Italian DPA: Second semester inspection plan focuses on whistleblowing

The Italian Data Protection Supervisory Authority recently published the measure whereby it decided on the audit plan for this six-month period, citing one of the processing activities that could be inspected: “1. For the period from July to December 2019, the auditing activity initiated and carried out by the Data Protection Supervisory Authority, including through the Guardia di ...

Brexit, data protection and democracy

By No tags Permalink 0

The DPA of the United Kingdom sent a letter to political parties in light of the 12 December 2019 General Election to remind them that  “People expect their personal information to be used in line with law, and where that doesn’t happen in digital campaigning, there’s a danger that public trust and confidence in the ...

SAVE THE DATE: Advertising technology: legal compliance requirements to fully exploit adtech in your marketing strategies Webinar

Join me on Tue, Jan 21, 2020 5:00 PM - 6:00 PM CET! Register here. The nearly unlimited opportunities of present-day technologies grouped under the umbrella of ‘adtech’ – including cookies and other tracking technologies, programmatic advertising, and real-time bidding – also pose legal compliance challenges for businesses looking to take advantage of the ...

CSA CODE OF CONDUCT for GDPR COMPLIANCE: CSA EMEA Congress 2019

This week I attended the CSA EMEA Congress 2019 where I presented on the CSA Code of Conduct for GDPR Compliance, also in my quality of Co-Chair of the CSA PLA WG. My presentation covered the fundamentals of the GDPR and the CSA Code of Conduct and discussed the game-changers and pillars of the Code ...

EDPS publishes Guidelines on the concepts of controller, processor and joint controllership under Regulation (EU) 2018/1725

By No tags Permalink 0

The EDPS Guidelines provide instructions to EU institutions and bodies for compliance with Regulation 2018/1725 with respect to the concepts of controller, processor and joint controllership and examines responsibilities and obligations concerning data subject rights, specific case studies for controller-processor, separate controllership and joint controllership situations and are intended to aid managment in "supporting ...

Facebook and the ICO reach agreement

Read the official statement from the ICO here. In 2017 ICO launched a formal investigation of the growing misuse of personal data in the context of political campaigns, after which in 2018, ICO fined Facebook for sum of GBP 500,000 for "suspected failings related to compliance with the UK data protection principles covering lawful ...

Mia intervista su Open sulla proposta di Marattin della registrazione con documento d’identità per accedere ai social network

Oggi sono stato intervistato da Open, la testata online di Enrico Mentana, sul tema della registrazione tramite carta d’identità per accedere ai social network. Il mio parere segue quello di Luigi Marattin, economista e deputato di Italia Viva, l’autore della proposta che sta sollevando un grande dibattito in questi giorni in Italia.  Marattin ha puntato l’attenzione ...

Landmark ECHR ruling decides privacy rights of Spanish supermarket cashiers covertly filmed by security cameras were not violated

On 17 October 2019 The European Court of Human Rights (ECHR) issued its judgment in the López Ribalda and Others v. Spain case, ruling that there had been “no violation of Article 8 (right to respect for private and family life) of the European Convention on Human Rights, and, unanimously that there had been no ...

Results of the 3rd review of EU-U.S. Privacy Shield are finally here

Today, 23 October 2019, the European Commission published its report on the EU-U.S. Privacy Shield, to which approximately 5,000 companies are participating. The results of the Report are largely positive and confirm that the US ensures an adequate level of protection for the data transferred to it from the EU. Furthermore, in the Report, ...

GDPR Temperature Tool: A new free resource for European SMEs to understand their risk of GDPR-related sanctions

«The GDPR came into force in May 2018 with a blaze of publicity but 18 months on, still many businesses are unclear on how at risk they are from GDPR-related sanctions. The vast majority of business leaders believe that it is essential to comply with the GDPR, especially as companies can risk crippling fines. Indeed, ...