EU Commission and Parliament take stock on Data Protection in the EU

Today, 25 July 2019, the European Commission and the European Parliament published a Communication outlining the state of data protection in the EU. The document touches on consistent implementation of the GDPR, how the new governance system is working, and the impact that it has had, also in a global level, in terms of citizens ...

ePrivacy Regulation updates

On 12 July 2019 the consolidated text of the forthcoming ePrivacy Regulation was made available. The document was published in light of the 17 July WP TELE (which will focus on articles 12-16 and related recitals) and covers the entire text of the proposed regulation. Of particular relevance, the definition of direct marketing communications ...

Věra Jourová: SCCs to be modernised

In her intervention at the "The General Data Protection Regulation one year on: Taking stock in the EU and beyond" event held on 13 June 2019, Commissioner Věra Jourová discussed the state of the art of the GDPR, also with the aim of providing input to the next Commission who "will have to start working ...

Does Privacy Shield provide adequate protections?

On May 31st the Supreme Court of Ireland denied Facebook’s appeal to avoid referral of its recent case concerning the international transfer of personal data to the European Court of Justice.  You most likely remember the case brought forth by privacy activist and lawyer Max Schrems which questions whether the methods used by technology companies, and ...

The Dutch DPA’s rules for determining administrative fines

By No tags Permalink

The Dutch DPA's policy rules for determining administrative fines Co-authored with ICTLC Senior Associate Caroline Poerbodipoero The Dutch Data Protection Authority (‘DPA’), ‘Autoriteit Persoonsgegevens’, has issued policy rules on the establishment of administrative fines for GDPR infringements (as well as for infringements of Dutch data protection law). The Dutch DPA categorized the different possible GDPR infringements, ranging from ...

What does no Brexit deal mean for data protection?

The ICO has prepared a guide accessible on its website outlining the key points to be considered by UK-based entities should the UK exit the European Union without a deal on 29 March 2019. The Guidance, highlights of which are illustrated below, it relevant to UK-based businesses to which the GDPR currently applies and that send ...

BIG DATA, SMART DATA, MY DATA, YOUR DATA: SMART DATA PROTECTION BY DESIGN (PART 5)

Part 5. Core International Data Protection Principles: Purpose specification Another core principle of data protection is purpose specification, a primary instrument of international data protection that is closely related to the principles of data quality and use limitation.  The purposes for which personal data are collected need to be specified before or at the latest, at the time ...