The Autoriteit Persoonsgegevens, Dutch data protection authority, imposed a fine on a company, which relied on scanning their employees’ fingerprints for attendance and time registration.[1] Facts in a nutshell In the case at hand, the respective company introduced the new fingerprint system in order to reduce the fraudulent abuse of the previous attendance and time […]
English Posts
COVID-19 – New Guidelines on the processing of health data for scientific research
On 21st April 2020, the European Data Protection Board (EDPB) released new guidelines. As a preliminary remark, the EDPB sees that “there are currently great scientific research efforts in the fight against SARS-CoV-2”, which should lead to research results as soon as possible. At the same time, there are legal questions regarding the processing of […]
Dutch Data Protection Authority publishes Decision Aid for Video calling Apps
As a result of the ongoing corona crisis, a lot of companies, as well as private individuals, have increasingly been making use of video calling applications. The Dutch Data Protection Authority (AP) received many questions on how privacy-compliant these apps are and have analysed the 13 most commonly used apps, in particular, their privacy aspects. […]
Should we copy the South Korean model of fighting Covid-19?
Covid-19 is spreading rapidly across Europe right now with rising case counts and deaths, especially in Spain and Italy. As a result, many countries have enforced lockdowns and closed their borders to mitigate a further spreading of the virus. Inevitably, these measures are prone to detrimentally affect the economy and our mental health. The Regional […]
The California Consumer Privacy Act, or “Do Not Sell My Personal Information”
On January 1, 2020, the California Consumer Privacy Act (CCPA) has entered into effect, described by many as a landmark law and, according to the American Bar Association, the most comprehensive privacy legislation to be enacted in the United States of America. The CCPA was passed in 2018 and is aimed at providing consumers with […]
Data Protection Foundation Awards Journalist Prize
The year is coming to an end ever so rapidly – at least it feels like that for many of us. It is also the time of retrospection and of awards for this past year’s achievements. One such award is the Journalist Prize presented each year by Germany’s Data Protection Foundation, a private trust that […]
Swiss Hotel Booking Platform must comply with the GDPR
The Austrian Data Protection Authority has ordered a Swiss online hotel booking platform to comply with the requirements set forth in the EU General Data Protection Regulation (GDPR), in particular to provide the information according to Art. 13 GDPR to the data subject. The ordinance was based on the following facts: An Austrian citizen living […]
New Rules for the Protection of Whistleblowers
You’ll find a german version here. The Council of Europe announced through a press release on the 7th of October 2019 that it had formally adopted new rules for the protection of whistle-blowers. With the adoption of the “Whistle-blower Directive” across the EU, European private and public organisations have an obligation to make available safe […]
B2B Marketing Days in Würzburg – Data Protection meets Marketing
The two-day conference “B2B Marketing Days” by marconomy took place in Würzburg from October 15-16 2019. The conference is a specialist’s conference for medium-sized companies discussing B2B specific marketing challenges, facilitate knowledge and Best Practice exchange via interactive formats and seeks to support cross-company networking activities. Around 350 participants and workshop lecturers have joined the […]
How Will the German Data Protection Authorities Determine Fines For Companies? – The DSK Publishes a New Concept.
On October 14, 2019, the German Conference of Data Protection Authorities (DSK) published a concept for determining fines in accordance with the GDPR. In some regards, this concept resembles the model of the Berlin Data Protection Authority which was presented in June of this year (we reported in German), but some aspects remain less concrete. […]
News on data protection law
Dear Readers, This is to update you on the latest news and developments in matters of data protection law. If you would like to be provided with more details, you may contact us via the commentary function. We will also link to our blog posts if we have already reported on this topic. What has […]
Hellenic DPA fines for violations of data protection by design and default
The Hellenic Data Protection Authority (“Authority”) issued two decisions on 7 October 2019 based on which it imposed two administrative fines amounting to 200,000 euros each to the Hellenic Telecommunications Provider, “OTE”. According to the decisions, the following violations were identified: breach of the principle of accuracy (Art. 5 (1) c GDPR) and data protection […]
The Effectiveness of Cookie Banners
On October 1st, the European Court of Justice handed down a ruling that could have a major impact on the design of the “cookie banners” widely used on the Internet. Although the European Court of Justice was not actually considering the classic “cookie banner”, the ruling nevertheless makes statements which are significant to their practical […]
Hellenic DPA Fines PWC for Unlawful Processing of Employee Data
The Hellenic Data Protection Authority has fined PriceWaterhouseCoopers Business Solutions SA 150,000.00 € for unlawful processing of employee data, after the Authority had conducted an ex officio investigation in response to a complaint. The Authority also ordered a series of corrective measures and gave PWC three months’ time for their implementation. Reportedly, the company had […]
Forum shopping between data protection authorities?
The data protection authority (DPA) of the German federal state of Hamburg recently opened administrative proceedings against Google. It relates to Google’s “Google Assistant” System, the natural language assistant behind the “Google Home” speaker, and transcripts from it. The Belgian public broadcaster VRT NWS recently revealed that recordings from “Google Assistant” were systematically listened to […]