DATA PROTECTION

EU Commission’s ePrivacy Regulation Proposal to align electronic communications privacy to GDPR

Date 01/12/2017.

On January 10, 2017, the European Commission issued a draft for a new ePrivacy Regulation (“Proposal”) that would replace Directive 2002/58/EC (‘the ePrivacy Directive’), implementing a higher level of privacy for all electronic communications. Scope of application: The Proposal applies to all electronic communication providers – including EU institutions – and aim at aligning the existing rules, which date back […]

Russia influenced several elections (including US election) in favor of Kremlin-friendly candidates

Date 01/09/2017.

On January 6, 2016, the National Intelligence Council (NIC) released an Intelligence Community Assessment (ICA): “Assessing Russian Activities and Intentions in the Recent US Elections.” The document is a declassified version of a highly classified assessment provided to the President by the Central Intelligence Agency (CIA), the Federal Bureau of Investigation (FBI), and the National […]

Bavarian DPA sanctions appointment of IT manager of company as DPO

Date 12/27/2016.

According to German data protection law, German data controllers must appoint a Data Protection Officer (“DPO“) in several cases, for example when ten or more people are involved in the automated processing of personal data. While an employee can be appointed as DPO, the appointee must be knowledgeable on data protection and must be reliable and independent. The […]

WP29 issues guidelines on data portability, DPO, and lead authority (and lays foundation for much more)

Date 12/22/2016.

  On December 13, 2016, EU Article 29 Data Protection Working Party “(WP29”) dealt with several critical matters with regards to the implementation of the General Data Protection Regulation (GDPR) and the Privacy Shield. It also dealt with the enforcement measures on cases having a cross-border effect. As for the GDPR’s implementation, the WP29 importantly adopted: […]

Privacy Shield update: around 1300 active participants after over 4 months from start

Date 12/21/2016.

As of mid December 2016, around 1300 companies were active under the EU-US Privacy Shield, according to the US Department of Commerce official website. The Privacy Shield Framework has now been effective for almost 4 months and it replaced the Safe Harbor, which had around 5,500 participants by 2016. The US Department of Commerce, International Trade Administration (ITA), […]

FCC adopts Broadband Consumer Privacy Rules

Date 12/14/2016.

On December 2, 2016, the Federal Communications Commission (FCC) published the Broadband Privacy Report and Order which requires broadband Internet Service Providers (ISPs) to protect users’ privacy. The rules implement the privacy requirements of Section 222 of the Communications Act for broadband ISPs, and aim at giving broadband customers more control over the use of their […]

Italian DPA issued order allowing tracking of employees through their smartphones

Date 12/08/2016.

On May 18, 2016, the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) issued an order allowing for the processing of personal geo-localization data collected through the employees’ smartphones. An Italian company, SITE S.p.A., submitted a preliminary request for examination of the DPA with reference to the processing of personal data gathered […]

EDPS’s Opinion on Personal Information Management Systems

Date 12/06/2016.

On October 20, 2016, the European Data Protection Supervisor (EDPS) published Opinion 9/2016 on Personal Information Management Systems, PIMS. The opinion acknowledges that the recently adopted GDPR provides for increased transparency, powerful rights of access and data portability, giving individuals more control over their data. However, the EDPS highlighted how market conditions and business practices can […]