The European Data Protection Board and the European Data Protection Supervisor have adopted a joint opinion on the European Commission Implementing Decision on Standard Contractual Clauses Between Controllers and Processors. The aim is to ensure consistency and a correct application of Article 28 GDPR as regards the presented Draft SCCs that could serve as standard contractual clauses in compliance with Article 28 (7) Regulation (EU) 2016/679 and Article 29 (7) Regulation (EU) 2018/1725 .
The Information Commissioner’s Office has published its Data Sharing Code of Practice on 17 December. The code, and the hub of new resources, provides practical advice to businesses and organisations on how to carry out responsible data sharing.
The Information Commissioner's Office found that the company failed to put appropriate security measures in place to prevent a cyber-attack on a chat-bot installed on its online payment page. Ticketmaster’s failure to protect customer information is a breach of the General Data Protection Regulation (GDPR).
The UK Information Commissioner’s Office has issued its report on the investigation into the offline marketing services of the data broking industry and, in particular, the activities of the UK’s three largest credit reference agencies Experian Limited, Equifax Limited, and the relevant entities within the TransUnion group of companies (TransUnion International UK Limited and Callcredit Marketing Limited).
The UK Information Commissioner’s Office has issued new detailed Guidance on the Right of Access. The previous Subject Access Code of Practice had been issued under the previous Data Protection Act and the ICO has announced it will be updated.
Association of German Data Protection Authorities (“Datenschutzkonferenz” or “DSK”) has issued a paper on employee data protection outlining what employers in private sector have to take into account when processing employee personal data.
The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has issued a fine of 35,258,707.95 Euros against H&M Hennes & Mauritz Online Shop A.B. & Co KG. The company is registered in Hamburg and operates a service center in Nuremberg.
The European Commission has issued a report on Ethics of Connected and Automated Vehicles - Recommendations on road safety, privacy, fairness, explainability and responsibility. It contains 20 recommendations concerning the future development and use of connected and automated vehicles.
For the first time since the GDPR came into force, a matter has been referred to the European Data Protection Board (EDPB) to adopt the binding decision under Article 65 of the GDPR. In May 2020, the Irish Data Protection Commission (DPC) has submitted the draft decision in relation to a statutory inquiry it has completed into Twitter, to other concerned Supervisory Authorities for their opinions and views.
Subscribe to our newsletter to stay on top of the most relevant news from the privacy world. We might personalize the newsletter based on your interests. Occasionally, these emails may contain commercial offers from us. You may unsubscribe by clicking on the unsubscribe link at the bottom of the marketing email or by writing to us.