On March 20, 2018, the Centre for Information Policy Leadership (“CIPL”) issued a factsheet on the GDPR’s provisions that are most likely to be relevant for the negotiations of the proposed ePrivacy Regulation. The Factsheet explains key GDPR concepts relevant to the ePrivacy Regulation, including: definitions of GDPR’s terms, such as personal data, data processing and the role of […]
Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR) repeals Directive 95/46/EC and expands on the protection of natural persons with regard to the processing of personal data and the free movement of such data. The GDPR will come into force in May 2018 and will have an expanded territorial scope of application compared to […]
Regulation (EU) 2016/679, the General Data Protection Regulation (GDPR) repeals Directive 95/46/EC and expands on the protection of natural persons with regard to the processing of personal data and the free movement of such data. The GDPR will come into force in May 2018 and will have an expanded territorial scope of application compared to […]
On April 4, 2017, the Working Party 29 (WP29) released Opinion 1/2017 on the Proposed Regulation for the ePrivacy Regulation (2002/58/EC) – wp247 (ePrivacy Regulation Proposal). The WP29 welcomes the Proposal for the Regulation. However, it expressed several points of concern and suggested amendments. The European Commission, along with the European Parliament and the European […]
On January 10, 2017, the European Commission issued a draft for a new ePrivacy Regulation (“Proposal”) that would replace Directive 2002/58/EC (‘the ePrivacy Directive’), implementing a higher level of privacy for all electronic communications. Scope of application: The Proposal applies to all electronic communication providers – including EU institutions – and aim at aligning the existing rules, which date back […]
Wrongful infringement needed to impose administrative sanction for GDPR violations The ECJ decided two cases involving fines contested by entities in Lithuania and Germany. The Lithuanian National Public Health Centre challenged a €12,000 fine for creating a Covid-19 tracking app, while Deutsche Wohnen, a German real estate company, contested a fine exceeding €14 million for […]
UPDATE On Washington privacy Act March 2020 – Washington Privacy Act fails again It was almost given for granted that the Washington Privacy Act would have passed this time. The Washington State House and Senate were debating two similar bills. The major difference was in the enforcement mechanism: while in the House’s Bill both the […]
The GDPR requires controllers to implement appropriate measures to be able to demonstrate compliance with the GDPR itself, taking into account among others the “the risks of varying likelihood and severity for the rights and freedoms of natural persons” (article 24 (1)). In line with the risk-based approach embodied by the GDPR, carrying out a […]
European Parliament publishes a paper on blockchain and the GDPR, titled “The General Data Protection Regulation Can distributed ledgers be squared with European data protection law?” Here is the link to this interesting paper: http://www.europarl.europa.eu/RegData/etudes/STUD/2019/634445/EPRS_STU(2019)634445_EN.pdf More information. on GDPR and blockchain, Francesca Giannoni-Crystal
Tags: blockchain, GDPR
On February 14, 2019, the United States District Court for the Northern District of California ordered a United Kingdom citizen, party to a U.S. litigation, to produce in unredacted form e-mails containing personal information that could be protected under the GDPR. By way of background. In this patent infringement suit, Plaintiff owned patents involving computer […]