The Comission Nationale de l’informatique et des libertés, the French Data Protection Authority (‘CNIL’) published FAQs and a new guideline regarding cookies on October 1st, 2020. This guideline that was previously publicly consulted between January 14th to February 25th, 2020 has been developed in consultation with digital advertising stakeholders and civil societies. Stakeholders are requested […]
Search Results for: section control
Digital marketing as a legitimate interest? Dutch DPA clarifies.
On the first of November the Dutch DPA (Autoriteit Persoonsgegevens) has tried to shed some more light on the subject of the legitimate interest as a lawful ground of processing. Besides reconfirming the common understanding and best practices, the Dutch DPA clarifies the legal basis for direct marketing if and to the extent, that the […]
THE NIGERIAN DATA PROTECTION REGULATION 2019: OVERVIEW, EFFECTS AND LIMITS
It would appear that the wind of data protection reform that has recently blown across the world has finally found its way to Nigeria with the passing of the Nigerian Data Protection Regulation (the Regulation) by the Nigerian Information Technology Development Agency (NITDA) on the 25th January 2019. From the preamble of the Regulation, one […]
The UK DPA imposes a fine to an online leading mother and baby club
At the beginning of August 2018, the UK Information Commissioner (ICO) issued a fine of £ 140.000 To “Lifecycle Marketing (Mother and Baby) ” Ltd or “LCMB”, also known as “Emma´s Diary” for the illegal collection and sale of personal data of more that 1 million people to a marketing company hired by a political […]
Facebook’s response to the ECJ decision on Fanpages. Is this decision being adequately implemented?
As result of the latest European Court of Justice decision regarding the administration of Facebook fanpages, Facebook has recently published an Agreement for data processing activities that aims to comply with the said ruling.(Available here). This article contains an analysis from a data protection law perspective that will determine if the solution implemented by Facebook […]
Are companies ready to deal with a high level of scrutiny? – Lessons learned from the Morrisons Case
The purpose of this article is to summarize the lessons that a company can learn from the Morrisons Case with regard to the level of protection that can be considered as “sufficient” and “adequate” for the protection of the personal data of their employees. [1] In our daily practice, our clients are more often than […]
Privacy Impact Assessments: A software tool by the French DPA
The French Data Protection Authority, Commission Nationale Informatique et Liberte (CNIL), released a tool to support data controllers to be compliant with the upcoming General Data Protection Regulation (GDPR). The tool is aimed at automating the obligatory assessments of risk posed by data protection activities to the rights and freedoms of data subjects according to […]
Privacy at risk: Monitoring of employees and the use of (new) technologies at work
The monitoring of employees at work, or more generally the processing of data in the employment context, is a topic that has been debated for as long as the Data Protection Directive (Dir 95/46/EC – DPD) has been around. Nonetheless, due to the emergence of new technologies and changing work polices, the topic is red […]
UK Home Office tracks “immigration offenders” through health system data
NHS Digital and the Home Office: the relationship The outgoing head of the UK’s Health and Social Care Information Centre (“NHS Digital”) claims to have repeatedly been pressured by the Home Office to provide them with the personal data of immigrant patients. In an interview with the Health Service Journal earlier this month, Kingsley Manning […]