EDPB opines that DPAs should be designated AI Act MSAs, adopted 🇪🇺-🇺🇸 DPF FAQs for individuals and businesses, and an opinion approving the EuroPriSe Criteria Catalogue for certifying processors' processing activities, resulting in a European Data Protection Seal.
[15 July: Municipalities complies with Jan order + 🚨 DPA asks for EDPB opinion on the scope of a controller's documentation obligations regarding a processor's use of sub-processors] The Danish DPA's landmark decision of 2022 to ban certain use of Google products and US transfers, is still ongoing.
Consumer protection groups can take legal action against controllers they believe violate data subjects' rights, including the right to information. With C-319/20, this ruling *could* be a bit of a bombshell! #classaction
EDPB SPE project: Article 60 One-Stop-Shop thematic case digest analysing Articles 17 and 21. Key takeaway: Create, document, implement and control policies and procedures, including complaints management. PS: The 'data subject journey' is your secret weapon!
Noteworthy points on both EUC and Microsoft appealing the EDPS decision, next steps for the Consent or Pay guidelines, and AI Act national competent authorities.
⚖️ 9 points interpreting Art. 82(1), including: its aim is to compensate for damage, not to punish or deter GDPR violations; fear alone or stolen personal data can trigger claims if proven; and national courts can grant minimal compensation for minor damage.
Article 15(1) of the ePD allows Member State law to require that judges' decisions authorising wiretaps must include their own written reasons, even if the police's applications already provide detailed justifications.
The DPA stresses that their advice applies generally to all social media and "of great importance" to all educational institutions and similar organisations in 🇳🇱.