Long Beach Airport’s Post

Let’s talk about data minimization and consent. This screen is from a Bay Area resort room browsing flow. You can’t skip through it. It’s asking for your name and email “to help provide the best service.” I’ve made countless reservations elsewhere and had perfectly fine service. So what that means (insert Captain Obvious emoji here, if such a thing exists) is this screen is meant for nothing more than harvesting your data for promotions - presumably to nag me via email if I abandon my search before booking. Data minimization and consent are bedrock principles of data privacy oversight — and, in many regions, of legal enforcement. You don’t ask for data you don’t need to complete the action (browse for available hotel rooms to book); you don’t need my name or my email address at this point. *shakes fist at U.S. nonexistent privacy regulation*

✈️ Passengers Take Flight on Privacy! US DOT Reviews Airline Data Practices The future of air travel is passenger-centric. The US DOT's privacy review ensures airlines responsibly handle passengers' sensitive personal information. How can your business ensure responsible data practices? #dataprivacy #ProtectedDataAge #karlsgate

✈ 🚨 Data Privacy in the Spotlight: Don’t Fly Solo into the New Era of Regulatory Scrutiny 🚨 ✈        Transportation Secretary Pete Buttigieg has launched a privacy review targeting the top ten airlines, marking a significant shift in passenger data privacy management. 🔍 The DOT’s initiative aims to: • Evaluate airline data privacy policies and training to protect passengers' sensitive information. • Investigate potential unfair practices, like monetizing personal data without consent. • Develop stringent actions against privacy malpractices, including possible new regulations. This aligns with the Biden-Harris Administration’s strategy for stronger data privacy protections a more aggressive enforcement and comprehensive consumer privacy rights. 🛫 For airlines (Allegiant, Alaska, American, Delta, Frontier, Hawaiian, JetBlue, Southwest, Spirit, and United), this means: • A detailed review of data handling practices and data monetization ethics. • Scrutiny of privacy violation complaints. • Examination of privacy training for staff. In our view at EDGE, this review underscores a critical message: No industry, not even airlines previously relying on exemptions like those in the CCPA, is beyond the reach of privacy law enforcement. The federal government is ready to enforce privacy protections creatively and assertively. The message is clear: in the digital age, stringent data privacy is non-negotiable. Airlines and related industries must be proactive in revamping their privacy frameworks to align with this new regulatory reality! #EDGELegal #DataPrivacy #AirlineIndustry #DOTReview #ConsumerProtection #PrivacyCompliance #DigitalTransparency #EDGELegalConnect

Important developments in the area of data privacy management in the airline industry. #EDGELegal #DataPrivacy #AirlineIndustry #ConsumerProtection  #EDGELegalConnect

Thrilled to share some of my thoughts on recent judicial developments in Russia regarding data subject's consent on personal data dissemination (making personal data publicly available). Being a truly notorious feature of Russian legal system, this type of consent has always been a pain in the backside for data controllers and the favorite topic to discuss for the Russian privacy community. Well, the latest Supreme Court's ruling has shed some light on how and when this consent should actually be used as well as discouraged the Russian DPA (Roskomnadzor) from forcing data controllers to receive such consent. Long story short: there's no need for consent on personal data dissemination unless the data controller in question actually relies on subject's consent as a "basic" legal ground for data dissemination. Therefore, if the law requires to disclose some personal information, the data controller is to be exempted from obligation to receive any additional consents. It may seem obvious for the non-Russian privacy specialists but Rozkomnadzor has been adamant in the opposite inerpretation of the Federal law "On personal data". You can read more about the ruling here (in Russian only) - https://lnkd.in/emPVEJ6x.

From connected cars, to airlines, to the top 4 big tech companies, consumer data privacy (or lack thereof) is being investigated. Wouldn't it just be easier to get explicit consent to use transaction necessary data from the consumer, anonymize their sensitive data, and verify their identity as a "front door" to all of these companies? At 360ofme we strive to give the consumer control of consent, a verified identity and data minimization only needed for a transaction, as a means of fostering a trusted relationship with an enterprise. Delta Air LinesAlaska AirlinesAllegiantAmerican AirlinesFrontier AirlinesHawaiian AirlinesJetBlueSouthwest AirlinesSpirit AirlinesUnited Airlines wouldn't that be easier than going through endless investigations and litigation? U.S. Department of Transportation there are easy alternatives to ensure the safety of a passenger's personal data. See 360ofme as a means to ensure an ethical data exchange is fostered between an airline and their passengers. #dataprivacy #consumerdataprivacy #ethicaldatause https://lnkd.in/gS5_9Ung

Important data privacy update! #dataprivacynews #dataprivacy #dataprivacycompliance #edgelegalnews

“Airline passengers should have confidence that their personal information is not being shared improperly with third parties or mishandled by employees,” said U.S. Transportation Secretary Pete Buttigieg Key points: Investigation 🔹️ U.S. Secretary of Transportation Pete Buttigieg announced the Department of Transportation (DOT), together with Sen Ron Wyden, will undertake a privacy review of the nation’s ten largest airlines regarding their collection, handling, maintenance, and use of passengers’ personal information. 🔹️ The review will examine airlines’ policies and procedures to determine if airlines are properly safeguarding their customers’ personal information. 🔹️ DOT will also probe whether airlines are unfairly or deceptively monetizing or sharing that data with third parties. 🔹️ DOT has stated that mishandling consumers’ private information may be considered an unfair or deceptive practice by airlines 🔹️ The privacy review is the first of what will be periodic reviews of airline privacy practices by the Department 🔹️ As part of the privacy review, DOT sent a letter to the airlines requesting information re their policies and procedures on data privacy, any complaints filed and their privacy training. Authority (https://lnkd.in/epQ6QKGu) 🔹️DOT has the authority to investigate complaints and take enforcement action against airlines and ticket agents that engage in unfair or deceptive practices involving passenger information – and impose civil penalties where appropriate. 🔹️DOT also enforces airlines' compliance with COPPA Pic by katemagostar on Freepik #dataprivacy #dataprotection #privacyFOMO https://lnkd.in/ev-h3TfU

The Turkish Constitutional Court's decision published on 15 December in the M.I.I. case presents a crucial lesson for businesses and legal professionals. A fine of 1.45 million TL was imposed on a hotel-operating holding company for failing to secure personal data, leading to a massive data breach. This ruling underscores the delicate balance between ensuring data security and respecting the right to property in the case of the imposition of an administrative penalty. The Court also referred to the general conditions of imposing administrative fines (Article 83) under the GDPR as a reference point. Key takeaways: Data Controllers: Measures should be appropriate. Implement comprehensive, yet proportionate, security measures. Supervisory Authority: Your power to impose penalties carries great responsibility. Ensure that actions serve the public interest and that sanctions are justifiable and proportional. Courts: Procedural fairness is paramount in respecting property right. Rigorously assess and address all significant claims, balancing the public interest against individual rights. https://lnkd.in/e38EdviP

🥳🙌Yesterday was a pivotal! ⏪Flashback! Remember when the Payment Service Directive (PSD) was first introduced in 2007 and financial institutions were not sure if and how big its impact is going to be? Looking back, it was a pivotal moment for financial services, lead by regulation, but only a few understood it. 🐈Deja-vú! eIDAS 2.0 was voted yesterday and the European Parliament endorsed the creation of an EU-wide digital wallet! A groundbreaking initiative set to redefine how EU citizens access and interact with both #public and #private services digitally. This is going to change the way we operate as an economy. 👉3 Key Highlights: ✅EU Digital Wallet: Offers a secure method for citizens to authenticate online, access services, and e-sign documents without relying on commercial entities. This addresses major trust, security, and privacy concerns. ✅Voluntary & Inclusive: Emphasizing user choice, the wallet is voluntary, with measures to ensure non-discrimination and inclusivity for all EU citizens. ✅Privacy & Control: A privacy dashboard empowers users with complete control over their data, aligning with GDPR standards for data deletion and privacy. Stay tuned for updates! #digital #identity #eID #trust #QES #eSignatures