“Public Health AND Privacy” vs. “Public Health OR Privacy” in the time of the COVID-19 pandemic

The COVID-19 outbreak has touched the lives of millions of individuals across the globe. Among those severely affected are the residents of my native Italy who are currently under a mandatory lockdown  (nationwide travel restrictions have been enacted) until an undefined date.  But how should the collection of potentially special category personal data (health data) be managed in a pandemic? Several data protection authorities have provided ...

EDPB on personal data processing in the COVID-19 outbreak

On 16 March the Chair of the European Data Protection Board (EDPB) Andrea Jelinek released a statement to help guide the data processing activities of public authorities, governments, and private organizations within the context of the COVID-19 pandemic. Andrea Jelinek noted that: “Data protection rules (such as GDPR) do not hinder measures taken in ...

Irish DPA Issues Guidance for Protecting Personal Data When Working Remotely

In light if the COVID-19 crisis, many organizations have decided to implement smart working for their employees. To this end, the Irish DPA has issued useful Guidance to protection personal data when working from home which can be found here. DPC Ireland's advice is divided into three macro categories: Devices, Emails, and Cloud/Network Access. Below ...

GDPR and the Coronavirus in Italy

The COVID-19 outbreak has affected the lives of millions of individuals across the globe. Among those affected are the residents of my native Italy who are currently under a mandatory lockdown (nationwide travel restrictions have been enacted) until April 3rd. In this time of crisis, however, it's important to not forget that data ...

Joint Controllership: A collection of recent guidance

Article 26 GDPR on Joint controllers determines that, "Where two or more controllers jointly determine the purposes and means of processing, they shall be joint controllers. They shall in a transparent manner determine their respective responsibilities for compliance with the obligations under this Regulation, in particular as regards the exercising of the rights of the ...

Dutch DPA investigates use of tracking cookies

The Dutch DPA carried out an audit of approximately 175 websites including those of web shops, municipalities, and  the media, in order to ascertain whether they comply with the requirements for the placing of tracking cookies. Almost half of the websites that use tracking cookies do not meet the consent requirements. The DPA found that “Virtually ...

EDPS announces investigation into European Parliament’s 2019 election activities and is taking enforcement actions

On 28 November 2019 the European Data Protection Supervisor announced that "it is carrying out an investigation into the European Parliament’s use of a US-based political campaigning company to process personal data as part of its activities relating to the 2019 EU parliamentary election." In its press release the EDPS stressed that "Election campaigns are ...

Brexit and data protection: What’s next?

On 12 December 2019 in the UK general election, Boris Johnson secured his position as UK Prime Minister, with his Conservative party winning its first substantial majority in decades. The results of the election have set the way for the UK to exit the European Union by its scheduled exit date of 31 January 2020.  The results ...

Italian DPA: Second semester inspection plan focuses on whistleblowing

The Italian Data Protection Supervisory Authority recently published the measure whereby it decided on the audit plan for this six-month period, citing one of the processing activities that could be inspected: “1. For the period from July to December 2019, the auditing activity initiated and carried out by the Data Protection Supervisory Authority, including through the Guardia di ...

SAVE THE DATE: Advertising technology: legal compliance requirements to fully exploit adtech in your marketing strategies Webinar

Join me on Tue, Jan 21, 2020 5:00 PM - 6:00 PM CET! Register here. The nearly unlimited opportunities of present-day technologies grouped under the umbrella of ‘adtech’ – including cookies and other tracking technologies, programmatic advertising, and real-time bidding – also pose legal compliance challenges for businesses looking to take advantage of the ...