Loading

Category: IT law

Spanish court rules against mandatory geolocation from employees’ personal mobile phones

Spanish court rules against obliging delivery drivers to provide geolocation from their personal mobile phones and personal internet connection.   The Social Chamber of the Supreme Court in Spain has confirmed a decision nullifying Telepizza SAU’s ‘Tracker Project.’ This project included mandatory employee location tracking for delivery drivers, facilitated through their personal phones’ geolocation feature,

Children’s Code transitionary period ends in less than 6 months

The children’s code transitionary period, which saw its inception on 2nd September 2020, ends in less than 6 months. All online services are expected to be in compliance with this code by September 2021.  Last year, we reported that the Children’s Code, then known as the Age Appropriate Design Code was about to come into

Two companies fined by the ICO, for sending millions of nuisance text messages during the COVID-19 pandemic.

The ICO has issued fines to two companies for over 2.7 million spam messages sent out during the pandemic.    Between May and July, 2020, two companies sent out a total of 2.7 million spam text messages in the midst of the global COVID-19 pandemic. This resulted in several thousand complaints, including a record 10,000

New EU ePrivacy rules update

The ePrivacy rules governing electronic communication data will be updated as agreed upon by EU Member States.    Earlier this month, EU member states agreed upon a negotiating mandate for revised ‘ePrivacy’ rules. The rules on the protection of privacy and confidentiality in the use of electronic communications define cases in which service providers are

The EDPB and the EDPS have released a joint opinion on SCCs for international data transfers and SCCs between controllers and processors

The EDPB and the EDPS have released joint opinions on standard contractual clauses for the transfer of data within the EEA and internationally.    Last month, the EDPB and the EDPS released joint statements on standard contractual clauses between controllers and processors and on standard contractual clauses for the transfer of personal data to third-countries.

Belgian DPA fines Family Service for various breaches of the GDPR

Belgian DPA fines Family Service 50,000 euros for various breaches of the GDPR including the transfer of personal data to third parties.    Family Service, a Belgian company, which brands itself as a gatekeeper in family marketing has recently been fined by the Belgian DPA for various breaches of the GDPR. The company is well

CJEU Advocate General opinion on Facebook case

The CJEU Advocate General delivered his opinion on the ongoing case between Facebook and the Belgian Data Protection Authority.    On January 13th the CJEU Advocate General delivered his opinion on the Facebook case, outlined in a recent press release from the CJEU. This case has been ongoing since May 25th 2018, when the Belgian

Polish DPA fined university for failing to issue a data breach notification

The Polish DPA has fined a university for neglecting to notify the authority as well as affected persons after a data breach. In June of 2020, the Polish DPA was notified of a data breach at a medical university. According to the complaint received, during the university’s examinations held towards the end of May 2020,

Data breach notification guidelines published by the EDPB

New data breach notification guidelines, published by the EDPB frame what curative measures should be taken based on specific examples.    In a recent article, we reported on two doctors in France, who were fined by the CNIL over a data breach, and were also found to have breached article 33 of the GDPR, by

ICT regulation in 2021: Four things to look out for

From regulation of Big Tech to the upcoming legislative framework for AI, I have identified the key areas to be on the lookout for in 2021 when it comes to regulating ICT.   Regulating digital gatekeepers   Big Tech has been on the regulators’ and legislators’ radar for a while, with earlier EU antirust fines