All GDPR articles
-
ReportThe GDPR: A Report on the First Three Years of Enforcement
This report will consider some of the high-profile and noteworthy decisions taken by DPAs and courts over the GDPR’s first three years of enforcement, and consider how some key provisions of the regulation have developed. The report will also look ahead to how the EU’s data protection landscape might evolve in the coming years.
-
News
TikTok fined for violating children’s privacy
The Dutch Data Protection Authority (DPA) has imposed a fine of € 750,000 on TikTok for violating the privacy of young children.
-
News
French DPA issues 1.75m euro GDPR against multinational insurer
The CNIL has sanctioned the AG2R La Mondiale group for violating data retention provisions under the EU General Data Protection Regulation.
-
News
Danish council fined for weak data security
Datatilsynet, Denmark’s DPA, has ordered the Southern Denmark regional authority to pay DKK500,000 ($79,200, €67,200) for failing to have appropriate safeguards to protect sensitive health information. The DPA is also referring the council to the police.
-
Opinion
Could the Grindr Priest Story Be True? I Asked the Team Behind Grindr’s €10m GDPR Fine
Could “commercially available” location data originating from Grindr really have been used to identify an individual? I asked Finn Myrstad, who helped file a data protection complaint regarding how Grindr shares user data.
-
Opinion
Could ‘Schrems III’ Lead to a Paid Version of Facebook?
The Austrian Supreme Court has referred a case against Facebook to the Court of Justice of the European Union (CJEU). The case has been dubbed “Schrems III,” as it’s the third CJEU reference involving Facebook and campaigner Max Schrems.
-
News
Covid-19 test centre referred to police for poor privacy security
Denmark’s DPA Datatilsynet has reported Medicals Nordic to the police for processing users’ health and other confidential information about their coronavirus tests with inadequate security.
-
News
Consumer groups file privacy concerns’ complaint against WhatsApp
The European Consumer Organisation (BEUC) and eight members have lodged a complaint with the European Commission and European network of consumer authorities against WhatsApp alleging EU consumer rights’ breaches.
-
News
Dutch DPA fine insurance agency for poor data security
The Netherlands’ data protection authority (Autoriteit Persoonsgegevens – AP) has ordered the Employee Insurance Agency (UWV) to pay €450,000 ($533,000) for not properly securing the sending of group messages via its My Work Folder system.
-
Webinar
Employee DSARs: The Coming Deluge
Up until now, organizations have assumed that all data subject requests were the same.
-
Webinar
What have we learned about Data Retention 3 years on from the GDPR?
The truth is many companies addressed their data retention obligations during the period of GDPR-readiness and have not circled back since.
-
News
British Airways settles data breach case
UK airline British Airways has resolved on confidential terms litigation brought by customers and staff affected by a leakage of personal information in 2018.
-
News
Wolfsen to continue as Dutch DPA chairman
The Dutch government has re-appointed Aleid Wolfsen as head of the country’s Data Protection Authority (Autoriteit Persoonsgegevens – AP) for five years beginning 1 August.
-
News
German DPA tells government organisation to shut Facebook pages
The German data protection commissioner has given German government organisations until the end of the year to shut down their Facebook pages.
-
News
Italy’s DPA fines energy company 3 million euros
The Garante has fined energy company Iren Mercato 3 million euros over EU General Data Protection Regulation violations related to unlawful data processing in its telemarketing.
-
News
Outgoing DPO speaks of digitisation’s acceptance
The increasing use of data these days is taken for granted by people partly out of habit, according to Johannes Caspar, who has stepped down after 12 years as Hamburg’s data protection officer.
-
Video
Keynote: Max Schrems
Austrian privacy campaigner Max Schrems is best known as the man who held Facebook to account for its treatment of EU users’ personal data—and brought down two transatlantic privacy frameworks in the process.
-
Video
How Do Data Protection Regulations Apply to AI and is GDPR Ready for Facial Recognition?
This panel will explore the relationship between Artificial Intelligence/Machine Learning and Data Protection Regulations, as well as discussing some of the most important points in relation to GDPR and Facial Recognition.
-
Video
Divergence in GDPR and the Financial Services Industry
The patchwork nature of data protection regulations across the world creates a particular challenge for financial services firms operating overseas.
-
Video
Trust: Why Companies Need Simplified Privacy Policies?
GDPR requires communications to data subjects to be “concise, transparent, intelligible and easily accessible”.
