Rie Aleksandra - DPO Hub (Page 10)

noyb win: 🇳🇱 Dutch DPA fines Netflix €4.75m for lack of information

members – 1 min read

noyb gets their first big win in their streaming services complaint project, filed in January 2019 against Amazon Prime, Apple Music, DAZN, Flimmit, Netflix, SoundCloud, Spotify and YouTube. Unsurprisingly, Netflix has already objected.

Dec 19, 2024

🇮🇪 DPC fines Meta €251m for failing on data protection by design and default and breach handling

members – 1 min read

Meta failed to properly notify and document a breach affecting 3m EEA Facebook users and to build in data protection requirements throughout the design and development cycle.

Dec 18, 2024

CJEU C-446/21 Schrems (Communication of data to the general public) 4 Oct 2024

members – 5 min read

A ruling that sparks questions around 'strictly necessary' and 'purpose'. Facebook can't indiscriminately use personal data on or off their platform for personalised ads, without restricting the duration and type of data.

Dec 8, 2024

EDPB meeting minutes 4 Nov 2024

members – 2 min read

Never-before discussed 'Guidelines on the use of biometrics for physical access control' enter the spotlight! And "first complaint under the DPF redress mechanism"..? Here's the latest EDPB meeting minutes.

Dec 7, 2024

EDPB letter to the Commission on its review of 11 DPD adequacy decisions

members – 1 min read

EDPB Chair Anu Talus writes the Commissioner for Justice on the Commission's review of 11 adequacy decisions adopted under Directive 95/46/EC for: Andorra, Argentina, Canada, Faroe Islands, Guernsey, the Isle of Man, Israel, Jersey, New Zealand, Switzerland, and Uruguay. And isn't entirely happy.

Dec 6, 2024

EDPB urges digital legislation to be aligned with the GDPR

members – 1 min read

The EDPB calls for digital legislation to align with the GDPR, emphasising the importance of legal certainty and coherence. And highlights the need for additional resources to support DPAs and the EDPB in addressing increasingly complex challenges.

Dec 5, 2024

📊 DPO Hub Pulse: AI topic page?

members –

Disclaimer: Work is underway on the legitimate interest topic page, but here’s your chance to weigh in on an AI one.

Dec 4, 2024

🚨 EDPB shares Art. 48 Guidelines (PC) and new Data Protection Seal certification

members – 1 min read

The EDPB just shared new Guidelines! This time for Article 48 and they're on public consultation until 25 Jan 2025. They also announced a new EU Data Protection Seal certification for 'Brand Compliance'.

Dec 3, 2024

CJEU C-169/23 Masdi 28 Nov 2024

members – 4 min read

The Art. 14(5)(c) derogation applies to *all* data not collected from the data subject, including self-generated. DPAs can, as per Art. 14(5)(c), verify if national law has measures to protect data subjects' legitimate interests, but this doesn’t include assessing Art. 32 security measures.

Nov 28, 2024

CJEU C-17/22 HTB Neunte Immobilien Portfolio 12 Sep 2024

members – 5 min read

National case-law could be relevant under Article 6(1)(c) legal obligation. The CJEU offers further guidance on legitimate interest assessments and highlights the importance of the data subjects' 'reasonable expectations'.

Nov 25, 2024

My Meta Pay or Okay experience - now they're cutting the price with 40%

members – 5 min read

Latest: Meta reduces sub prices and offers new free choice with less personalised ads, claiming it "goes beyond what is required in the law". 💸 And gets huge fines: €797.72m from the 🇪🇺 EC for antitrust violations and $25.4m from 🇮🇳 India's competition authority for 2021 privacy notice failures.

Nov 15, 2024

ICO approves first sector-owned UK GDPR Code of Conduct for private investigators

members – 1 min read

🇬🇧 ICO: "This code, which investigators in the private sector can sign up to, will provide certainty and reassurance to those using their services [and] assist investigators to navigate the challenges between conducting investigations whilst respecting people’s privacy rights."

Nov 14, 2024