protection

Data Protection has imposed a fine

by

In recent years, many large clubs have tried to modernize their relationship with members through digital tools. FC Barcelona took a further step by promoting a system that allowed it to verify the identity of its members using biometric data, such as voice or facial image, within its census update process. The initiative sought to strengthen identification and reduce possible impersonations. However, this project has ended up generating a regulatory conflict that has resulted in a fine of 500,000 euros imposed by the Spanish Data Protection Agency (AEPD). The file. The AEPD does not generically question the use of biometric tools, but rather a prerequisite that the regulator considers essential. According to El ConfidencialFC Barcelona did not carry out an impact assessment on data protection in accordance with what is established article 35 of the General Data Protection Regulation (GDPR). This type of analysis must be carried out before implementing treatments that may pose a high risk to the rights and freedoms of the affected people. Partner Digital Profile. In this process, the system processed certain biometric traits with the objective of authenticating each person within the club’s digital ecosystem. The documentation analyzed by the AEPD indicates that the mechanism allowed “biometric vectors to be generated from the member’s image and their voice for authentication.” These vectors were used as a reference to validate the identity of the member in different procedures linked to the club. Campaign organized in several phases. The verification phase began on March 21, 2023 using digital identification tools. In this way, partners could complete the update process both remotely and in person. The system also included an alternative route for those who did not want to use biometrics, who could continue to identify themselves through traditional mechanisms. The scale factor. One of the elements that the regulator took into account was the number of people affected by the system. The FC Barcelona census has around 143,000 members, which places the project in a particularly sensitive dimension from the point of view of data protection. This volume, in the opinion of the AEPD, raised the level of potential risk for the rights and freedoms of those affected. Prior evaluation process. The GDPR requires a data protection impact assessment to be carried out when processing may pose a high risk to people’s rights and freedoms. During the investigation, the aforementioned media reports, FC Barcelona presented reports on the biometric systems used in the project. The AEPD concluded that these documents could not be considered a complete impact assessment in the terms required by article 35 of the Regulation. Avoiding a violation. Article 9 of the GDPR regulates, among other aspects, the processing of biometric data when it is used to uniquely identify a person, within the so-called special categories of data. According to the resolution, the AEPD finally decided to archive this possible infringement as the necessary elements to apply that provision were not proven. The answer. FC Barcelona has decided to appeal the sanction imposed by the AEPD and defends its actions in the process of updating the census. Barça’s legal services also highlight that the sanction initially proposed was much greater than the one finally set by the regulator. In the club’s words, a penalty of almost 6 million euros was proposed, but they managed to reduce it to 500,000 euros. Images | Fikri Rasyid In Xataka | OpenAI promised them very happy as the army’s new AI. Until thousands of users started uninstalling ChatGPT

What does the Spanish data protection agency allow and how to do it

by

Let’s explain How and when can you record spam calls to report To those who are sending them. In 2023 we received The antispam law hoping that these calls stop, although today We continue to receive commercial calls. But the law serves, and there are companies that They are already being finedso now it does not correspond to us to know how we can fight them. The thing is that the Spanish Agency for Data Protection allows you to record spam calls to report themand we are going to tell you what the procedure is. Record spam call The first thing you have to do is be able to record the call. Unfortunately, most mobiles They no longer allow you to record callshence You will have to resort to more rudimentary methods How to use an audio recorder on another mobile or on a computer. You will have to receive the call and put it on the hands free to hear high. This way, You can record the sound with another device While you receive the call. You can also use Apps to record callsalthough careful because you will be giving access to all your calls. It is not the most recommended solution. Finally, you should know that not all calls are prohibited. When you hire a product it is possible that Among the terms and conditions you accept is to receive calls commercial, so having your explicit permission a company that you have hired for something can call you. For example, imagine that you register in an app of a gasoline brand, because it is possible that this company calls you to offer you other products. Now denounces the call Once you have the recording, you can proceed Entering the corresponding section of the Spanish Agency for Data Protection to denounce these calls. The address is SEDEAEPD.GOB.ES/SEDE-ELECTRONICA-WEB/VISTAS/FORMNUEVARECLAMACION/NUEVARECLAMACION.JSF. Once inside, You are going to ask for certain data that you must contribute to make the complaint. These are: Identification of the entity promoted in each call: You will have to say the company, brand or product made by the commercial call. You will also have to contribute a photo or screen capture where the number is seen from which they call you and the date and time they do. Telephone Line Number Specification: You will have to specify what the phone number they have called. Come on, you will have to say your phone number, and provide an invoice or contract to demonstrate that you are the titular person. If you are not a holder, you will need a signed statement of whoever. Rational indications of the existence of the infraction: You will have to demonstrate that this infraction has existed. Come on, what You can send a copy of the call recording where they try that they have done it. Be registered in exclusion services: If the call is prior to June 30, 2023, you will have to prove that your number was registered from at least 2 months before the call to an advertising exclusion service, such as the Robinson list. Finally, you should know that You can only make the complaint If the call has been made after June 30, 2023, which is when the last law entered into force. If the call is previous, you will have to prove that you had been in advertising exclusion services such as the Robinson list. When you start the process on the web, you will have to choose whether you want to make the complaint or on paper or through the Internet. If you go by the electronic method, You will have to identify yourself as a citizen using the Cl@see permanent, Cl@ve pin, DNIE, Digital certificate or the equivalent of another EU country. Now, you just have to fill out the form of the website. In it, you have to start with your personal data, the data of the claimed company, an explanation of the facts that have happened, and the page where the recording is attached. If you don’t know the company you have called you, you can put it as A stranger. After completing the form you will need to sign it with the program of Autofirms. In Xataka Basics | Tips to stop receiving junk emails and finishing your email account spam

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.