Loading

Category: EDPB

EDPB

ePrivacy Directive Article 5(3): Device Tracking and User Consent

Understanding Article 5(3) of the ePrivacy Directive and its Implications on Device Tracking and User Consent   The ePrivacy Directive, specifically Article 5(3), restricts the storage and access of information on users’ devices without their consent, except under specific conditions. This legislation plays a crucial role in protecting users from unauthorized storage and access to

”Pay or ok” — Does this new paid subscription model invalidate consent?

There has been much debate about the validity of consent under the GDPR as it relates to the “Pay or ok” paid subscription model on social media and other platforms and websites.   Since November 7, European users of Facebook and Instagram have had the option to pay a subscription in exchange for an ad-free

Data protection guide for small businesses published by the EDPB

The EDPB has recently published a data protection guide for small businesses to aid with GDPR compliance.   The European Data Protection Board (EDPB) has released a new guide aimed at helping small businesses comply with the GDPR, as stated in this report. The guide provides a comprehensive overview of the key principles of data

Updated guidelines on data subject access requests issued by the EDPB

The EDBP has issued finalised updated guidelines on data subject access requests, providing practical advice for organisations.   The European Data Protection Board (EDPB) has issued updated guidelines on data subject access requests that provide practical advice for organisations receiving these requests from individuals. This update builds on previous guidelines published a little over a

Coordinated investigation into the role of Data Protection Officers launched by EDPB

The EDPB has launched a coordinated investigation into the role of Data Protection Officers across the EU.    The European Data Protection Board (EDPB) has launched a coordinated investigation into the role of Data Protection Officers (DPOs) across the European Union. The purpose of the investigation is to assess the actual implementation and enforcement of

Data breach notification guidelines from the EDPB

The EDPB has recently published a document containing detailed data breach notification guidelines for EU organisations.    The EDPB has recently published a document that provides guidelines on how to handle personal data breaches as required by the EU General Data Protection Regulation (GDPR). The guidelines are intended to assist controllers, processors and supervisory authorities

EU-US Data Privacy Framework advancements welcomed by the EDPB, however concerns remain

While the EDPB welcomes advancements in the EU-US Data Privacy Framework, the organisation remains concerned on various points.   The EDPB has recently released a statement welcoming developments under the EU-US data privacy framework. The organisation however has put forward several concerns and requests for clarification. The EDPB welcomes further updates to the principles of

EDPB publishes guidelines on personal data breach notifications

The EDPB has recently published guidelines on personal data breach notifications under the GDPR for businesses and organisations.    The European Data Protection Board (EDPB) recently released guidelines on personal data breach notifications under the GDPR. This document includes detailed requirements for businesses and organisations which handle individuals’ data in the event of a data

Controller Binding Corporate Rules: New recommendations from the EDPB

The EDPB recently published Recommendations 1/2022 on the Application for Approval and on the elements and principles to be found in Controller Binding Corporate Rules.   The European Data Protection Board (EDPB) has recently adopted recommendations for the Controller Binding Corporate Rules (BCR-Cs) during their November plenary. The document includes recommendations on the Application for

Clearview AI fined and ordered to remove data

Clearview AI fined by the Italian SA after various GDPR violations, and ordered to remove data and appoint an EU representative.   The company Clearview AI, has been fined by yet another EU watchdog, according to this report from the EDPB. The Italian SA has also ordered the company to delete the data of Italians