Free tools and resources for Data Protection Officers!

Tag Archives for " Austria "

Austrian DPA takes “result-oriented perspective” in data erasure decision

The Austrian data protection authority (‘DSB’) published, on 30 January 2019, its decision, dated 5 December 2018, on the right to data erasure, further to an individual’s complaint.

In particular, the DSB highlighted that the complainant had alleged that an unnamed insurance company had infringed his right to data erasure by only deleting data stored for marketing purposes and anonymising the remainder.

Full article: Austria: DSB takes “result-oriented perspective” in data erasure decision

Austria’s Post Office under fire over data sharing

Austria’s national post office found itself under fire Tuesday for collecting and selling information about customers’ political allegiances in what privacy campaigners say bears similarities to the Facebook data-sharing scandal.

According to the investigative journalism website Addendum, the Austrian Post sold the names, addresses, age and gender of around three million customers to other companies for targeted marketing purposes.

Source: Austria’s Post Office under fire over data sharing

Validity of consent coupled with free online services

The Austrian Data Protection Authority, headed by the chair of the European Data Protection Board (EDPB), provided a clear way forward for advertising-based business models.

Following a complaint against an Austrian newspaper, the Austrian Data Protection Authority decided that the prohibition on making the provision of a service conditional on consent (“coupling prohibition”; Article 7(4) GDPR) can effectively be circumvented by additionally offering a consent-free equivalent service for a reasonable remuneration.

Full article: Validity of consent coupled with free online services – Chair of EDPB opens a path

Austrian DPA Issues Decision on Validity of Cookie Consent Solution

On November 30, 2018, the Austrian Data Protection Authority published a decision in response to a complaint received from an individual regarding the cookie consent options offered on an Austrian newspaper’s website.

Full article: Austrian DPA Issues Decision on Validity of Cookie Consent Solution | Privacy & Information Security Law Blog

Austria: “Cookie Walls / Paywalls” hybrids are permissible?

In a recent case, the Austrian Data Protection Authority (ADPA) decided for the first time on the permissibility of a consent for the use of cookies, as well as the concept of freely given consent under the GDPR.

The case involves the cookie consent on the website of an Austrian newspaper. In this decision, the ADPA has seen a hybrid cookie wall / paywall solution as permissible, but has failed to address several important issues potentially arising in such cases

Full article: Austria: “Cookie Walls / Paywalls” hybrids are permissible?

First GDPR fine issued by Austrian data protection regulator

Austrian Data Protection Authority (“DSB”) has issued a fine against an entrepreneur for violations of the GDPR. The entrepreneur had installed a CCTV camera in front of his establishment that also recorded a large part of the sidewalk. The DSB found this act to be in violation of the GDPR, as large-scale monitoring of public spaces is not permitted under the GDPR. Apparently the camera was also not sufficiently marked as conducting video surveillance, meaning that the applicable transparency obligations had not been fulfilled.

The amount of the fine, however, was quite moderate: EUR 4,800. According to the deputy director of the DSB, fines should be proportionate – e.g. a controller with an annual income of, for example, EUR 40,000 is unlikely to receive a EUR 20 million fine from the DSB.

Source: First GDPR fine issued by Austrian data protection regulator, Gernot Fritz

ePrivacy rapporteur furious over Austria’s limited ambition

The European Parliament’s lead rapporteur on the ePrivacy Regulation has responded with fury to the news that the Austrian presidency of the Council of the EU intends to produce no more than a status update on the law’s progress by the end of the year.

Source: ePrivacy rapporteur furious over Austria’s limited ambition

Andrea Jelinek elected new WP29 chair

The Article 29 Working Party has elected Andrea Jelinek, head of Austria’s data protection authority, as its new chairwoman. Jelinek will replace the CNIL’s Isabelle Falque-Pierrotin as head of Europe’s collective group of data protection authorities, following her four years as chairwoman. The news was announced Wednesday during a WP29 press conference lead by Falque-Pierrotin, together with Jelinek. “We had an election this morning,” Falque-Pierrotin said, “and our Austrian colleague has been elected.

Source: Andrea Jelinek elected new WP29 chair

Court of Justice Dismisses Privacy Class Action Against Facebook but Allows Max Schrems to Sue in Austria

In yet another round of Schrems versus Facebook, on January 25, 2018, the Court of Justice of the European Union (CJEU) ruled that privacy activist Max Schrems is a consumer with regard to his Facebook profile despite his advocacy activities.

Source: Court of Justice Dismisses Privacy Class Action Against Facebook but Allows Max Schrems to Sue in Austria

>