Author: Vasiliki

Lloyd v Google

Vasiliki Antoniadou explains the Lloyd v Google case: The “damage” requirement in a compensation claim for personal data breach The High Court of Justice issued earlier this month an interesting decision in respect of data breach litigation in the frame of the Lloyd v Google case. The ruling clarified that compensation for infringement of personal

GDPR and social media : EU Court on fan pages on Facebook

Earlier this month the ECJ published a preliminary ruling finding the fan page admin jointly responsible with Facebook for the personal data of the visitors. Although the decision refers to the previously enforceable EU Data Protection Directive, the new rule paves the way for GDPR and social media practice, since the definition of the processor


Our blog editor Vasiliki Antoniadou explores how GDPR will affect WHOIS. Although GDPR is widely anticipated due to the strengthening of the individuals’ rights on their personal data, it is believed by some that its implementation on WHOIS would cause unintentional adverse consequences on the online intellectual property protection. GDPR WHOIS implications WHOIS is an

GDPR administrative fines explained

Aphaia Blog editor Vasiliki Antoniadou explores GDPR administrative fines that businesses can expect based on WP29 guidelines. GDPR gives to the supervisory authorities the power to impose administrative fines following two different maximum amounts according to the severity of the data breach. Under GDPR administrative fines rules, for instance, an infringement of the basic principles of

Online advertising transparency through ‘Types’ tools

‘Types’, online advertising transparency project funded by the EU Commission, promises that it will enhance the transparency inside the online advertising environment, improve the trust of consumers to the industry and finally contribute to its growth. Online advertising generates a substantial revenue that enables the creation of numerous employment positions, as well as the support

GDPR direct application explained by European Commission

Four months before the General Data Protection Regulation ( GDPR ) comes into force, the EU Commission released a communication to the EU Parliament and Council on GDPR direct application , highlighting the innovations and opportunities of the new legal system, the measures already taken by the involved parties and the further steps to be

How to implement GDPR transparency requirement ?

Article 29 Data Protection Working Party provides useful guidance for the implementation and interpretation of the GDPR transparency requirement via its recently published guidelines. Transparency is one of the fundamental obligations to fulfil as part of GDPR compliance, since it is linked to the principles of fairness and accountability. GDPR transparency requirement contributes significantly to

WP29 Guidelines on adequacy of data protection by third countries

According to the GDPR provisions, the transfer of personal data to countries outside the EU or international organisations is permitted only under the requirement that their legal framework satisfies an adequate level of data protection. Our Blog Editor Vasiliki Antoniadou explains WP29 Guidelines on adequacy of data protection by third countries under GDPR. The existence

GDPR profiling and automated decision making WP29 Guidelines

Our blog editor Vasiliki Antoniadou explains the latest Article 29 Working Party GDPR profiling guidelines in relation to automated decision making – and how they might affect your business. The technological evolution and specifically the development of big data analytics, IoT and artificial intelligence permit automated processing of personal data in order to evaluate certain

GDPR Data Breach Notification WP29 Guidelines

GDPR data breach notification obligation requires the adoption of appropriate technical and organisational measures in order to ensure the safeguarding of personal data during processing. Since the assessment of the risk degree is not always unequivocal, the Article 29 Data Protection Working Party (WP29) has recently adopted GDPR data breach Guidelines. When unauthorised or unlawful processing