fbpx

Download free GDPR compliance checklist!

Tag Archives for " data subject rights "

The Netherlands DPA imposes EUR 830,000 fine for access request fees

On the 6 th of July 2020, the Dutch Data Protection Authority  published its decision to impose a fine of 830,000 EUR on Stichting Bureau Krediet Registratie (BKR).

BKR keeps an electronic file of the loans and debts people have in the Netherlands, stored in a central database. The fine has been imposed due to the fact that BKR’s procedure for data subjects to obtain access to their personal data was not in line with GDPR.

Source: The Netherlands – DPA imposes EUR 830,00 fine for access request fees

Hungarian Government Suspends GDPR Data Subjects Rights

On May 4, 2020, the Hungarian Government issued a Decree that suspends, during the COVID-19 created state of emergency, the one-month deadline that controllers have under the GDPR to reply to data subject rights requests.

According to the Decree, the normal one-month deadline to reply to data subject rights requests will start running once the state of emergency ends, for which there is no fixed date yet.

The Decree also allows public entities to refuse or suspend freedom of information (“FOIA”) requests in certain situations. The Decree has been heavily criticized by civil society groups and prompted the scrutiny by the European Data Protection Board (“EDPB”).

Source: Hungarian Government Suspends GDPR Data Subjects Rights

Google’s Right-to-Be-Forgotten Fine Toppled by French Court

Google won a battle over the right to be forgotten after France’s top administrative court canceled a fine of 100,000 euros ($111,000) for failing to remove contentious search results globally.

France’s Council of State threw out the 2016 penalty, following guidance from the European Union’s highest court which last year backed the Alphabet Inc. unit by saying it should only scrub search results on European versions of its websites.

Source: Google’s Right-to-Be-Forgotten Fine Toppled by French Court – BNN Bloomberg

Employers accused of abusing EU data privacy rules to hinder trade unions

The EU’s General Data Protection Regulation (GDPR) is being misused by employers across Europe as trade unions are denied access to information required to recruit and organise workers, a new study has found.

The trends highlighted in ETUC’s report bring to light the recent challenges for trade unions to mobilise their networks as a result of workplaces refusing access to employee data under the pretext that it is forbidden by the GDPR. In this vein, the report brings to attention cases in a range of EU member states including Spain, Luxembourg and Belgium.

Source: Employers accused of abusing EU data privacy rules to hinder trade unions – EURACTIV.com

Croatian DPA issues credit institution 20m GDPR fine

The Croatian data protection authority (AZOP) has imposed a fine of EUR 20m for violating the EU General Data Protection Regulation.

Since October 2018, AZOP had been receiving multiple complaints from citizens regarding one of Croatia’s credit institutions based in Zagreb, whereby citizens were asking the institution for a request for information but were being refused.

Source: #Privacy: Croatian DPA issues credit institution 20m GDPR fine

Facebook isn’t sharing all off-platform data with users

Facebook is now offering users a feature that lets them see what data it has collected about their activities beyond Facebook.

But Facebook “Download Your Information” feature only gives you part of the picture. Information about advertisers uploading lists with your personal information is limited in time and prevents users from exercising their rights

Source: No, Facebook’s is not telling you everything | PI

Google users in UK to lose EU data protection

Google is planning to move its British users’ accounts out of the control of European Union privacy regulators, placing them under U.S. jurisdiction instead.

The shift, prompted by Britain’s exit from the EU, will leave the sensitive personal information of tens of millions with less protection and within easier reach of British law enforcement.

Source: Exclusive: Google users in UK to lose EU data protection – sources – Reuters

Most Americans support the right to be forgotten online

Americans prefer to keep certain information about themselves outside the purview of online searches, according to a Pew Research Center survey.

74% of U.S. adults say it is more important to be able to “keep things about themselves from being searchable online,” while 23% say it is more important to be able to “discover potentially useful information about others.”

Source: Most Americans support the right to be forgotten online | Pew Research Center

Dutch Court Decides on Scope of GDPR Right of Access

In late December 2019, the Court of The Hague (Netherlands) published a preliminary reference procedure (see here , in Dutch). The Court was asked to decide on the scope of the right of access under the GDPR.

The Court also pointed out that the GDPR does not grant a right to obtain a copy of documents; it only grants a right to obtain a copy of personal data. In relation to documents that do not contain much personal information, such as the e-mails in question, the court held that it suffices to describe the data they contain.

Source: Dutch Court Decides on Scope of GDPR Right of Access

1 2 3 10
>