Loading

Tag: Data Protection

Tag: Data Protection
Page 12

ECJ ruling on data retention supported by German DPA

Federal German data protection authority, the BfDI supports recent ECJ ruling on data retention.    The federal German data protection authority, BfDI has voiced its support for a recent ECJ ruling on data retention. The ECJ ruling supports the notion that the preventive, general and indiscriminate storage of individuals’ traffic and location data is indeed

Cyber Resilience Act proposal for the EU

The European Commission has recently published a Cyber Resilience Act proposal for the EU, to bolster cybersecurity rules.   The European Commission announced on September 15th, 2022, the Cyber Resilience Act proposal for the EU, a set of tougher cybersecurity regulations. These rules will govern smart Internet of Things (IoT) devices, and will include heavy

Token access authentication guidelines from CNIL

CNIL has recently published token access authentication guidelines for online services.    Using token authentication allows users to access an online service, program, or website without having to re-enter their login information. With this kind of authentication, the user can access his online resources as long as the access token remains in use. This lowers

Poor personal data security leads to a fine of €2,500

Poor personal data security by a digital administration platform has led to a fine for a Belgian data controller.     A Belgian data controller has recently incurred a fine for multiple GDPR violations. The controller in this case is a company that created a platform for digital administration. On this platform, suppliers and consumers can

ICO marks the anniversary of the Children’s Code

ICO marks the anniversary of the Children’s Code: “Children are better protected online in 2022 than they were in 2021.”   The Children’s Code was implemented in September 2021 and has led to major changes in children’ access to online services, including adverts and profiles. The Children’s Code, which revolutionised how children are treated in

Dealing with Data Protection Complaints as a Small Business

The ICO has published a guide for businesses on dealing with data protection complaints.   At times, simply  having data protection policies in place is not enough. Handling the data of customers, employees, and contractors can be a sensitive process and must be handled as such. There are times when businesses may experience data breaches

Czech EU Presidency proposes new data law on government access

The Czech EU Presidency of the EU Council has proposed a partial compromise on the Data Act, defining the scope and protections of Chapter V.   Prague aims to forward the discussion over the proposed Data Act by reaching an agreement on the ability of public agencies to demand access to privately owned data. According

Unlawfully obtaining personal data results in the prosecution of former Health Advisor

A former Health Advisor pleaded guilty to, and was prosecuted for unlawfully obtaining personal data, and was ordered to compensate his victims.    A former Health Advisor has been prosecuted for obtaining the personal data of service users, particularly patients of South Warwickshire NHS Foundation Trust. He was found guilty of accessing the medical records

Final decision on Meta Platforms delayed by Irish DPC

The Irish DPC has been forced to delay its final decision on Meta Platforms’ use of SCCs for international data transfers.    Despite several threats from the company Meta Platforms to shut down Facebook and Instagram in Europe due to concerns over the use of Standard Contractual Clauses (SCCs) for cross-border data transfers, this may

The risks associated with geolocation data: an assessment by LINC, CNIL

The “Laboratoire d’Innovation Numerique de la CNIL” or LINC in France has been assessing the risks associated with geolocation data.    France’s digital innovation laboratory, known as “Laboratoire d’Innovation Numerique de la CNIL ” or  LINC secured a geolocation database from a data broker which was supposedly anonymized. The purpose of this was to test