Background The European Commission, in April 2016, launched a public consultation in order to gather opinions of different stakeholders in regard to the future of Directive 2002/58/EC (ePrivacy Directive). The ePrivacy Directive concerns the processing of personal data and the protection of privacy in the electronic communications sector. Almost a year later and after the publication of […]
mb-firstprivacyenglisch
The obligatory sharing of clinical trial data in the European Union
The European Union aims at entering a new era of clinical trials by enforcing the steps towards personalized medicine. Instead of searching for the best therapy to treat a certain diagnosis, they are moving towards pursuing the best suitable individual therapy. To meet this approach, Big Data technologies have developed new therapies and potential positive […]
New fine to Facebook from the Spanish Data protection Authority
The Spanish Data Protection Authority (AEPD) has condemned Facebook Inc. to the payment of a sanction of 1,200,000 Euros for the existence of two serious and one very serious infringements of Data Protection Law. According to the Agency, Facebook treats personal data for advertising purposes without express consent of the data subjects and does not […]
Privacy at risk: Monitoring of employees and the use of (new) technologies at work
The monitoring of employees at work, or more generally the processing of data in the employment context, is a topic that has been debated for as long as the Data Protection Directive (Dir 95/46/EC – DPD) has been around. Nonetheless, due to the emergence of new technologies and changing work polices, the topic is red […]
Japan on Its Way to Data Protection Adequacy?
Data transfers to countries outside the European Economic Area are only legal if –in addition to the requirement of a legal basis or the data subject’s consent– an adequate level of data protection in that country can be guaranteed. One way this can be achieved is an Adequacy Decision of the European Commission. The Commission […]
Your Heart Rate Data Can Land You in Jail
This so happened in Ohio last fall, when a man was convicted of aggravated arson and insurance fraud based on evidence provided by the data from his cardiac pacemaker. A man, whose house had burnt down, was investigated against after traces of fire accelerant had been found by the police. The suspect claimed that he […]
Personal Data in China. A Step towards Protection.
Currently, there is no specific data protection law in China; rules relating to personal data protection are found in different laws and regulations. Some weeks ago, on 1 June 2017, the new Cybersecurity Law entered into force. We already wrote about it here. Recently, a new draft of a Standard called “Information security techniques – […]
What do They Know, and How are You Being Tracked Online?
We have heard on how companies are tracking our data, and we have a vague idea on where and when our personal data is being gathered. However, corporate surveillance has been in constant development providing more information about a person than ever before. As an internet user, how much do you know about your personal […]
The Data Protection Officer in Europe
The EU Regulation 2016/679 on the protection of personal data (GDPR) repealing Directive 95/46/EC focusses, among the others, on a particular topic that will be governed by new specific and more consistent rules: the Data Protection Officer (DPO). This figure is already well known to European companies and institutions, but the GDPR finally clarifies and […]
Fines to Facebook and WhatsApp for breach of privacy and antitrust law
€ 150 Million fine to Facebook by French Data Protection Authority Last week, the French Data Protection Authority (DPA) has condemned Facebook Inc. and Facebook Ireland to the payment of a € 150 million fine. The sanction is part of a joint investigation carried out by the data protection authorities of France, German Land of […]
“Obamacare for the Internet” – Republicans Push to Abolish Net Neutrality
The Federal Communications Commission (FCC) is the US regulatory authority that ensures compliance with the principles of net neutrality, which were established by the Commission’s Open Internet Order in February 2015. Net neutrality means that all content on the internet shall enjoy the same priority, i.e. Internet service providers and any authority regulating the Internet […]
Data protection impact assesment (DPIA)
The most recent document provided by the Article 29 Working Party (29 WP) provides guidelines for further comprehension on when and how to conduct a DPIA. The main goal of a DPIA is to: “describe the processing, assess the necessity and proportionality of a processing and to help manage the risks to the rights and […]
UK Home Office tracks “immigration offenders” through health system data
NHS Digital and the Home Office: the relationship The outgoing head of the UK’s Health and Social Care Information Centre (“NHS Digital”) claims to have repeatedly been pressured by the Home Office to provide them with the personal data of immigrant patients. In an interview with the Health Service Journal earlier this month, Kingsley Manning […]
Mark Zuckerberg is hitting Snapchat hard – enter WhatsApp Status
New WhatsApp feature WhatsApp has announced a new feature, “Status”. With Status, WhatsApp users will now be able to use GIFs, photographs and videos to update their status. The feature will make provision for multiple updates which a user’s contacts will be able to view in a reel and which will disappear after 24 hours […]
Third Time Lucky: Australia’s New Law on Mandatory Data Breach Notification
On February 13, the Privacy Amendment (Notifiable Data Breaches) Bill 2016 passed both Houses of Parliament after two previous attempts to establish such notification obligation were unsuccessful. This means that Australians will need to be notified of serious incidents regarding the processing of their personal data. However, not every data breach will be subject to […]