This Report outlines how national courts and Data Protection Authorities (DPAs) in the EU/ European Economic Area (EEA) and UK have interpreted and applied the relevant GDPR provisions on automated decisionmaking (ADM) so far, as well as the notable trends and outliers in this respect. To compile the Report, we authors looked into publicly available judicial and administrative decisions and regulatory guidelines across EU/EEA jurisdictions and the UK, which was a member of the EU until December 2020 and whose rules on ADM are still an implementation of the GDPR at the time of writing this Report. To complement the facts of the cases discussed, we have also looked into press releases, annual reports and media stories.
EU Court Orders Commission to Pay Damages for Non-compliant Data Transfer
The EU court ordered the European Commission to pay damages for illegal data transfers, highlighting the importance of compliance with […]