Nowadays crimes are more and more committed or at least facilitated by a smartphone or other computing device. That is why digital evidence in form of data is essential in almost all criminal investigations.[1] But that does not mean that the collection of such evidence is straightforward and effortless. Law enforcement authorities (LEAs) face, among […]
mb-firstprivacyenglisch
España: Aprobada la Ley Orgánica 3/2018, de 5 de diciembre, de Protección de Datos Personales y garantía de los derechos digitales.
Con un apoyo parlamentario del 93% la nueva Ley entrará en vigor al día siguiente de su publicación en el Boletín Oficial del Estado. La nueva Ley adapta el derecho español al Reglamento General de Protección de Datos (RGPD) e introduce novedades mediante el desarrollo de materias contenidas en tal reglamento. Las más importantes de […]
Spain: The Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights has been approved.
With 93% parliamentary support, the new Law will enter into force the day after its publication in the Official State Gazette (Boletín Oficial del Estado BOE). The new Law adapts Spanish law to the General Data Protection Regulation (GDPR) and introduces novelties through the development of certain matters contained in the GDPR. The following are […]
Portuguese Data Protection Authority Imposes 400,000 € Fine on Hospital
The Barreiro Hospital in Portugal was fined 400,000 € by the Portuguese Data Protection Authority CNPD (Comissão Nacional de Proteção de Dados) for incompliancy with the EU General Data Protection Regulation (GDPR) by not separating access rights to patents’ clinical data. The public sector hospital had granted access to patients’ clinical data via their system […]
GDPR-Complaint against the “online behavioral advertising” industry
„Advertising is expensive, no advertising is even more expensive.“ (Paolo Bulgari, Businessman and Designer of jewelry). According to this principle, programmatic buying and providing of advertising according to your behavior on the Internet, is becoming more and more important. Google also uses this concept of so- called “Programmatic Advertising” for its product campaigns. The private […]
España: El Pleno del Congreso de los Diputados convalida el Real Decreto-Ley para adaptar el Derecho español a la normativa de la Unión Europea en materia de protección de datos.
El Pleno del Congreso de los Diputados ha convalidado el “Real Decreto-ley 5/2018, de 27 de julio, de medidas urgentes para la adaptación del Derecho español a la normativa de la Unión Europea en materia de protección de datos”. La adaptación del marco normativo interno al Reglamento General de Protección de Datos europeo fue tratada […]
The UK DPA imposes a fine to an online leading mother and baby club
At the beginning of August 2018, the UK Information Commissioner (ICO) issued a fine of £ 140.000 To “Lifecycle Marketing (Mother and Baby) ” Ltd or “LCMB”, also known as “Emma´s Diary” for the illegal collection and sale of personal data of more that 1 million people to a marketing company hired by a political […]
Facebook’s response to the ECJ decision on Fanpages. Is this decision being adequately implemented?
As result of the latest European Court of Justice decision regarding the administration of Facebook fanpages, Facebook has recently published an Agreement for data processing activities that aims to comply with the said ruling.(Available here). This article contains an analysis from a data protection law perspective that will determine if the solution implemented by Facebook […]
„US must comply with the EU-US Privacy Shield“
According to the 12 June 2018 European Parliament press release, the Civil Liberties Committee (LIBE Committee) has called on the European Commission to suspend the EU-U.S. Privacy Shield on the grounds that it fails to provide sufficient data protection for EU Citizens. In the press release, the MEPs stated that data transfers between the EU […]
Privacy Impact Assessments: A software tool by the French DPA
The French Data Protection Authority, Commission Nationale Informatique et Liberte (CNIL), released a tool to support data controllers to be compliant with the upcoming General Data Protection Regulation (GDPR). The tool is aimed at automating the obligatory assessments of risk posed by data protection activities to the rights and freedoms of data subjects according to […]
Legislative procedure ongoing: The Council of European Union and its version of the planned ePrivacy Regulation.
Background The European Commission, in April 2016, launched a public consultation in order to gather opinions of different stakeholders in regard to the future of Directive 2002/58/EC (ePrivacy Directive). The ePrivacy Directive concerns the processing of personal data and the protection of privacy in the electronic communications sector. Almost a year later and after the publication of […]
The obligatory sharing of clinical trial data in the European Union
The European Union aims at entering a new era of clinical trials by enforcing the steps towards personalized medicine. Instead of searching for the best therapy to treat a certain diagnosis, they are moving towards pursuing the best suitable individual therapy. To meet this approach, Big Data technologies have developed new therapies and potential positive […]
New fine to Facebook from the Spanish Data protection Authority
The Spanish Data Protection Authority (AEPD) has condemned Facebook Inc. to the payment of a sanction of 1,200,000 Euros for the existence of two serious and one very serious infringements of Data Protection Law. According to the Agency, Facebook treats personal data for advertising purposes without express consent of the data subjects and does not […]
Privacy at risk: Monitoring of employees and the use of (new) technologies at work
The monitoring of employees at work, or more generally the processing of data in the employment context, is a topic that has been debated for as long as the Data Protection Directive (Dir 95/46/EC – DPD) has been around. Nonetheless, due to the emergence of new technologies and changing work polices, the topic is red […]
Japan on Its Way to Data Protection Adequacy?
Data transfers to countries outside the European Economic Area are only legal if –in addition to the requirement of a legal basis or the data subject’s consent– an adequate level of data protection in that country can be guaranteed. One way this can be achieved is an Adequacy Decision of the European Commission. The Commission […]