Members of the Irish Council for Civil Liberties penned a letter to the CEO of Tesco, a U.K. grocery chain, claiming its new practice of barring customers who have not enrolled in its loyalty program is illegal under the U.K. General Data Protection Regulation. Copies of the letter were issued to European Data Protection Board Chairwoman Andrea Jelinek and U.K. Information Commissioner John Edwards, as well as Tesco Chairman John Allan. The letter claims Tesco’s loyalty program “entails extensive data collection and processing” and “infringes the principle of data minimisation set out in Article 5(C) of the UK GDPR.”
27 Oct. 2022
Irish Council for Civil Liberties claims EU grocery chain's loyalty program violates UK GDPR
RELATED STORIES
German court decision signals move toward risk-based approach to data transfers
China issues the Regulations on Network Data Security Management: What's important to know
NoSQL vulnerabilities: What privacy pros need to know
FTC adds right to delete to cybersecurity settlement
Notes from the IAPP Canada: Privacy law teaching, training and turkey