Categorie: Data Protection

A ‘human error’ was the blame for Kent Council’s email breach. Such a situation may involve penalties ranging from a simple warning by the control authority, the ICO in this case, to fines of 20 million euros. E-mail including contact details of more than 300 adoptive parents and some support workers were shared mistakenly by

The European Data Protection Board (EDPB) adopted guidelines on codes of conduct, aiming at providing practical guidance and interpretative assistance in relation to the application of Articles 40 and 41 GDPR. The GDPR introduced ‘accountability’ as a key concept for data protection. Accountability places the focus on data controllers to be responsible for and be

A ‘no deal’ Brexit is looking like a real possibility the closer we get to March 29th. So what would a  ‘no deal’ Brexit mean for data protection? Summary of the situation: On June 23rd 2016, a referendum was held to decide whether the UK should leave or remain in the European Union. The Leave

Facebook has been banned by the German’s national competition regulator, Bundeskartellamt, from combining and processing user data from different social network platforms and services. Facebook collects data, not only from its website but also from Facebook-owned websites and apps as well as on third-party websites and smartphones. The information available to Facebook, allows the company

Italian DPA’s investigations have shown additional instances of unlawful processing in the Facebook and Cambridge Analytica case. The Italian Data Protection Authority (Garante per la protezione dei dati personali) is ready to impose sanctions on Facebook in connection with the ‘Cambridge Analytica case’. Apart from the data transmitted to Cambridge Analytica, the investigation found out that

Spain has become the first country in the European Union to have a single framework for the notification and management of cyber-security incidents. The Spanish National Cyber-security Incident Notification and Management Guide approved by the National Cyber-security Council is a technical document that creates a benchmark in terms of notifying and managing cyber-security incidents within

The new controversial Australian anti-encryption law allows the government to access encrypted data. On the 6th of December 2018, the Australian Parliament approved an anti-encryption law that collides with some essential principles in privacy in a global way, and directly with GDPR. Under this regulation, Australian companies will be obliged to construct “backdoors” or back access

Overview of the main implications for data protection of smart glasses on occasion of the publication of the first Technology report (“Smart glasses and data protection”) by the European Data Protection Supervisor. Whereas smart glasses may be deemed as the next step for technology-disruptive devices and they have a high potential to make people’s lives