Your data, my dilemma, our decision (object by 9 Aug)!
members
–
2 min read
Moving to US, object if you don't want to come
EDPB meeting minutes 18-19 June 2024
members
–
2 min read
Noteworthy points on involving others (earlier) in their work, opinions vs. guidelines, the political ads Regulation, and 🇸🇪 Supreme Admin. Court CJEU request regarding Art. 13-14 and camera surveillance.
EDPB Guidelines 1/2022 Right of access
members
–
3 min read
A snapshot of the EDPB Guidelines dealing with DSARs: Brief overview, key points, and some advice for data protection pros.
Rights: Access (DSAR) - examples
members
–
40 min read
Right of access examples from the EDPB and ICO.
EDPB press release: DPAs AI Act role, EU-US DPF FAQs, new European Data Protection Seal
members
–
1 min read
EDPB opines that DPAs should be designated AI Act MSAs, adopted 🇪🇺-🇺🇸 DPF FAQs for individuals and businesses, and an opinion approving the EuroPriSe Criteria Catalogue for certifying processors' processing activities, resulting in a European Data Protection Seal.
Denmark Google Workspace for Education Chromebook case (Helsingørgate)
members
–
9 min read
[15 July: Municipalities complies with Jan order + 🚨 DPA asks for EDPB opinion on the scope of a controller's documentation obligations regarding a processor's use of sub-processors] The Danish DPA's landmark decision of 2022 to ban certain use of Google products and US transfers, is still ongoing.
CJEU C-757/22 Meta Platforms Ireland (Representative action) 11 Jul 2024
members
–
2 min read
Consumer protection groups can take legal action against controllers they believe violate data subjects' rights, including the right to information. With C-319/20, this ruling *could* be a bit of a bombshell! #classaction
CJEU C-461/22 MK (Professional guardian) 11 Jul 2024
members
–
1 min read
A former legal guardian who acted in a professional capacity is a controller and must comply with the GDPR, including the right of access.
Right to object and right to erasure: insights from OSS decisions
members
–
2 min read
EDPB SPE project: Article 60 One-Stop-Shop thematic case digest analysing Articles 17 and 21. Key takeaway: Create, document, implement and control policies and procedures, including complaints management. PS: The 'data subject journey' is your secret weapon!
Grindr NOK 65m fine upheld in Norway (again)
members
–
2 min read
The Oslo District Court ruled in favour of the state on all points, after Grindr sued the authorities after the Privacy Appeals Board fully upheld the DPA's decision, including the NOK 65m record fine. Preliminary win, but expect an appeal.