“Public Health AND Privacy” vs. “Public Health OR Privacy” in the time of the COVID-19 pandemic

The COVID-19 outbreak has touched the lives of millions of individuals across the globe. Among those severely affected are the residents of my native Italy who are currently under a mandatory lockdown  (nationwide travel restrictions have been enacted) until an undefined date.  But how should the collection of potentially special category personal data (health data) be managed in a pandemic? Several data protection authorities have provided ...

EDPB on personal data processing in the COVID-19 outbreak

On 16 March the Chair of the European Data Protection Board (EDPB) Andrea Jelinek released a statement to help guide the data processing activities of public authorities, governments, and private organizations within the context of the COVID-19 pandemic. Andrea Jelinek noted that: “Data protection rules (such as GDPR) do not hinder measures taken in ...

Results of the 3rd review of EU-U.S. Privacy Shield are finally here

Today, 23 October 2019, the European Commission published its report on the EU-U.S. Privacy Shield, to which approximately 5,000 companies are participating. The results of the Report are largely positive and confirm that the US ensures an adequate level of protection for the data transferred to it from the EU. Furthermore, in the Report, ...

Spain and Greece referred to CJEU for not transposing EU data protection rules into national law

The European Commission has referred Greece and Spain to the Court of Justice of the EU for failing to transpose the Data Protection Law Enforcement Directive, Directive (EU) 2016/680into their national law, which should have occurred by 6 May 2018.  The purpose of the Directive is to ensure a high level of data protection and facilitate the exchanges of personal data ...

PERSONAL DATA PROTECTION AND THE USE OF INFORMATION TO FIGHT ONLINE-TERRORIST PROPAGANDA, RECRUITMENT, AND RADICALIZATION: PART IV

In this fouth blog post of my exploration into the matter based on an upcoming publication for CRC Press, part of the Online Terrorist Propaganda, Recruitment, And Radicalization Book Project that I wrote together with Dr. Milda Macenaite, I will specifically explore the relationship between personal data protection and use of information. The relationship between the protection and use of that very information is depends on ...

PERSONAL DATA PROTECTION AND THE USE OF INFORMATION TO FIGHT ONLINE-TERRORIST PROPAGANDA, RECRUITMENT, AND RADICALIZATION: PART III

In this third blog post of my exploration into the matter based on an upcoming publication for CRC Press, part of the Online Terrorist Propaganda, Recruitment, And Radicalization Book Project that I wrote together with Dr. Milda Macenaite, I will specifically explore the legal data protection framework. The primary legal instrument in the EU regulating personal data processing in the law enforcement, i.e., in ...

PERSONAL DATA PROTECTION AND THE USE OF INFORMATION TO FIGHT ONLINE-TERRORIST PROPAGANDA, RECRUITMENT, AND RADICALIZATION: Part II

I ended my last blog post by asking, "What information and under which circumstances can and should LEAs remove terrorist propaganda from social media platforms and other websites?  When would such actions fall under the scope of the EU data protection framework?" In this second blog post of my exploration into the matter based on an upcoming ...

Personal Data Protection and the use of Information to Fight Online-Terrorist Propaganda, Recruitment, and Radicalization: Part I

What is the relationship between Data Protection and the use of information in the fight against terrorism? This complex question deserves more than a simple answer.  In fact, together with Dr. Milda Macenaite,  I have attempted to explore this question in great depth and shortly a book chapter will be published in the CRC Press (an imprint ...

Data Retention: CJEU reaffirms that exceptions to privacy should only apply if strictly necessary

On 21 December 2016 the Court of Justice of the European Union provided its Judgment in Joined Cases C-203/15 Tele2 Sverige AB v Post-och telestyrelsen and C-698/15 Secretary of State for the Home Department v Tom Watson and Others prohibiting the application of Member State laws that call for general and indiscriminate electronic communications data ...