The Belgian DPA Issues Guidelines on AI When it comes to Artificial Intelligence (AI) systems, there are two EU regulations that have a significant impact on their use. These two Regulations are the well-known General Data Protection Regulation (GDPR) and the AI Act (AIA), which only came into force on August 1, 2024. Since then, […]
Internationaler Datenschutz
Internationaler_Datenschutz
CJEU Broadens Definition of Health Data in Pivotal GDPR Ruling
The Court of Justice of the European Union (CJEU) has recently issued a landmark decision (C-21/23 “Lindenapotheke”) that expands the interpretation of what constitutes health data under the General Data Protection Regulation (GDPR). This ruling has significant implications for businesses, especially those involved in the sale of medicinal products online. A Wider Scope of Health […]
Legitimate Interest: new CJEU ruling challenges Dutch Authority’s strict interpretation
On October 4, 2024, the Court of Justice of the European Union (CJEU) issued a ruling in the case C-621/22, addressing whether purely commercial interests can qualify as a legitimate interest for processing personal data under Article 6 para. 1 lit. f of the General Data Protection Regulation (GDPR). This decision challenges the strict stance […]
Can AI Be Used to Predict Crimes? Should it?
Recently, the Argentinian government announced the creation of the Unidad de Inteligencia Artificial Aplicada a la Seguridad (UIAAS), a unit designed to use artificial intelligence (AI) for the prevention, detection, investigation, and prosecution of crimes. The plan involves using machine-learning algorithms to analyze historical crime data and predict future felonies. It is also expected to […]
Email Marketing Compliance in Canada: Key Requirements for B2B Communication
In today’s digital landscape, email marketing remains one of the most effective tools for businesses to connect with clients and partners. However, ensuring compliance with local data protection and anti-spam laws is essential to avoid legal complications. For businesses operating in or communicating with recipients in Canada, the Canada’s Anti-Spam Legislation (CASL) and other data […]
A Trip to Canada’s Data Protection Landscape
As we are entering into autumn, most people are traveling the world again. Some prefer a few quiet weeks at the beach, while others are seeking adventures climbing mountains and jumping off cliffs. Nerds like me however, like to discover the curiously wild landscape of Canada’s data protection laws. It keeps us lawyers constantly on […]
Data Protection Officer (DPO) in Singapore – obligations, role and responsibilities
The Personal Data Protection Act (PDPA) of Singapore mandates organizations to safeguard the personal data they collect, use, or disclose. A key aspect of this responsibility is appointing a Data Protection Officer (DPO) or a team to ensure compliance with the PDPA. Appointing a DPO – requirements and obligations As part of the Accountability Obligation, […]
Unlawful use of facial recognition technology (FRT) at a school in Essex
The UK’s supervisory authority, the Information Commissioner’s Office (ICO), announced on 23 July 2024 that it had issued a warning to a school in Essex for the unlawful use of facial recognition technology – a violation of Art. 58 para. 2 lit. b UK GDPR. What happened? In March 2023, the school began using facial […]
Unrechtmäßiger Einsatz von Gesichtserkennungstechnologien an Schule in Essex
Die englische Aufsichtsbehörde, Information Commissioner´s Office (ICO), hat am 23. Juli 2024 mitgeteilt, eine Verwarnung gegen eine Schule in Essex wegen des unrechtsmäßigen Verwendens von Gesichtserkennungstechnologie ausgesprochen zu haben – ein Verstoß gegen Art. 58 Abs.2 lit. b UK GDPR. Was war passiert? Die Schule hatte im März 2023 begonnen, Gesichtserkennungstechnologien in der Kantine der […]
Case Analysis: A Landmark Cross-Border Data Transfer Dispute in China
In a significant ruling that underscores the growing emphasis on personal data protection in China, the Guangzhou Internet Court recently concluded a case involving cross-border data transfer violations under the Personal Information Protection Law of the People’s Republic of China (PIPL). The case, titled (2022) Yue 0192 Min Chu 6486, saw Mr. Z, a Chinese […]
290 Millionen Euro Strafe für Uber wegen unerlaubter Datenübermittlung in die USA
Die niederländische Datenschutzbehörde Autoriteit Persoonsgegevens (AP) hat gegen den Fahrdienstvermittler Uber eine Geldstrafe von 290 Millionen Euro verhängt (Pressemitteilung hier). Grund dafür ist die unerlaubte Übermittlung personenbezogener Daten europäischer Uber-Fahrer in die Vereinigten Staaten ohne ausreichenden Schutz, was einen schweren Verstoß gegen die Datenschutz-Grundverordnung (DSGVO) darstellt. Uber hat die Verstöße inzwischen eingestellt, kündigte jedoch an, […]
Erleichterung für Schweiz-US-Datentransfers: Neues Abkommen löst langjährige Datenschutzprobleme
Ab dem 15. September 2024 wird der Transfer personenbezogener Daten von der Schweiz in die USA deutlich einfacher. Grund dafür ist ein neues Rahmenabkommen, das kürzlich vom Schweizerischen Bundesrat genehmigt wurde. Mit dieser Entscheidung können Datentransfers nun auf einer Angemessenheitsentscheidung basieren, wodurch der bisherige Aufwand mit den Standardvertragsklauseln (SCCs) entfällt. Bislang mussten Schweizer Unternehmen einen […]
Swiss-U.S. Data Transfers: New Framework solves Privacy Hassles, finally!
Starting September 15, 2024, transferring personal data from Switzerland to the United States will become significantly easier, thanks to a new framework approved by the Swiss Federal Council. This marks a significant shift, allowing these data transfers to rely on an adequacy decision rather than the more complex Standard Contractual Clauses (SCCs). Until this decision, […]
Why Canada is facing more Cyberattacks than ever
Ignorance is bliss, they say, but this is definitely not true when it comes to data protection and data security. Our daily lives revolve more and more around the online world (home office with video conferences, online banking, social media and the list goes on). This, most certainly, comes with a lot of amenities. However, […]
AI and HR – Navigating legal obligations in Europe
Artificial Intelligence (AI) is reshaping HR and recruitment practices worldwide, promising enhanced efficiency and precision. While the adoption of AI in HR is not groundbreaking news, as many large companies have relied on similar solutions for years, its undeniable benefits continue to drive organizations of all sizes towards embracing AI-powered tools. Technologies like resume screening […]