fbpx

Download free GDPR compliance checklist!

Tag Archives for " GDPR "

Google Workspace has high data protection risks, says Dutch government

A Dutch government report identifying “10 high data protection risks” for users of Google Workspace, formerly known as G Suite, has been revised after Google’s response, and now says eight high risk issues still remain.

Dutch Government’s Data Protection Impact Assessment still considers that there are legal obstacles to adopting Google Workspace around the roles and obligations of data processors and data controllers under the EU’s General Data Protection Regulation (GDPR).

Source: Dutch government: Did we say 10 ‘high data protection risks’ in Google Workspace block adoption? Make that 8 • The Register

A New Day for GDPR Damages Claims in Germany?

Until now, damages claims awarded by German courts pursuant to Article 82 of the General Data Protection Regulation (GDPR) – in particular, claims for non-material damages – have been relatively low. However, a more recent decision issued by the Federal Constitutional Court indicates that views in Germany may be evolving on this topic, and courts may soon be willing to entertain higher damages claims.

In a case decided in January 2021, Germany’s Federal Constitutional Court held that the issue of whether or not (and if so, the extent to which) a damages claim brought pursuant to Article 82 GDPR is subject to certain evidentiary requirements must be decided under European law and – if necessary – clarified by the Court of Justice of the European Union (CJEU).

If the CJEU continues to follow its data protection-friendly line of reasoning and pursue effective enforcement of data protection law, damages claims pursuant to Article 82 GDPR and legal proceedings based on such claims may become the new norm and much more important in the future.

Source: A New Day for GDPR Damages Claims in Germany? | Inside Privacy

EU-U.S. data flows could face ‘massive disruption’

One of the European Union’s most powerful data regulators has warned companies may yet face massive disruption to translatlantic data flows as a result of an EU court ruling last year, despite efforts by policymakers to avoid that outcome.

Europe’s highest court last July ruled an EU-U.S. data transfer agreement was invalid, citing concerns the U.S. surveillance regime might not respect the privacy rights of citizens in the bloc.

Irish Data Protection Commissioner Helen Dixon, who was involved in the case, said the full impact would be determined by an upcoming court ruling in Ireland and efforts by EU and U.S. officials to ameliorate it.

Dixon said her office was “building momentum” after growing from 30 to 150 staff in seven year. It is was likely to issue at least six or seven decisions this year, up from two last year – against Twitter and Facebook’s WhatsApp messaging service.

Source: EU-U.S. data flows could face ‘massive disruption’ – Irish regulator | Reuters

Federal Constitutional Court: CJEU must clarify whether GDPR provides materiality threshold

The German Federal Constitutional Court has ruled the Court of Justice of the European Union needs to clarify if the EU General Data Protection Regulation provides for a materiality threshold for GDPR damage claims.

The Federal Constitutional Court’s decision overturns a judgment of the Goslar Local Court of Sept. 27, 2019, regarding the unlawful sending of an advertising email. The Local Court had held that the plaintiff had not suffered any compensable damage under Article 82 of the GDPR. The damage suffered by the plaintiff had not exceeded the materiality threshold in this matter.

The plaintiff subsequently filed a constitutional complaint with the Federal Constitutional Court, arguing the Local Court should have made a submission to the CJEU for a preliminary ruling under Article 267 of the Treaty of the European Union.

Source: Federal Constitutional Court: CJEU must clarify whether GDPR provides materiality threshold

Facebook fined €7 million by watchdog

The Italian Antitrust Authority sanctioned Facebook Ireland Ltd. and its parent company Facebook Inc. for a total of €7 million for failing to implement the provisions issued against company in November 2018.

According to Authority, Facebook misled users about commercial use of their data.

In addition to fine, the Authority prohibited the further dissemination of the misleading practice and ordered the publication of an amendment statement on the homepage of the company website for Italy, on the Facebook app, and on the personal page of each registered Italian user.

Source: AGCM – Competition and Market Guarantor Authority

Aiming to Cash In on Data, European Firms Grapple With Privacy Laws

Companies in Europe want to share the personal data of consumers with other firms or turn it into business applications without violating privacy rules, but there is no consensus on how to avoid revealing such potentially sensitive information.

Privacy restrictions in the European Union’s 2018 General Data Protection Regulation initially caused companies to reconsider whether they could cash in on personal data collected on consumers. Now, some companies are finding ways to avoid revealing that data, including consumers’ identities.

Full article: Aiming to Cash In on Data, European Firms Grapple With Privacy Laws

BEUC files complaint against TikTok for multiple EU consumer law breaches

The European Consumer Organisation BEUC has filed a complaint with the European Commission and the network of consumer protection authorities against TikTok, a video sharing platform extremely popular with children and teenagers.

BEUC contends that TikTok falls foul of multiple breaches of EU consumer rights and fails to protect children from hidden advertising and inappropriate content. Also, TikTok’s practices for the processing of users’ personal data are misleading, says BEUC.

In addition to BEUC’s complaint, consumer organisations in 15 countries have alerted their authorities and urged them to investigate the social media giant’s conduct.

Source: BEUC files complaint against TikTok for multiple EU consumer law breaches | www.beuc.eu

EU ePrivacy Regulation takes a big leap forward to adoption

The Council of the EU has made a surprise announcement that it has approved its negotiating position on the ePrivacy Regulation (i.e. the successor to the ePrivacy Directive), which will further reform EU cookie consent and communications content and metadata rules in the EU.

The process now is that the ePrivacy Regulation will be negotiated in trilogue negotiations between the Council of the EU and the European Parliament, with the European Commission facilitating / brokering those negotiations.

Source: EU ePrivacy Regulation takes a big leap forward to adoption | Fieldfisher

US publisher not within GDPR scope despite European readership

A US-registered publisher will not have to defend claims that its processing of a British resident’s personal data breached EU data protection laws after the High Court in London ruled that the laws do not apply to it.

The court reached that verdict despite it recognising that the US publisher had a “not minimal” number of UK readers; a fact the High Court said was “of no more than marginal relevance” to the question of whether its activities fell subject to the EU’s General Data Protection Regulation (GDPR).

Source: US publisher not within GDPR scope despite European readership

66% of Workers Risk Breaching GDPR by Printing Work-Related Docs at Home

Two-thirds of remote workers risk potentially breaching GDPR guidelines by printing out work-related documents at home, according to a new study from Go Shred.

The confidential shredding and records management company discovered that 66% of home workers have printed work-related documents since they began working from home, averaging five documents every week. Such documents include meeting notes/agendas (42%), internal documents including procedure manuals (32%), contracts and commercial documents (30%) and receipts/expense forms (27%).

Source: 66% of Workers Risk Breaching GDPR by Printing Work-Related Docs at Home – Infosecurity Magazine

1 2 3 140
>