Mateusz Kupiec
@mkupiec.bsky.social
🤖Insights on GDPR and AI Act| Privacy Nerd and Academic | ⚖️Lawyer
💡LinkedIn: https://www.linkedin.com/in/mateusz-kupiec-fip-cipp-e-cipm-289700121?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app
💡LinkedIn: https://www.linkedin.com/in/mateusz-kupiec-fip-cipp-e-cipm-289700121?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_app
⚖️🔍 Classrooms are going digital — but also into the realm of #surveillance. My new chapter explores why the #AIAct bans schools from using #AI to infer students’ emotions.
The ban reflects a simple truth: students should never be reduced to machine signals.
#edtech #privacy
The ban reflects a simple truth: students should never be reduced to machine signals.
#edtech #privacy
September 20, 2025 at 9:04 PM
⚖️🔍 Classrooms are going digital — but also into the realm of #surveillance. My new chapter explores why the #AIAct bans schools from using #AI to infer students’ emotions.
The ban reflects a simple truth: students should never be reduced to machine signals.
#edtech #privacy
The ban reflects a simple truth: students should never be reduced to machine signals.
#edtech #privacy
Polish Supreme Administrative Court: Publishing personal data on public social media isn’t “personal activity” under #GDPR. Lower’s court ruling upheld, the DPA’s view rejected. Public disclosures, even by private individuals, fall under GDPR.
December 5, 2024 at 7:48 AM
Polish Supreme Administrative Court: Publishing personal data on public social media isn’t “personal activity” under #GDPR. Lower’s court ruling upheld, the DPA’s view rejected. Public disclosures, even by private individuals, fall under GDPR.
Reposted by Mateusz Kupiec
Hot off the press! Three GPAI
reports of the Algorithmic Transparency in the Public Sector project that Alison Gillwald and I co-led.
🧵with links of reports:
1️⃣ A state-of-the-art report of algorithmic transparency instruments.
wp.oecd.ai/app/uploads/...
reports of the Algorithmic Transparency in the Public Sector project that Alison Gillwald and I co-led.
🧵with links of reports:
1️⃣ A state-of-the-art report of algorithmic transparency instruments.
wp.oecd.ai/app/uploads/...
December 4, 2024 at 3:37 PM
Hot off the press! Three GPAI
reports of the Algorithmic Transparency in the Public Sector project that Alison Gillwald and I co-led.
🧵with links of reports:
1️⃣ A state-of-the-art report of algorithmic transparency instruments.
wp.oecd.ai/app/uploads/...
reports of the Algorithmic Transparency in the Public Sector project that Alison Gillwald and I co-led.
🧵with links of reports:
1️⃣ A state-of-the-art report of algorithmic transparency instruments.
wp.oecd.ai/app/uploads/...
Can Journalistic Freedom Justify Exposing Children’s Private Lives? The Norwegian DPA says No. Familiekanalen must anonymize videos revealing sensitive info about kids, balancing freedom of speech with GDPR rules protecting vulnerable individuals. Privacy matters, even online.
December 3, 2024 at 10:09 PM
Can Journalistic Freedom Justify Exposing Children’s Private Lives? The Norwegian DPA says No. Familiekanalen must anonymize videos revealing sensitive info about kids, balancing freedom of speech with GDPR rules protecting vulnerable individuals. Privacy matters, even online.
📍 A Düsseldorf court ruled that #GDPR #enforcement needs a clear culprit. A complaint about leaked legal files was dismissed since no responsible party could be identified.The court clarified: authorities handle their own data breaches; higher bodies aren’t automatically liable controllers
December 2, 2024 at 3:17 PM
📍 A Düsseldorf court ruled that #GDPR #enforcement needs a clear culprit. A complaint about leaked legal files was dismissed since no responsible party could be identified.The court clarified: authorities handle their own data breaches; higher bodies aren’t automatically liable controllers
📍The CJEU ruled that GDPR’s Article 14(5)(c) exception applies to data not collected directly from individuals, including data generated by authorities. The DPAs must ensure laws protect rights but don’t review security under Article 32. #Transparency remains key! #GDPR #privacy
November 29, 2024 at 12:00 AM
📍The CJEU ruled that GDPR’s Article 14(5)(c) exception applies to data not collected directly from individuals, including data generated by authorities. The DPAs must ensure laws protect rights but don’t review security under Article 32. #Transparency remains key! #GDPR #privacy
💡 Spain’s new law brings #transparency to #AI in legal services. Individuals now have the right to know how AI systems influence decisions in legal processes, ensuring fairness and #accountability. A bold step toward protecting rights in the #digital age!
November 27, 2024 at 8:08 PM
💡 Spain’s new law brings #transparency to #AI in legal services. Individuals now have the right to know how AI systems influence decisions in legal processes, ensuring fairness and #accountability. A bold step toward protecting rights in the #digital age!
⚖️💡The Austrian BVwG ruled that #profiling results, like assigning political preferences for targeted #ads, can fall under Article 9 #GDPR if they indirectly reveal sensitive data (e.g., worldview). Even probabilistic or aggregated info carries discrimination risks and is protected. #Privacy
November 26, 2024 at 11:43 PM
⚖️💡The Austrian BVwG ruled that #profiling results, like assigning political preferences for targeted #ads, can fall under Article 9 #GDPR if they indirectly reveal sensitive data (e.g., worldview). Even probabilistic or aggregated info carries discrimination risks and is protected. #Privacy
💡🤖 French DPA: #AI cameras in freight vehicles can boost road safety by detecting fatigue/distractions but must avoid constant #surveillance. Employers can rely on legitimate interest, not consent. Data use must be limited, with DPIAs required to mitigate privacy risks. #GDPR #Privacy
November 26, 2024 at 4:41 PM
💡🤖 French DPA: #AI cameras in freight vehicles can boost road safety by detecting fatigue/distractions but must avoid constant #surveillance. Employers can rely on legitimate interest, not consent. Data use must be limited, with DPIAs required to mitigate privacy risks. #GDPR #Privacy
🔒📱 The Bundesgerichtshof ruled that losing control over personal data, even briefly, can qualify for #GDPR damages. In a #Facebook scraping case, it suggested €100 for basic harm but left room for more if distress is proven. A key step for privacy rights and corporate accountability. #privacy
November 23, 2024 at 8:53 AM
The OH Digitale Dienste 📜 explains how cookies 🍪 & tracking tech must respect your privacy 🔒. Consent is key—clear, fair, and easy to revoke. No shady tricks allowed! Transparency rules ✨. Your device, your data, your choice 💻.
November 22, 2024 at 1:54 PM
The OH Digitale Dienste 📜 explains how cookies 🍪 & tracking tech must respect your privacy 🔒. Consent is key—clear, fair, and easy to revoke. No shady tricks allowed! Transparency rules ✨. Your device, your data, your choice 💻.
🚨⚖️ Is GDPR’s “household exemption” a loophole for #surveillance? 🇦🇹 The Austrian court ruled a mom tracking her kid’s location w/ “Pingo!” isn’t covered by GDPR—it’s “family business.” Valid? Maybe. But does this open the door for unchecked surveillance? #privacy #GDPR
November 20, 2024 at 8:01 AM
🚨⚖️ Is GDPR’s “household exemption” a loophole for #surveillance? 🇦🇹 The Austrian court ruled a mom tracking her kid’s location w/ “Pingo!” isn’t covered by GDPR—it’s “family business.” Valid? Maybe. But does this open the door for unchecked surveillance? #privacy #GDPR
I may be a data privacy lawyer and scholar but I feel the same 🫣
I don’t need to go on social media to have my worldview challenged I am in theoretical physics I have a new existential crisis daily
November 19, 2024 at 3:51 PM
I may be a data privacy lawyer and scholar but I feel the same 🫣
🇭🇺Hungarian DPA fined Aldi Hungary €204K for #GDPR breaches, citing lack of transparency, unlawful recording of birthdates, inadequate privacy protections, and inconsistent age checks. Ordered to revise practices, ensure privacy, and display GDPR-compliant notices.
November 19, 2024 at 1:45 PM
🇭🇺Hungarian DPA fined Aldi Hungary €204K for #GDPR breaches, citing lack of transparency, unlawful recording of birthdates, inadequate privacy protections, and inconsistent age checks. Ordered to revise practices, ensure privacy, and display GDPR-compliant notices.
🚨 My article in the European Judicial Review analyses the CJEU ruling in case C-634/21 on automated decision-making under Art. 22 #GDPR. The judgment impacts credit scoring and AI supported decision-making. Read on LEX (Wolters Kluwer). Let’s discuss! #privacy #AI #dataprotection
November 19, 2024 at 10:03 AM
🚨 My article in the European Judicial Review analyses the CJEU ruling in case C-634/21 on automated decision-making under Art. 22 #GDPR. The judgment impacts credit scoring and AI supported decision-making. Read on LEX (Wolters Kluwer). Let’s discuss! #privacy #AI #dataprotection
Reposted by Mateusz Kupiec
Normalizing Trump is a bad idea.
Period.
Period.
November 18, 2024 at 2:39 PM
Normalizing Trump is a bad idea.
Period.
Period.
Reposted by Mateusz Kupiec
🦋 My article "Femtech and Data Protection" has recently been published in the ABI Expert magazine (3/2024)! #Femtech brings significant benefits to women, but it also processes sensitive personal data. From AI to health tracking, it raises serious questions about #privacy and user awareness.
November 18, 2024 at 7:02 PM
⚖️🚗 How does #GDPR apply to automated license plate recognition in parking lots? LfDI MV says it’s permissible under strict conditions: process only the plate number, inform users before they enter, and delete data after exit. Balancing security and privacy! #Privacy #DataProtection
November 18, 2024 at 8:32 PM
⚖️🚗 How does #GDPR apply to automated license plate recognition in parking lots? LfDI MV says it’s permissible under strict conditions: process only the plate number, inform users before they enter, and delete data after exit. Balancing security and privacy! #Privacy #DataProtection
Reposted by Mateusz Kupiec
Reposty mile widziane bo próbuję zrobić listę kont, które zajmują się analizą dezinformacji i fact-checkingiem w Polsce.
Kogo brakuje - palec pod budkę. Wiem, że dopiero część osób zaczęła się przenosić więc mogłem ominąć/nie znaleźć w gąszczu kont.
go.bsky.app/GmDJe4j
Kogo brakuje - palec pod budkę. Wiem, że dopiero część osób zaczęła się przenosić więc mogłem ominąć/nie znaleźć w gąszczu kont.
go.bsky.app/GmDJe4j
November 18, 2024 at 10:51 AM
Reposty mile widziane bo próbuję zrobić listę kont, które zajmują się analizą dezinformacji i fact-checkingiem w Polsce.
Kogo brakuje - palec pod budkę. Wiem, że dopiero część osób zaczęła się przenosić więc mogłem ominąć/nie znaleźć w gąszczu kont.
go.bsky.app/GmDJe4j
Kogo brakuje - palec pod budkę. Wiem, że dopiero część osób zaczęła się przenosić więc mogłem ominąć/nie znaleźć w gąszczu kont.
go.bsky.app/GmDJe4j
‼️ German Federal Court of Justice: Loss of control over personal data can constitute non-material damage under Art. 82 #GDPR, even without misuse or tangible harm. Interest in future damages confirmed. Appeals court to review data minimization and consent.
#privacy #scraping
#privacy #scraping
November 18, 2024 at 3:15 PM
📞 Can you use a CEO’s work number for #marketing under #GDPR?
Warsaw court says yes! A business number tied to a company isn’t personal data. GDPR protects individuals, not legal entities. Polish DPA’s reprimand overturned.
#privacy #law #dataprotection #law
Warsaw court says yes! A business number tied to a company isn’t personal data. GDPR protects individuals, not legal entities. Polish DPA’s reprimand overturned.
#privacy #law #dataprotection #law
November 18, 2024 at 7:50 AM
📞 Can you use a CEO’s work number for #marketing under #GDPR?
Warsaw court says yes! A business number tied to a company isn’t personal data. GDPR protects individuals, not legal entities. Polish DPA’s reprimand overturned.
#privacy #law #dataprotection #law
Warsaw court says yes! A business number tied to a company isn’t personal data. GDPR protects individuals, not legal entities. Polish DPA’s reprimand overturned.
#privacy #law #dataprotection #law
