Internet Service Providers accounting for 98% of the US mobile market collect and share more data than their customers might be aware of<\/a>, and those same customers are ill-informed or even misdirected when trying to exercise choice about how their data is used. Sensitive data like race or sexual orientation was sometimes grouped , and&nbsp; real-time location was shared with third parties. The Staff Report notes the scope of such data collection is expanding, in line with similar trends in other industries, and so strengthens the argument for restricting data collection and use.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.forbes.com\/sites\/annakaplan\/2021\/11\/02\/facebook-shutting-down-facial-recognition-software\/?sh=67afd7656e90\">Meta&nbsp; informed us last week it is ending its use of facial recognition<\/a> on its platforms, shutting down a feature that has sparked privacy concerns and multiple lawsuits in the US. Facebook platform will delete face scans of over a billion people, and will no longer automatically recognize people\u2019s faces, meaning users who opted in to the service won\u2019t receive alerts when a photo or video of them may have been added to the social network. Tough if you are a blind user as the Automatic Alt-Text tool allowing the tagging of friends will be disabled. In AI VP Jerome Pesenti&#8217;s words <em>\u201cthe company would consider facial recognition technology for instances where people need to verify their identity or to prevent fraud and impersonation.\u201d<\/em><\/p>\n\n\n\n<p><a href=\"https:\/\/www.reuters.com\/world\/asia-pacific\/china-ministry-orders-38-apps-rectify-excessive-collection-personal-data-2021-11-03\/\">China&#8217;s regulatory crackdown continues <\/a>with 38 apps from a number of companies told to stop excessively gathering personal data immediately or face penalties. The companies include a news app and music streaming service owned by social media behemoth Tencent Corp. The order arrived days after China&#8217;s Personal Information Protection Law, PIPL, went into full effect. Meanwhile, internet company Yahoo has announced its withdrawal from the Chinese market in the latest retreat by foreign technology firms responding to Beijing\u2019s tightening control over the industry.&nbsp; However, analysts say Yahoo\u2019s withdrawal from China is largely symbolic as at least some of Yahoo\u2019s services, including its web portal, have already been blocked. China has also blocked other US internet services, such as Facebook, LinkedIn and Google. Mainland users who wish to access these websites use a virtual private network, VPN, to circumvent the block,<a href=\"https:\/\/www.theguardian.com\/technology\/2021\/nov\/02\/yahoo-withdraws-from-china-as-beijings-grip-on-tech-firms-tightens\"> the Guardian reports.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>TechGDPR\u2019s review of international data-related stories from press and analytical reports. Legal processes China\u2019s Personal Information Protection Law, PIPL, came into effect on November 1. It largely blends\u00a0the EU (GDPR) and California (CCPA) privacy rules for the handling of personal and sensitive information, including different legal bases, as well as general principles for data processors, [&hellip;]<\/p>\n","protected":false},"author":21,"featured_media":5262,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[94],"tags":[143,100,98,144,134,141,142],"class_list":["post-5261","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-protection-digest","tag-code-of-conduct","tag-cookies","tag-direct-marketing","tag-genetic-data","tag-online-identifiers","tag-pipl","tag-privacy-enhancing-cryptography"],"acf":[],"featured_image_urls":{"full":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-scaled.jpg",2560,1700,false],"thumbnail":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-150x150.jpg",150,150,true],"medium":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-300x199.jpg",300,199,true],"medium_large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-768x510.jpg",640,425,true],"large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-1024x680.jpg",640,425,true],"1536x1536":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-1536x1020.jpg",1536,1020,true],"2048x2048":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-2048x1360.jpg",2048,1360,true],"image-200-200":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-200x200.jpg",200,200,true]},"post_excerpt_stackable":"<p>TechGDPR\u2019s review of international data-related stories from press and analytical reports. Legal processes China\u2019s Personal Information Protection Law, PIPL, came into effect on November 1. It largely blends\u00a0the EU (GDPR) and California (CCPA) privacy rules for the handling of personal and sensitive information, including different legal bases, as well as general principles for data processors, including the conducting of regular audits, training and data management programs, as well as the appointment of personal data protection officers, and places restrictions on the cross-border transfer of personal information. The PIPL contains penalties for breach of its provisions, including fines of up to&hellip;<\/p>\n","category_list":"<a href=\"https:\/\/techgdpr.com\/blog\/category\/data-protection-digest\/\" rel=\"category tag\">Data Protection Digest<\/a>","author_info":{"name":"Olya Vasylyk","url":"https:\/\/techgdpr.com\/blog\/author\/olyav\/"},"comments_num":"0 comments","featured_image_urls_v2":{"full":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-scaled.jpg",2560,1700,false],"thumbnail":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-150x150.jpg",150,150,true],"medium":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-300x199.jpg",300,199,true],"medium_large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-768x510.jpg",640,425,true],"large":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-1024x680.jpg",640,425,true],"1536x1536":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-1536x1020.jpg",1536,1020,true],"2048x2048":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-2048x1360.jpg",2048,1360,true],"image-200-200":["https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-200x200.jpg",200,200,true]},"post_excerpt_stackable_v2":"<p>TechGDPR\u2019s review of international data-related stories from press and analytical reports. Legal processes China\u2019s Personal Information Protection Law, PIPL, came into effect on November 1. It largely blends\u00a0the EU (GDPR) and California (CCPA) privacy rules for the handling of personal and sensitive information, including different legal bases, as well as general principles for data processors, including the conducting of regular audits, training and data management programs, as well as the appointment of personal data protection officers, and places restrictions on the cross-border transfer of personal information. The PIPL contains penalties for breach of its provisions, including fines of up to&hellip;<\/p>\n","category_list_v2":"<a href=\"https:\/\/techgdpr.com\/blog\/category\/data-protection-digest\/\" rel=\"category tag\">Data Protection Digest<\/a>","author_info_v2":{"name":"Olya Vasylyk","url":"https:\/\/techgdpr.com\/blog\/author\/olyav\/"},"comments_num_v2":"0 comments","yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d - TechGDPR<\/title>\n<meta name=\"description\" content=\"TechGDPR&#039;s weekly review of the most important international privacy and data related stories from press and analytical reports\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d - TechGDPR\" \/>\n<meta property=\"og:description\" content=\"TechGDPR&#039;s weekly review of the most important international privacy and data related stories from press and analytical reports\" \/>\n<meta property=\"og:url\" content=\"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/\" \/>\n<meta property=\"og:site_name\" content=\"TechGDPR\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-08T09:07:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-01T13:47:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1700\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Olya Vasylyk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@techgdpr\" \/>\n<meta name=\"twitter:site\" content=\"@techgdpr\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Olya Vasylyk\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"13 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/\"},\"author\":{\"name\":\"Olya Vasylyk\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/person\\\/07e9c14fd01b25bd2c1907537e8547e8\"},\"headline\":\"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d\",\"datePublished\":\"2021-11-08T09:07:05+00:00\",\"dateModified\":\"2024-02-01T13:47:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/\"},\"wordCount\":2723,\"publisher\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/StockSnap_878B8CD47B-1-scaled.jpg\",\"keywords\":[\"Code of Conduct\",\"cookies\",\"direct marketing\",\"genetic data\",\"online identifiers\",\"PIPL\",\"privacy-enhancing cryptography\"],\"articleSection\":[\"Data Protection Digest\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/\",\"name\":\"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d - TechGDPR\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/StockSnap_878B8CD47B-1-scaled.jpg\",\"datePublished\":\"2021-11-08T09:07:05+00:00\",\"dateModified\":\"2024-02-01T13:47:21+00:00\",\"description\":\"TechGDPR's weekly review of the most important international privacy and data related stories from press and analytical reports\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/#primaryimage\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/StockSnap_878B8CD47B-1-scaled.jpg\",\"contentUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/11\\\/StockSnap_878B8CD47B-1-scaled.jpg\",\"width\":2560,\"height\":1700},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/techgdpr.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#website\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/\",\"name\":\"TechGDPR\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/techgdpr.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#organization\",\"name\":\"TechGDPR\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/staging.techgdpr.com\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/TGDPR_logo_500px.png\",\"contentUrl\":\"https:\\\/\\\/staging.techgdpr.com\\\/wp-content\\\/uploads\\\/2018\\\/04\\\/TGDPR_logo_500px.png\",\"width\":501,\"height\":334,\"caption\":\"TechGDPR\"},\"image\":{\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/techgdpr\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/techgdpr\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/#\\\/schema\\\/person\\\/07e9c14fd01b25bd2c1907537e8547e8\",\"name\":\"Olya Vasylyk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/readyIMG_3694-1-2-150x150.jpg\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/readyIMG_3694-1-2-150x150.jpg\",\"contentUrl\":\"https:\\\/\\\/techgdpr.com\\\/wp-content\\\/uploads\\\/2021\\\/10\\\/readyIMG_3694-1-2-150x150.jpg\",\"caption\":\"Olya Vasylyk\"},\"description\":\"Creator and editor of TechGDPR\u2019s weekly Digest. Postgraduate masters Diploma in Data Protection, Digital law and Management. Over a decade Olga previously was a broadcast journalist in Ukraine and France specializing in international affairs.\",\"url\":\"https:\\\/\\\/techgdpr.com\\\/blog\\\/author\\\/olyav\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d - TechGDPR","description":"TechGDPR's weekly review of the most important international privacy and data related stories from press and analytical reports","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/","og_locale":"en_US","og_type":"article","og_title":"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d - TechGDPR","og_description":"TechGDPR's weekly review of the most important international privacy and data related stories from press and analytical reports","og_url":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/","og_site_name":"TechGDPR","article_published_time":"2021-11-08T09:07:05+00:00","article_modified_time":"2024-02-01T13:47:21+00:00","og_image":[{"width":2560,"height":1700,"url":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-scaled.jpg","type":"image\/jpeg"}],"author":"Olya Vasylyk","twitter_card":"summary_large_image","twitter_creator":"@techgdpr","twitter_site":"@techgdpr","twitter_misc":{"Written by":"Olya Vasylyk","Est. reading time":"13 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/#article","isPartOf":{"@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/"},"author":{"name":"Olya Vasylyk","@id":"https:\/\/techgdpr.com\/#\/schema\/person\/07e9c14fd01b25bd2c1907537e8547e8"},"headline":"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d","datePublished":"2021-11-08T09:07:05+00:00","dateModified":"2024-02-01T13:47:21+00:00","mainEntityOfPage":{"@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/"},"wordCount":2723,"publisher":{"@id":"https:\/\/techgdpr.com\/#organization"},"image":{"@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/#primaryimage"},"thumbnailUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-scaled.jpg","keywords":["Code of Conduct","cookies","direct marketing","genetic data","online identifiers","PIPL","privacy-enhancing cryptography"],"articleSection":["Data Protection Digest"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/","url":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/","name":"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d - TechGDPR","isPartOf":{"@id":"https:\/\/techgdpr.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/#primaryimage"},"image":{"@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/#primaryimage"},"thumbnailUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-scaled.jpg","datePublished":"2021-11-08T09:07:05+00:00","dateModified":"2024-02-01T13:47:21+00:00","description":"TechGDPR's weekly review of the most important international privacy and data related stories from press and analytical reports","breadcrumb":{"@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/#primaryimage","url":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-scaled.jpg","contentUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/11\/StockSnap_878B8CD47B-1-scaled.jpg","width":2560,"height":1700},{"@type":"BreadcrumbList","@id":"https:\/\/techgdpr.com\/blog\/weekly-digest-november-1-november-7-2021-privacy-dp-and-compliance-news-in-focus\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/techgdpr.com\/"},{"@type":"ListItem","position":2,"name":"Weekly digest November 1 \u2013 7, 2021 \u201cPrivacy, DP, and Compliance news in focus\u201d"}]},{"@type":"WebSite","@id":"https:\/\/techgdpr.com\/#website","url":"https:\/\/techgdpr.com\/","name":"TechGDPR","description":"","publisher":{"@id":"https:\/\/techgdpr.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/techgdpr.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/techgdpr.com\/#organization","name":"TechGDPR","url":"https:\/\/techgdpr.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techgdpr.com\/#\/schema\/logo\/image\/","url":"https:\/\/staging.techgdpr.com\/wp-content\/uploads\/2018\/04\/TGDPR_logo_500px.png","contentUrl":"https:\/\/staging.techgdpr.com\/wp-content\/uploads\/2018\/04\/TGDPR_logo_500px.png","width":501,"height":334,"caption":"TechGDPR"},"image":{"@id":"https:\/\/techgdpr.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/techgdpr","https:\/\/www.linkedin.com\/company\/techgdpr"]},{"@type":"Person","@id":"https:\/\/techgdpr.com\/#\/schema\/person\/07e9c14fd01b25bd2c1907537e8547e8","name":"Olya Vasylyk","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/10\/readyIMG_3694-1-2-150x150.jpg","url":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/10\/readyIMG_3694-1-2-150x150.jpg","contentUrl":"https:\/\/techgdpr.com\/wp-content\/uploads\/2021\/10\/readyIMG_3694-1-2-150x150.jpg","caption":"Olya Vasylyk"},"description":"Creator and editor of TechGDPR\u2019s weekly Digest. Postgraduate masters Diploma in Data Protection, Digital law and Management. Over a decade Olga previously was a broadcast journalist in Ukraine and France specializing in international affairs.","url":"https:\/\/techgdpr.com\/blog\/author\/olyav\/"}]}},"_links":{"self":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts\/5261","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/users\/21"}],"replies":[{"embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/comments?post=5261"}],"version-history":[{"count":15,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts\/5261\/revisions"}],"predecessor-version":[{"id":7772,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/posts\/5261\/revisions\/7772"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/media\/5262"}],"wp:attachment":[{"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/media?parent=5261"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/categories?post=5261"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techgdpr.com\/wp-json\/wp\/v2\/tags?post=5261"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}