Pre-Checked Cookie Consent Invalid, EU Court Rules
The Court of Justice of the European Union (CJEU) this morning ruled that storing cookies requires internet users’ active consent. […]
GDPR
Danish DPA Takes New Position on the GDPR Legal Basis for Posting Online Photos
The Danish Data Protection Authority has changed its position regarding the legal basis for posting pictures online under the General […]
Ecuador Is Latest Country to Consider GDPR-like Privacy Law
Ecuador is considering a GDPR – like privacy law. A massive data breach in Ecuador has sparked a new push […]
Germany approves “numerous adaptations to German data protection regulations”
The Federal Council (‘Bundesrat’) announced, on 20 September 2019, that it had approved several amendments to the draft law on […]
How to manage, monitor and validate third-party data sharing
When companies manage how personal data is shared and transferred to third parties, much of the effort lately has been […]
Italian Supervisory Authority approves Code of Conduct under the GDPR
On September 12, 2019, the Italian Supervisory Authority (Garante) approved a code of conduct for consumer credit agencies, pursuant to […]
Polish DPA imposes €645,000 fine for insufficient organisational and technical safeguards
The President of the Personal Data Protection Office imposed a fine of an amount higher than PLN 2.8 million (ca. […]
Belgian DPA: Requiring Customers to Allow Their ID Cards To Be Scanned To Receive Loyalty Cards Violates GDPR
Asking to read an electronic ID card as a condition for the provision of a service (issuing a rewards/loyalty card) […]
Research reveals six common CX failures when handling GDPR information requests
A recent study conducted by Macro 4 reveals problems in the way companies are handling data subject access requests – […]
OTA Analysis Finds Most Organizations Not Ready For New Privacy Regulations
The Internet Society’s Online Trust Alliance (OTA), which identifies and promotes security and privacy best practices that build consumer confidence […]
10 reasons why the GDPR is the opposite of a ‘notice and consent’ type of law
A ‘notice and consent’ privacy law puts the entire burden of privacy protection on the person and then it doesn’t […]
EDPS publishes opinion on communication data as personal data
The European Data Protection Supervisor (EDPS) published, on 11 September 2019, the pleading notes before the Court of Justice of […]