The GSMA, the organizers behind Barcelona’s annual Mobile World Congress (MWC), have been fined €200,000 for not carrying out a data protection impact assessment (DPIA)

Per TechCrunch, the decision (PDF) delivered in Spanish by the Agencia Española de Protección de Datos (AEPD)  found that the GSMA fell short when failing to account for biometric data collected from attendees, partially as a result of BREEZZ – an optional, automated identity verification system permitting entry to the event.

The GSMA’s assessment was found, per the decision, to be “merely nominal”, neglecting to account for “substantive aspects” of its data processing methods, nor the risks of, or need for, the BREEZZ system.

The GDPR and MWC’s DPIA

The EU’s General Data Protection Regulation (GDPR) requires that a robust DPIA be carried out when data collection may pose a “high risk” to the right to privacy of those affected Biometric facial recognition technology falls into this category in this case because said data was used to identify MWC attendees.

The AEPD also ruled that the GSMA collected passports and EU identity documentation from attendees, and required them to consent to biometric data collection as part of the upload process. 

The GDPR clearly states that consent must be specific, and given freely, but, as discovered by digital wellness advocate Dr Anastasia Dedyukhina,  this clearly wasn’t an option.

“I could not find a reasonable justification for it,” she wrote in a LinkedIn post, “their website suggested that I could also bring my ID/passport for in-person verification, which I didn’t mind.”

“However, the organizers insisted that unless I upload my passport details, I COULD NOT attend the live event and would need to join virtually, which I ended up doing.”

The GSMA continued these practices for the 2022 and 2023 events, but, in light of the AEPD’s ruling, things will likely have to change – almost certainly for the better.

In a statement, the GSMA said it, “takes data protection extremely seriously and has a robust compliance programme in place to address its data protection obligations. The GSMA continuingly reviews and updates its approach to data protection, employing innovative technology to deliver a safe attendee experience.”

Go to Source

Follow us on FacebookTwitter and InstagramWe are growing. Join our 6,000+ followers and us.

At TechRookies.com will strive to help turn Tech Rookies into Pros!

Want more articles click Here!

Deals on Homepage!

M1 Finance is a highly recommended brokerage start investing today here!

WeBull. LIMITED TIME OFFER: Get 3 free stocks valued up to $6300 by opening & funding a #Webull brokerage account! “>Get started >Thanks for visiting!

Subscribe to our newsletters. Here! On the homepage

Tech Rookies Music Here!

Disclaimer: I get commissions for purchases made through links in this post at no charge to you and thanks for supporting Tech Rookies.

Disclosure: Links contain affiliates. When you buy through one of our links we will receive a commission. This is at no cost to you. Thank you for supporting Teachrookies.com

Disclaimer: This article is for information purposes and should not be considered professional investment advice. It contains some forward-looking statements that should not be taken as indicators of future performance. Every investor has a different risk profile and goals. All investments have risks. Always do your own research or hire an expert before investing and trading.