Blockchain law passed in San Marino contains some interesting aspects

  On June 6, 2019, the Republic of San Marino approved the Blockchain Decree of the Republic of San Marino (Delegate Decree n. 86, dated May 23, 2019). No official press statement has been released yet, but this source revealed the news. The Blockchain Decree provides a regulatory framework formulating specific rules for two different […]

Tags:

EU Parliament adopts regulation on platform-to-business trading practices

    On April 17, 2019, the EU Parliament adopted the proposed EU Regulation on platform-to-business trading practices. The text adopted by the European Parliament still has to be formally approved by the Council of the European Union. Once approved, the Regulation will enter into force 12 months after its publication in the Official Journal. […]

Tags: ,

EU Parliament proposal to create gigantic biometric database

On April 16, 2019, the European Parliament informed that it decided to create the Common Identity Repository (CIR). The CIR will interconnect a series of data systems (listed below) into a gigantic biometric database containing data about EU and non-EU citizens to improve data exchange between EU information systems to manage borders, security and migration. […]

Tags: ,

FTC’s investigation into Facebook data practices could result in a fine up to 5 billion, Facebook estimates

On April 24, 2019, Facebook published its financial results for the first quarter, where it estimated a probable loss and recorded an accrual of $3 billion  in connection with an investigation by the Federal Trade Commission  (FTC).  The investigation could result in a penalty of up to 5 billion. The FTC began its investigation into […]

Tags: ,

EDPS’s Guidelines on Article 6(1)(b) lawful basis for processing in online services open for comments until May 24

On November 9, 2019, the European Data Protection Board (EDPB) adopted guidelines on the GDPR’s lawful basis for processing. In particular, the EDPB provided guidance on the “contractual necessity basis for processing personal data in the context of online services.” Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context […]

Tags: ,

Polish DPA imposes first GDPR fine for breach of duty to inform data subjects

On March 26, 2019, Urzędu Ochrony Danych Osobowych (UODO), the Polish Data Protection Agency (DPA) imposed a fine of around $250,000 on a company for failure to fulfill its information obligation as a controller. The UODO explained that the controller did not meet the information obligation (Art. 14 (1) – (3), GDPR) in relation to […]

Tags: ,

Dutch DPA is the first European DPA to publish fining policy under GDPR

On March 14, 2019, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, DPA) published on Netherlands Official Gazette its own General Data Protection Regulation (GDPR) fining policy. It is the first European Union (EU) country to do so. Article 83, GDPR, provides that DPAs can issue to controllers and processors “effective, proportionate and dissuasive” administrative fines […]

Tags: ,

Spanish DPA publishes survey on device fingerprinting

  On February 2, 2019, the Spanish Data Protection Agency (AEPD) published a Survey on Device Fingerprinting. (“Survey“) “Device fingerprinting is the systematic gathering of information on a specific remote device with the aim of identifying, singling out and, thus being able to monitor its user’s activity for the purpose of profiling.” The data set […]

Tags: ,

Italian law defines blockchain and smart contracts

  On February 12, 2019, Law no. 12/2019, converting into law the so called Decreto Semplificazioni (“Simplification Decree”), Legislative Decree No. 135/2018 was published on the Italian Official Gazette no. 36/2019. Among other provisions, the Simplification Decree defines the concept of “technologies based on distributed ledgers (blockchain)” and “smart contracts”. “Technologies based on distributed ledgers” are technologies and […]

Tags:

1 2 3 19