fbpx

Download free GDPR compliance checklist!

Tag Archives for " data access "

Questions remain over whether data collected by Covidsafe app could be accessed by US law enforcement

The federal government has reassured the public that Covidsafe data held by Amazon will not be able to be accessed by US law enforcement, but a parliamentary committee is currently investigating separate legislation that would pave the way for US law enforcement to access data held in Australia.

The defence minister, Marise Payne, argued that because the Covidsafe legislation makes “any transfer of data to any country outside Australia … a criminal offence under the provisions of the bill”, US law enforcement would not be able to get the Covidsafe data.

However, the telecommunications legislation amendment (international production orders) bill 2020 would, if passed, make it possible for Australia to facilitate agreements with other nations so that Australian law enforcement agencies could access data held in those countries and vice versa. It has been developed with the US Cloud Act in mind.

Source: Questions remain over whether data collected by Covidsafe app could be accessed by US law enforcement | Law (Australia) | The Guardian

Employers accused of abusing EU data privacy rules to hinder trade unions

The EU’s General Data Protection Regulation (GDPR) is being misused by employers across Europe as trade unions are denied access to information required to recruit and organise workers, a new study has found.

The trends highlighted in ETUC’s report bring to light the recent challenges for trade unions to mobilise their networks as a result of workplaces refusing access to employee data under the pretext that it is forbidden by the GDPR. In this vein, the report brings to attention cases in a range of EU member states including Spain, Luxembourg and Belgium.

Source: Employers accused of abusing EU data privacy rules to hinder trade unions – EURACTIV.com

Croatian DPA issues credit institution 20m GDPR fine

The Croatian data protection authority (AZOP) has imposed a fine of EUR 20m for violating the EU General Data Protection Regulation.

Since October 2018, AZOP had been receiving multiple complaints from citizens regarding one of Croatia’s credit institutions based in Zagreb, whereby citizens were asking the institution for a request for information but were being refused.

Source: #Privacy: Croatian DPA issues credit institution 20m GDPR fine

Facebook isn’t sharing all off-platform data with users

Facebook is now offering users a feature that lets them see what data it has collected about their activities beyond Facebook.

But Facebook “Download Your Information” feature only gives you part of the picture. Information about advertisers uploading lists with your personal information is limited in time and prevents users from exercising their rights

Source: No, Facebook’s is not telling you everything | PI

AFP and NSW Police used Australia’s encryption laws seven times in 2018-19

Seven Technical Assistance Requests made with no Technical Assistance Notices or Technical Capability Notices issued.

The Department of Home Affairs has revealed it used Australia’s contentious encryption laws seven times in the period between 1 July 2018 and 30 June 2019. Australian Federal Police (AFP) used the laws five times and NSW Police used the laws two times.

All seven instances were Technical Assistance Requests, which are voluntary requests for the designated communications providers to use their existing capabilities to access user communications.

Source: AFP and NSW Police used Australia’s encryption laws seven times in 2018-19 | ZDNet

No Presumption of Confidentiality Over Documents Submitted in Marketing Authorization Dossier

On January 22, 2020, the Court of Justice of the European Union (CJEU) found that there is not a general presumption of confidentiality over documents containing clinical and preclinical data provided to the European Medicines Agency (EMA) to support a marketing authorization application.

However, the CJEU indicated that certain information may be protected if the interested party can specifically show that the disclosure will cause it harm. This is the first time the CJEU has ruled on this matter, upholding the EMA’s approach to handling access to documents requests.

Source: Highest European Court Confirms: No Presumption of Confidentiality Over Documents Submitted in Marketing Authorization Dossier

EU court adviser: data privacy laws should apply in national security cases

The European Court of Justice should uphold its 2016 decision that personal data cannot be seized and held indiscriminately by governments even on national security grounds, the court’s advocate general said in an opinion on Wednesday.

Reacting to four cases in France, Belgium and Britain in which governments called for greater powers to override data privacy, the advocate general, Manuel Campos Sánchez-Bordona, argued that EU law applies.

Source: EU court adviser: data privacy laws should apply in national security cases – Reuters

Dutch Court Decides on Scope of GDPR Right of Access

In late December 2019, the Court of The Hague (Netherlands) published a preliminary reference procedure (see here , in Dutch). The Court was asked to decide on the scope of the right of access under the GDPR.

The Court also pointed out that the GDPR does not grant a right to obtain a copy of documents; it only grants a right to obtain a copy of personal data. In relation to documents that do not contain much personal information, such as the e-mails in question, the court held that it suffices to describe the data they contain.

Source: Dutch Court Decides on Scope of GDPR Right of Access

Talend Report Showcases Low GDPR Compliance Rates for Data Subject Access Requests

Talend’s new survey shows that less than half of all companies and public sector organizations were able to respond to a Data Subject Access Request within the time period stipulated by GDPR.

Media and telecommunications companies also scored very poorly, with only 32% of them responding in a timely manner. Only 46% of retailers are able to respond to Data Subject Access Requests in a timely manner.

Source: Talend Report Showcases Low GDPR Compliance Rates for Data Subject Access Requests – CPO Magazine

1 2 3 6
>