On June 7, 2019, the Official Journal of the European Union (OJEU) published Regulation (EU) 2019/881, the EU Cybersecurity Act. The EU Cybersecurity Act aims at ensuring the proper functioning of the internal market while achieving a high level of cybersecurity, cyber resilience and trust within the EU. It lays down: (a) the […]
On June 6, 2019, the Republic of San Marino approved the Blockchain Decree of the Republic of San Marino (Delegate Decree n. 86, dated May 23, 2019). No official press statement has been released yet, but this source revealed the news. The Blockchain Decree provides a regulatory framework formulating specific rules for two different […]
Tags: blockchain
On January 29, 2019, the French Data Protection Agency, the Commission Nationale de l’informatique et des Libertés (CNIL) imposed a fine of 50 million Euros on Google LLC under the EU General Data Protection Regulation (GDPR) for failure to (i) provide information to users configuring their Android mobile device and creating a Google account in breach of […]
On April 17, 2019, the EU Parliament adopted the proposed EU Regulation on platform-to-business trading practices. The text adopted by the European Parliament still has to be formally approved by the Council of the European Union. Once approved, the Regulation will enter into force 12 months after its publication in the Official Journal. […]
On April 16, 2019, the European Parliament informed that it decided to create the Common Identity Repository (CIR). The CIR will interconnect a series of data systems (listed below) into a gigantic biometric database containing data about EU and non-EU citizens to improve data exchange between EU information systems to manage borders, security and migration. […]
On April 24, 2019, Facebook published its financial results for the first quarter, where it estimated a probable loss and recorded an accrual of $3 billion in connection with an investigation by the Federal Trade Commission (FTC). The investigation could result in a penalty of up to 5 billion. The FTC began its investigation into […]
On November 9, 2019, the European Data Protection Board (EDPB) adopted guidelines on the GDPR’s lawful basis for processing. In particular, the EDPB provided guidance on the “contractual necessity basis for processing personal data in the context of online services.” Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context […]
With a decision published on March 18, 2019, the Danish Privacy Authority, Datatilsynet (DPA), found that a Danish Taxi App – Taxa 4×35 – did not respect the principle of data minimization envisaged by the GDPR (art. 5.1(c)), keeping the personal data of the customers beyond the expected retention period. The company deleted the […]
Bahrain. Bahrain enacted Law No. 30, 2018, the law protecting personal data (Data Protection Law), which goes into force on August 1, 2019. Bahrain has several other laws with provisions relating to data protection, including: Law No. 16, 2014, regarding the Protection of Information and State Documents; Law No. 2, 2017, for Ratifying the Arab Agreement in Combating […]
On March 26, 2019, Urzędu Ochrony Danych Osobowych (UODO), the Polish Data Protection Agency (DPA) imposed a fine of around $250,000 on a company for failure to fulfill its information obligation as a controller. The UODO explained that the controller did not meet the information obligation (Art. 14 (1) – (3), GDPR) in relation to […]