Category: Data Protection

A ‘no deal’ Brexit is looking like a real possibility the closer we get to March 29th. So what would a  ‘no deal’ Brexit mean for data protection? Summary of the situation: On June 23rd 2016, a referendum was held to decide whether the UK should leave or remain in the European Union. The Leave

Facebook has been banned by the German’s national competition regulator, Bundeskartellamt, from combining and processing user data from different social network platforms and services. Facebook collects data, not only from its website but also from Facebook-owned websites and apps as well as on third-party websites and smartphones. The information available to Facebook, allows the company

Italian DPA’s investigations have shown additional instances of unlawful processing in the Facebook and Cambridge Analytica case. The Italian Data Protection Authority (Garante per la protezione dei dati personali) is ready to impose sanctions on Facebook in connection with the ‘Cambridge Analytica case’. Apart from the data transmitted to Cambridge Analytica, the investigation found out that

Spain has become the first country in the European Union to have a single framework for the notification and management of cyber-security incidents. The Spanish National Cyber-security Incident Notification and Management Guide approved by the National Cyber-security Council is a technical document that creates a benchmark in terms of notifying and managing cyber-security incidents within

The new controversial Australian anti-encryption law allows the government to access encrypted data. On the 6th of December 2018, the Australian Parliament approved an anti-encryption law that collides with some essential principles in privacy in a global way, and directly with GDPR. Under this regulation, Australian companies will be obliged to construct “backdoors” or back access

Overview of the main implications for data protection of smart glasses on occasion of the publication of the first Technology report (“Smart glasses and data protection”) by the European Data Protection Supervisor. Whereas smart glasses may be deemed as the next step for technology-disruptive devices and they have a high potential to make people’s lives

The CNIL has imposed a 50 million euro fine on Google on the grounds that the it lacks transparency, consent and satisfactory information for users. On the 25th and 28th of May 2018, Google was criticised for failing to provide a valid legal basis for processing personal data, in particular for the purposes of personalised

EU Commission AI Ethics Guidelines are the Talk of the Town. The European Commission’s High-Level Expert Group (AI HLEG) produced a draft set of AI Ethics Guidelines in December 2018. The final version is due in March this year and although it won’t be legally binding, it enables all stakeholders to formally endorse and sign

According to EU Court of Justice’s Advocate General, “right to be forgotten” should be limited to EU browsers’ domains. French Data Supervisory Authority (CNIL) fined Google 100.000€ in 2015 for failing to comply with CNIL whole requirement regarding a “right to be forgotten” (right to erasure) request. Whereas CNIL demanded Google to remove links from