On October 1st, the European Court of Justice handed down a ruling that could have a major impact on the design of the „cookie banners“ widely used on the Internet. Although the European Court of Justice was not actually considering the classic „cookie banner“, the ruling nevertheless makes statements which are significant to their practical […]
mb-firstprivacyenglisch
Hellenic DPA Fines PWC for Unlawful Processing of Employee Data
The Hellenic Data Protection Authority has fined PriceWaterhouseCoopers Business Solutions SA 150,000.00 € for unlawful processing of employee data, after the Authority had conducted an ex officio investigation in response to a complaint. The Authority also ordered a series of corrective measures and gave PWC three months’ time for their implementation. Reportedly, the company had […]
Forum shopping between data protection authorities?
The data protection authority (DPA) of the German federal state of Hamburg recently opened administrative proceedings against Google. It relates to Google’s “Google Assistant” System, the natural language assistant behind the “Google Home” speaker, and transcripts from it. The Belgian public broadcaster VRT NWS recently revealed that recordings from “Google Assistant” were systematically listened to […]
La Agencia Española de Protección de Datos multa a “La Liga” con 250.000 Euros
La Asociación Española de Clubes de Fútbol, “La Liga” ha sido la primera organización en recibir una multa ejemplar por incumplimiento del Reglamento General de Protección de Datos (RGPD) en España. La aplicación móvil sujeto de la denuncia y posterior multa, utilizaba el micrófono de los usuarios y su localización por GPS con el fin […]
The Spanish Data Protection Agency fined „La Liga“ with 250,000 Euros
The Spanish Association of Football Clubs, „La Liga“ has been the first organization to receive an exemplary fine for non-compliance with the General Data Protection Regulation (GDPR) in Spain. The mobile application, subject to the complaint and subsequent fine, used the users‘ microphones and their GPS location in order to capture illegal transmissions of football […]
Annual Report of the Finish Data Protection Authority
The Finnish data protection authority (the Office of the Data Protection Ombudsman) has recently published its annual reports on May 17th 2019.[1] This short article summarizes the most interesting fact regarding the English summary report. Major Focus Points of the Finnish Data Protection Authority The authority plans to focus until 2020 on the data subject’s […]
GUIDELINES ON THE PROCESSING OF PERSONAL DATA UNDER ARTICLE 6(1) (B) GDPR: EDPB BEGINS PUBLIC CONSULTATION
As anticipated under the provision of Article 70(4) of the GDPR, the European Data Protection Board (EDPB), on the 12th April 2019 began a public consultation on the Guidelines 2/2019 on the processing of personal data under Article 6(1) (b) GDPR in the context of the provision of online services to data subjects (the Guidelines), with the […]
News on data protection law
Dear Readers, This is to update you on the latest news and developments in matters of data protection law. If you would like to be provided with more details, don’t hesitate to contact us via the commentary function. We will also link to our blog posts (mostly in German), if we have already reported on […]
Processing Personal Data in the Context of the Clinical Trial Regulation (CTR), and the General Data Protection Regulation (GDPR)
The European Data Protection Board (EDPB) has provided a clear guidance on the legal basis for processing personal data when conducting clinical trials. Although the opinion refers specifically to the interaction between the GDPR and the Clinical Trial Regulation (CTR), in this article we summarize the premises applicable for the processing of personal data in […]
THE NIGERIAN DATA PROTECTION REGULATION 2019: OVERVIEW, EFFECTS AND LIMITS
It would appear that the wind of data protection reform that has recently blown across the world has finally found its way to Nigeria with the passing of the Nigerian Data Protection Regulation (the Regulation) by the Nigerian Information Technology Development Agency (NITDA) on the 25th January 2019. From the preamble of the Regulation, one […]
One for All and All for One…How the Supervisory Authorities are Working Together
The GDPR was created in such a manner to provide the same data privacy rights to data subjects throughout the EEA. The European Data Protection Board (EDPB) has provided a report on how this is working so far, “First overview on the implementation of the GDPR and the roles and means of the national supervisory […]
The Long Arm of the GDPR
The new General Data Protection Regulation (GDPR) strictly regulates the collection, use and storage of personal data, but does the long arm of the law stretch beyond the EU borders more than anyone could have anticipated? If you are surfing the web to see who the GDPR applies to, you could come to the conclusion […]
The “Cookiewall” crumbles
The Dutch data protection authority on 7th March 2019 issued an opinion[1] on the use of so called “Cookiewalls”, deeming such practice as unlawful in light of the GDPR and announcing intensified audits in regards to the right implementation of cookies in the coming period.[2] European regulation of Cookies The first regulation of cookies at […]
Deal or No Deal, Brexit is Coming
Whether or not the United Kingdom (UK) and the European Union (EU) can agree on an exit deal, the UK will be leaving the EU come March 30, 2019. Although the UK plans to incorporate the General Data Protection Regulation (GDPR) into national law there will still be some data privacy issues that arise as […]
Helpful tips in preventing personal data breaches
Following the coming into force of the GDPR, the state of the law has since changed in relation to the reporting and consequences of data breaches. However, it would appear that adopting some basic data protection ethics could help companies reduce the occurrence of data breaches. This article is aimed at identifying some basic practices […]