Facebook and the ICO reach agreement

Read the official statement from the ICO here. In 2017 ICO launched a formal investigation of the growing misuse of personal data in the context of political campaigns, after which in 2018, ICO fined Facebook for sum of GBP 500,000 for "suspected failings related to compliance with the UK data protection principles covering lawful ...

Mia intervista su Open sulla proposta di Marattin della registrazione con documento d’identità per accedere ai social network

Oggi sono stato intervistato da Open, la testata online di Enrico Mentana, sul tema della registrazione tramite carta d’identità per accedere ai social network. Il mio parere segue quello di Luigi Marattin, economista e deputato di Italia Viva, l’autore della proposta che sta sollevando un grande dibattito in questi giorni in Italia.  Marattin ha puntato l’attenzione ...

Landmark ECHR ruling decides privacy rights of Spanish supermarket cashiers covertly filmed by security cameras were not violated

On 17 October 2019 The European Court of Human Rights (ECHR) issued its judgment in the López Ribalda and Others v. Spain case, ruling that there had been “no violation of Article 8 (right to respect for private and family life) of the European Convention on Human Rights, and, unanimously that there had been no ...

Results of the 3rd review of EU-U.S. Privacy Shield are finally here

Today, 23 October 2019, the European Commission published its report on the EU-U.S. Privacy Shield, to which approximately 5,000 companies are participating. The results of the Report are largely positive and confirm that the US ensures an adequate level of protection for the data transferred to it from the EU. Furthermore, in the Report, ...

GDPR Temperature Tool: A new free resource for European SMEs to understand their risk of GDPR-related sanctions

«The GDPR came into force in May 2018 with a blaze of publicity but 18 months on, still many businesses are unclear on how at risk they are from GDPR-related sanctions. The vast majority of business leaders believe that it is essential to comply with the GDPR, especially as companies can risk crippling fines. Indeed, ...

European Data Protection Board adopts Guidelines on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects

The European Data Protection Board has published its updated Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects following public consultation. The Guidelines were adopted by the Board on 8 October 2019 and concern the "applicability of Article 6(1)(b) to ...

Irish Data Protection Commission publishes guidance on common online risks

The Irish Data Protection Commission has published Guidance for data subjects entitled "What should you be aware of online? Some common online risks". The document, directed towards consumers, provides a simple but thorough overview of data protection principles such as Transparency/purpose limitation and practical advice for how data subjects can understand the risks towards ...

Glawischnig-Piesczek vs. Facebook Ireland Limited: CJEU determines that hosting provider may ordered to remove identical and equivalent comments to those which have already been declared illegal

The decision of the CJEU in this case in which a hosting provider can be required to remove content on a global level in the context of a EU Member State Court injunction within the framework of international law, exemplifies the global reach of European regulators with the Internet.   Here's a little background on the case ...

FTC Fines Google $170 Million USD for having violated the privacy of children on YouTube

The American Federal Trade Commission and the New York Attorney General reached a settlement with Google (YouTube) for having violated the American Federal Children's Online Privacy Protection Act (COPPA). YouTube was accused of illegally harvesting the data of children, tracking their browsing behaviour in order to offer them targeted advertising,, all without the consent ...

The importance of Data Protection in research

The Swedish Data Protection Authority recently launched an investigation into Umeå University's handling of sensitive personal data, specifically data obtained from the Danish Police Authority for research purposes. The Swedish Police Authority to the Data Inspectorate has alleged that the university sent the sensitive data in its possession via unencrypted email. Data protection in ...