Categorie: Data Protection

The European Commission has published guidance on the interaction between the Regulation on the free flow of non-personal data and the GDPR. One year after the GDPR started to apply, most controllers are (or at least they should) well aware of the security and privacy requirements that should govern the datasets which contain personal data.

A recent decision from the Cologne Regional Court addresses whether individuals are entitled to receive emails and personal notes as part of a DSAR. “I want access to all personal data you handle about me”. What should you do as the controller if you receive an email like this? According to GDPR, individuals have the right to obtain:

Does the collection of biometric data by employer violate privacy? For the first time in Australian history, an employee was fired for refusing to submit biometric finger scanning data required by his employer. The employee believes that he had been wrongfully terminated. After he was denied an unfair dismissal claim by an Australia’s Fair Work

Google blocks Huawei access to Android after blacklisting due to some security and privacy concerns The Trump administration adds Huawei to the U.S. Department of Commerce’s Entity List via executive order, thereby blacklisting the company as far as U.S. corporations are concerned.  The world’s second biggest smartphone maker, Huawei, has been barred by Google from

A complaint from the Big Brother Watch instigated an investigation into HMRC’s Voice ID service. The ICOs investigation mainly dealt with the voice authentication for customer verification on some of HMRC’s helplines since January 2017. Customers were given insufficient information when it came to how their biometric data would be processed. Biometric data is considered

The Dutch data protection authority has recently published its fining policy for violations of GDPR and the Dutch law implementing GDPR. When it comes to cookies, the Dutch DPA’s conclusion is that it is not compliant with GDPR for website pop-ups to block users from access to the site unless they consent to the use

EU Parliament agreed to interconnect a series of border-control, migration, and law enforcement systems into a gigantic, biometrics-tracking, searchable database of EU and non-EU citizens called the Common Identity Repository (CIR). Combining biometric samples of persons to enable biometric identifications, the Common Identity Repository would combine biographical identities of persons (name, gender, date of birth)