On November 16, 2018, the European Data Protection Board (EDPB) adopted guidelines on the territorial application of the GDPR. Guidelines 3/2018 on the territorial scope of Regulation 2016/679/EU- Version for public consultation. The guidelines are now open to public consultation. The Guidelines aim at clarifying the territorial scope of the GDPR, in particular where the data […]
The new article 2-terdecies, of the Italian Privacy Code (introduced by Legislative Decree 101/2018), expressly rules on the data protection rights of the deceased. According the Italian Privacy Code, the rights of access, rectification, cancellation, limitation, portability, opposition and the rights relating to fully automated decisions relating to personal data concerning deceased subjects may be […]
On October 10, 2018, UK High Court blocked the class-action against Google over unlawful iPhone tracking allegations. The claimant, Richard Lloyd, alleged that, during 2011 and 2012, Google secretly tracked the internet activity of Apple iPhone users and then sold the data. The method by which Google was able to do this is generally referred […]
Having regard to Article 63, Article 64 (1a), (3) – (8) and Article 35 (1), (3), (4), (6) of the Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such […]
On October 10, 2018, the Portuguese Data Protection Authority (CNPD) found the Barreiro Hospital guilty of violating the integrity and confidentiality principle and the data minimization principle set forth by the GDPR. According to this source, the infringements were punished with a fine of €400,000. The hospital is going to fight the fine, this source […]
On October 3, 2018, the European Parliament published a resolution on distributed ledger technologies (DLTs) and blockchain. DLTs and blockchain are the technologies behind bitcoin and other crypto currencies, and basically consist in a ledger of digital information maintained in decentralised form across a large network of computers. See here for more information. The EU […]
On September 3, 2018, the Bundesgerichtshof, the German Federal Court of Justice deferred a preliminary ruling to the Court of justice of the European Union (CJEU) to decide whether, under EU data protection laws, a pre-checked checkbox – which the user must unselect to refuse his consent – is a valid consent to store information, […]
On October 18, 2018, the Federal Trade Commission (FTC) published – along with Department of Homeland Security, the National Institute of Standards and Technology, and the Small Business Administration – guidance for small businesses on how to deal with cyber threats and increase data security. The FTC highlighted a dozen need-to-know topics: Cybersecurity Basics, Understanding […]
On October 4, 2018, the European Parliament adopted the proposed EU Regulation on the Free Flow of Non-Personal Data in the European Union. The Regulation aims at removing obstacles to the free movement of non-personal data within the European Union. The Regulation does not cover data mobility outside the EU. The approved Regulation does not […]
On October 16, 2018, the European Union Blockchain Observatory and Forum published a thematic report on the Blockchain and the GDPR (“Report”). The report includes the input of a number of different stakeholders and sources. The report aims at answering the question of whether GDPR compliant blockchain is possible. The paper highlights a fundamental point: […]