Search

On February 20, 2019, Bulgaria adopted the General Data Protection Regulation (Regulation (EU) 2016/679, GDPR) harmonization law. The law amends and supplements the previous data protection act from 2002. It also transposes the EU Law Enforcement Directive (Directive (EU) 2016/680). The new Law on Personal Data Protection (LASLPDP) entered into force on March 2, 2019 […]

Below a list of the harmonization laws enacted by each EU member state. Austria: the Datenschutz-Anpassungsgesetz 2018, the “Datenschutzgesetz“. Belgium: Framework Act (Dutch) Framework Act (French), DPA Act (Dutch), DPA Act (French) Croatia: Zakona O Provedbi Opće Uredbe O Zaštiti Podataka, the Act on Implementation of the General Data Protection Regulation (Official Gazette no. 42/2018) Cyprus: Law n 125(I)/2018 Czech […]

  On January 25, 2015, the European Commission released a statement with an update about the effects of the adoption of Regulation 2016/679/EU (GDPR). See: Joint Statement by First Vice-President Timmermans, Vice-President Ansip, Commissioners Jourová and Gabriel ahead of Data Protection Day Since its entry into force on May 25, 2018, “citizens have become more […]

ICO published a veery useful guide dedicated to “data protection officers and others who have day-to-day responsibility for data protection” aimed at “small and medium-sized organisations”. See here  

On January 21, 2019, the CNIL (Commission Nationale de l’Informatique et des Libertés, the French Data Protection Authority), restricted committee, for the first time applies the new sanctions limit provided by the GDPR and sanctions Google for EUR 50 million for two GDPR violations: 1. “violation of the obligations of transparency and information“ “First, the restricted […]

In November 2018, a German local court, the Amtsgericht Diez, decided on a claim for immaterial damages under Art. 82.1, GDPR.  According to this source, on May 25, 2018, Plaintiff received an e-mail in which Plaintiff’s consent to receive a newsletter was requested. An email of this sort is considered spam under German law and […]

On November 16, 2018, the European Data Protection Board (EDPB) adopted guidelines on the territorial application of the GDPR. Guidelines 3/2018 on the territorial scope of Regulation 2016/679/EU- Version for public consultation. The guidelines are now open to public consultation. The Guidelines aim at clarifying the territorial scope of the GDPR, in particular where the data […]

Having regard to Article 63, Article 64 (1a), (3) – (8) and Article 35 (1), (3), (4), (6) of the Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such […]

On October 10, 2018, the Portuguese Data Protection Authority (CNPD) found the Barreiro Hospital guilty of violating the integrity and confidentiality principle and the data minimization principle set forth by the GDPR. According to this source, the infringements were punished with a fine of €400,000. The hospital is going to fight the fine, this source […]

On October 16, 2018, the European Union Blockchain Observatory and Forum published a thematic report on the Blockchain and the GDPR (“Report”). The report includes the input of a number of different stakeholders and sources. The report aims at answering the question of whether GDPR compliant blockchain is possible. The paper highlights a fundamental point: […]