Rie Aleksandra - DPO Hub (Page 2)

C-200/23 Agentsia po vpisvaniyata

members – 3 min read

An authority of a commercial register = both recipient and controller. Handwritten signatures = personal data. Temporary loss of control (e.g. public disclosure) can lead to damage, but harm must be proven. And a few more points in today's CJEU ruling!

Oct 4, 2024

CJEU C-621/22 KNLTB

members – 2 min read

A long-anticipated case on whether a *commercial* interest can qualify as legitimate under Article 6(1)(f). The CJEU confirms that it can, provided the interest is lawful, but emphasises the *strict* necessity requirement.

Oct 4, 2024

C-548/21 Bezirkshauptmannschaft Landeck (attempt to access personal data stored on a mobile phone)

members – 1 min read

A case relating to the ePrivacy and Law Enforcement Directives, concluding that police access to phones isn't limited to the fight against serious crime.

Oct 4, 2024

Interesting non-GDPR CJEU case on gender change (C-4/23 Mirin)

members – 1 min read

💡 (Non-GDPR/ePrivacy) CJEU ruling stating that Member States can't refuse to recognise changed name and gender approved in another MS.

Oct 4, 2024

CJEU C-446/21 Schrems (communication of data to the general public)

members – 3 min read

Facebook (and similar platforms) can't use all personal data obtained for targeted ads, without restriction as to time and distinction as to type of data.

Oct 4, 2024

CJEU C-21/23 Lindenapotheke

members – 2 min read

The CJEU rules against the Advocate General's Opinion, concluding that any medicinal product you order, prescription or not, is health data and requires your explicit consent. 🤯

Oct 4, 2024

Big Five news: DSA, DMA, DGA, DA (AIA)

members – 5 min read

Latest: EC sends DSA info-request to YouTube, Snapchat and TikTok about their recommender systems. 🇳🇱 ACM shares DSA guidelines and invites to online meeting 21 Nov. EDPB & EC joint guidance on interplay GDPR-DMA. EC shares Data Act FAQ and new practical guide to the Data Governance Act.

Oct 4, 2024

EDPB meeting minutes 16 July 2024

members – 2 min read

Systems overload! Is the EDPB taking on too much?

Oct 3, 2024

Welcome! Start here 👇

members – 3 min read

Find your way around the DPO Hub: Manage your subscription, choose your favorite view (grid or list) and theme (from four different ones!) and bookmark posts. 🔎 Didn't find something? There's a form for that too!

Oct 1, 2024

DPC fines Meta €91m for failing to safeguard passwords and notify breaches

members – 1 min read

And for once, no other DPA objected to the DPC's draft decision. Read their handy one-pager here. 👇

Sep 27, 2024

CJEU C-768/21 Land Hessen (DPA obligation to act)

members – 1 min read

DPAs aren't obliged to exercise a corrective power in all cases of a breach, in particular imposing a fine, for example if the controller took necessary measures to end and further prevent the breach.

Sep 26, 2024

AI (Act) resources

members – 4 min read

Latest: 🇪🇺 study highlights significant potential of AI to improve public sector services across the EU.🇧🇪 DPA shares two new AI resources: a brochure on GDPR requirements for AI systems, and a new thematic web page for AI.

Sep 26, 2024