Insights into the Future of Data Protection Enforcement
The FPF released a report “Insights into the future of data protection enforcement: Regulatory strategies of European Data Protection Authorities for 2021-2022”
DPA
The Italian DPA sanctions a food delivery company for monitoring drivers
Italian supervisory authority published an injunction against a company operating a food delivery app over the processing of riders’ personal data with respect to the use of algorithms for the management of the orders.
Italian Supervisory Authority Fines Foodinho Over its Use of Performance Management Algorithms
The Italian Supervisory Authority (Garante) announced that it has fined Foodinho S.r.l. 2.6 million EUR for its use of performance algorithms in connection with its employees.
Lithuanian DPA Imposes Fine on a Sports Club for Use of Fingerprints
Lithuanian DPA fined sports club 20.000€ for improper use of fingerprints for identification.
Commission opens an infringement procedure against Belgium on the independence of its Data Protection Authority
The Commission sent formal notice to Belgium for violating Article 52 of the GDPR, which states that the DPA shall be independent.
Norwegian DPA fines company for accessing former employee’s e-mail inbox
The manager of the enterprise had changed the password and logged on to the complainant’s e-mail account every day for a period of six weeks after the employment had ended. Norwegian DPA found that the enterprise lacks a legal basis for accessing e-mail in this manner.
As French automated audits of cookie consent rules continue, non-compliant websites face sanctions
After checking the 1.000 websites with the highest traffic in France, and with several sanctioning procedures already launched, the French DPA CNIL (Commission nationale de l’informatique et des libertés) announced a continuation of the program in the next months.
German DPA tells ministries to shut Facebook pages
German government organisations have until the end of the year to close their Facebook pages after the data protection commissioner found the social network had failed to change its practices to comply with German and European privacy laws.
CNIL releases draft recommendation on retention of traceability data
France’s data protection authority, the Commission nationale de l’informatique et des libertés, launched a public debate over its draft recommendation relating to terms of retention and use of data logs.
Europe’s Data Law Is Broken, Departing Privacy Chief Warns
The European Union’s “GDPR” privacy law suffers from “massive flaws” and endless infighting, according to one of the bloc’s top regulators.
German Data Protection Authorities Want to Know What Companies Are Doing With Customer Data
Several German Data Protection Authorities commence independent investigation of cross border transfers of personal data in violation of Schrems II.
MEPs call for infringement procedure against Ireland
The European Parliament voted in favour of a resolution calling on the European Commission to open an infringement procedure against Ireland for failing to enforce the GDPR.