LinkedIn Ireland has been fined 310 million euros by the Irish Data Protection Commission (DPC) for breaching several key provisions of the GDPR. The DPC issued this fine following a two-year investigation, which began in 2021. In particular, the investigation focused on LinkedIn’s processing of personal data for the purposes of behavioural analytics and targeted […]
Carolin Cornely
Posts by Carolin Cornely:
AI Innovation at Risk? A Showdown Between Privacy Laws and Tech Giants
AI is transforming the world at an unprecedented speed, and yet, a growing regulatory storm seems ready to slow it down. Recently, LinkedIn was forced to halt its AI-powered data processing in the UK after concerns raised by the ICO (Information Commissioner’s Office). But could this be just the tip of the iceberg for a […]
Switzerland adopts revised data protection law
The protection of personal data is becoming more and more relevant. This is a result of the rapid advancement of communication and sales channels as well as the increasing capacities of companies to collect personal data. The Swiss Parliament seemingly acknowledged this too when it recently announced that it adopted the revised version of the […]
Are portable body temperature cameras GDPR compliant?
According to the French Conseil d’Etat: No! In order to combat Covid-19, the French municipality of Lisses installed one fixed thermal camera in a municipal building that was able to report excessive body temperatures. Additionally, several portable thermal cameras were entrusted to municipal officials who at the entrance of schools could measure excessive temperatures of […]
The CJEU rules in favour of Schrems and invalidates Privacy Shield Decision
In a landmark ruling (‘Data Protection Commissioner v Facebook Ireland and Maximilian Schrems’)[1], the CJEU invalidated the Privacy Shield Decision[2], whereby the Commission had determined that the United States ensured an adequate level of protection for personal data transferred from the Union to organisations in the US. Many organisations involved in transborder data transactions will […]
Right to deletion? Dutch Court: Not if overriding interests exist!
Dutch Arnhem-Leeuwarden Court of Appeal (hereinafter “Court”) seems to give insides on what accounts to an overriding interest according to Art. 21 para. 1 GDPR, when considering the right to deletion according to Art. 17 para. 1 lit. c GDPR (see here). Facts The data subject who works as an accountant had provided false information […]
Belgian DPA issues €50.000 fine on an Organisation for non-compliance with GDPR DPO appointment procedure
The Organisation (defendant) designated their Head of Compliance, Risk and Audit as their Data Protection Officer (DPO). The DPA ruled that in doing so, the Organisation violated art. 38(6) GDPR which requires that any tasks of the data protection officer do not result in a conflict of interest. According to the defendant, no conflict of […]
Dutch Data Protection Authority publishes Decision Aid for Video calling Apps
As a result of the ongoing corona crisis, a lot of companies, as well as private individuals, have increasingly been making use of video calling applications. The Dutch Data Protection Authority (AP) received many questions on how privacy-compliant these apps are and have analysed the 13 most commonly used apps, in particular, their privacy aspects. […]
Should we copy the South Korean model of fighting Covid-19?
Covid-19 is spreading rapidly across Europe right now with rising case counts and deaths, especially in Spain and Italy. As a result, many countries have enforced lockdowns and closed their borders to mitigate a further spreading of the virus. Inevitably, these measures are prone to detrimentally affect the economy and our mental health. The Regional […]
Fine imposed on Royal Dutch Lawn Tennis Association for non-compliance with GDPR
Following a two-year long investigation, the Dutch Data Protection Authority (AP) has issued a fine of 525.000€ on the Royal Dutch Lawn Tennis Association (KNLTB) for selling personal data of its members to third parties. Which data was sold? KNLTB sold personal data of a few hundred thousand of its members to two sponsors in […]