Loading

Zandilli Lucien

Author: Zandilli Lucien
Page 13

Live marketing phone calls: Guidance from the ICO on remaining in compliance with PECR

The ICO released guidance on making live marketing phone calls, to help organisations remain in compliance with the PECR.   The ICO has released guidance for organisations on live phone calls made for marketing purposes, to help organisations to remain in compliance with the Privacy and Electronic Communications Regulations (PECR), also known as ePrivacy Regulations.

Illegal profiling and predatory marketing calls lead to a fine of £1.48 million for Easylife

Easylife was fined £1,480,000 for illegal profiling and predatory marketing calls which resulted in several complaints to the ICO.    The ICO has fined Easylife Ltd £1,350,000 for using the personal information of 145,400 customers to target them with health-related products after predicting their medical conditions based on previous purchases without their consent. The company

Data Access Agreement comes into force between the UK and the U.S

The UK and the U.S. have recently signed a Data Access Agreement to aid the respective countries in combating crime.    An agreement came into force on October 3rd, 2022 between the Government of the United Kingdom and the Government of the United States. The Agreement focuses on the access to electronic data for the

Executive order on transatlantic data transfers expected to be published by U.S. president

A shortly anticipated executive order on transatlantic data transfers from the US president is expected to impact EU-U.S. data transfers.   The United States is expected to publish its long-awaited executive order on transatlantic data transfers very soon, according to a report from Politico. A United States official, who was not authorized to discuss the

Subject access requests left unanswered lead to several reprimands

Unanswered subject access requests have lead to reprimands for seven organisations from the ICO.  The UK’s Information Commissioner’s Office (ICO) has taken action against seven organisations which have failed to respond to members of the public when presented with a Subject Access Request (SAR). Under the UKGDPR, individuals should be able to request from an

ECJ ruling on data retention supported by German DPA

Federal German data protection authority, the BfDI supports recent ECJ ruling on data retention.    The federal German data protection authority, BfDI has voiced its support for a recent ECJ ruling on data retention. The ECJ ruling supports the notion that the preventive, general and indiscriminate storage of individuals’ traffic and location data is indeed

Cyber Resilience Act proposal for the EU

The European Commission has recently published a Cyber Resilience Act proposal for the EU, to bolster cybersecurity rules.   The European Commission announced on September 15th, 2022, the Cyber Resilience Act proposal for the EU, a set of tougher cybersecurity regulations. These rules will govern smart Internet of Things (IoT) devices, and will include heavy

The Irish DPC imposed a fine of €405 million on Meta Platforms Limited

The Irish DPC imposed a fine of €405 million on Meta Platforms Limited, relating to the processing of children’s data.    The Irish Data Protection Commission (DPC) recently imposed a fine of €405 million and a range of corrective measures on Meta Platforms Limited (Ireland), after an inquiry into the company revealed several GDPR infractions.

Token access authentication guidelines from CNIL

CNIL has recently published token access authentication guidelines for online services.    Using token authentication allows users to access an online service, program, or website without having to re-enter their login information. With this kind of authentication, the user can access his online resources as long as the access token remains in use. This lowers

Poor personal data security leads to a fine of €2,500

Poor personal data security by a digital administration platform has led to a fine for a Belgian data controller.     A Belgian data controller has recently incurred a fine for multiple GDPR violations. The controller in this case is a company that created a platform for digital administration. On this platform, suppliers and consumers can