News

10.08.2022

Klarna Bank AB - the importance of transparency in privacy notices

Earlier this spring, the Swedish Authority for Privacy Protection issued an administrative fine of approximately EUR 724 000 against Klarna Bank AB, a global leading FinTech and payments company, following their investigation of the company, which showed that Klarna did ...Mehr lesen
09.08.2022

Can an employer ask the candidate to provide him with a court certificate that criminal proceedings are not being conducted against him, when establishing an employment relationship?

When establishing an employment relationship, employers often ask the candidates for a court confirmation that no criminal proceedings are being conducted against them. The adoption of the new Data Protection Law in Serbia has raised the question whether such a request ...Mehr lesen
08.08.2022

Gaia-X Hub Austria entering its next operational phase

...Mehr lesen
01.08.2022

Gaia-X Austria stakeholder meeting in Vienna

...Mehr lesen
29.07.2022

Finding a balance between fighting crime and privacy – the use of metadata

Last April, the Portuguese Constitutional Court declared unconstitutional the provisions of articles 4, 6, and 9 of Law 32/2008 of July 17, which transposed into Portuguese law Directive 2006/24/EC of March 15, on the retention of data generated or processed in ...Mehr lesen
30.05.2022

Can audio surveillance be justified?

At the end of 2021, the Estonian Data Protection Inspectorate (DPA) issued a precept to a gas station using audio surveillance in its service stations, requiring them to, among other things, stop using audio surveillance. In the DPA’s opinion, audio surveillance could ...Mehr lesen
27.05.2022

China’s New Regulations on Controlling Algorithmic Recommendations in Applications

The Cyberspace Administration of China (CAC) has circulated the Regulations on the Management of Algorithm Recommendations for Internet Information Services Provisions") since August 2021. The Regulations has been put in effect on 1 Mar 2022. The enactment of the ...Mehr lesen
25.05.2022

Three criteria for the elaboration of the Regulation to the Ecuadorian data protection law

Ecuador continues to build its personal data protection system, for which those responsible for developing the regulation must properly understand and apply the criteria of the regulatory model that was assumed with the Personal Data Protection Law. Abstraction and ...Mehr lesen
23.05.2022

Unpacking the New Privacy Regime in India: The When, Who, What, and How?

The new Indian Privacy law mimics GDPR when it requires a ‘privacy by design’ architecture, sets up a central data protection authority, and mandates heavy fines for non-compliance! And, if this new bill has even a fraction of the seminal impact that GDPR had on European ...Mehr lesen
20.05.2022

The destruction of the algorithm: the new sanction for breaching the GDPR?

Since 2019, The Federlñ Trade Commission (FTC) has been seeking ways to punish the new digital unfair practices, consisting on illegally obtaining personal information from Internet users and exploit it with artificial intelligence tools. In this case, the punishment ...Mehr lesen
18.05.2022

Personal data protection in Ecuador, a few steps forward

The process of designating the Personal Data Protection Authority, the next milestone in the construction of the national data protection system in Ecuador, begins. ...Mehr lesen
16.05.2022

CCTV monitoring and the practice of the Hungarian DPA

CCTV monitoring has long been a key field for the Hungarian DPA. The article summarizes the DPA’s practice, as well as the related latests updates. ...Mehr lesen
11.05.2022

Schrems II resolved? Unpacking the EU-US Trans-Atlantic Data Privacy Framework

The United States and the European Commission have agreed in principle to a new Trans-Atlantic Data Privacy Framework (the ‘Framework’) to foster EU-US data flows and address the concerns raised by the Court of Justice of the European Union (‘CJEU’) in the now infamous ...Mehr lesen
09.05.2022

Important concepts in cross-border transfer of data from China

The Data Security Law (“DSL”) and Personal Information Protection Law (“PIPL”) of mainland China, which came into force last year, play an important role in regulating data privacy in mainland China, alongside the existing Cybersecurity Law (“CSL”). These three laws ...Mehr lesen
06.05.2022

First European Code of Conduct for the pharma industry approved

A Code of Conduct regulating the processing of personal data in the field of clinical trials and other clinical research and pharmacovigilance has been approved. The code of conduct, promoted by Farmaindustria in Spain, regulates how the promoters of clinical studies ...Mehr lesen
04.05.2022

CNIL orders 3 websites to stop using Google Analytics

The French supervisory authority has adopted 3 formal notices against famous French websites requiring them to stop using Google Analytics because of unlawful data transfers to the United States. ...Mehr lesen
02.05.2022

The Polish DPA rules about the right to access the personal data contained in trackers

The Polish DPA (the President of the Personal Data Protection Office, further as "the Polish DPA") has reprimanded a webiste operator for infringing article 6(1), article 15 (1) and article 15 (3) GDPR. The Polish DPA also ordered the webiste operator to erase data ...Mehr lesen
20.04.2022

INPLP Activity Report 2021 published

The past year was immensely impactful for the INPLP and characterized by strong collaboration, hard work, continued growth of the network, and finally another physical conference in Vienna. Striving for ambitious expansion while strengthening international relations was ...Mehr lesen
12.04.2022

The Telecommunication Telemedia Data Protection Act – a new “cookie law” for Germany

On 1 December 2021, the Telecommunication Telemedia Data Protection Act (“TTDSG”) came into effect. Amongst others, it was meant to clear up long-standing ambiguities in relation to the implementation of the EU ePrivacy Directive in Germany, particularly regarding ...Mehr lesen
18.03.2022

Dutch GDPR class action against Oracle and Salesforce declared inadmissible

The first major GDPR class action under the Dutch Act on Mass Damages Settlement in Class Actions (WAMCA) has been declared inadmissible before a substantive assessment could take place. ...Mehr lesen
21.02.2022

2021 in GDPR fines

The EU General Data Regulation (GDPR) is among the world's toughest data protection laws. In this article you will have a general overview about the fines imposed by control authorities in 2021. ...Mehr lesen
14.02.2022

Bulgarian Supreme Administrative Court with Decision on Processing Data for Journalistic Purposes

Bulgarian Supreme Administrative Court issued a decision setting out criteria relevant for assessing the balance between the right to freedom of expression and information and the right to the protection of personal data. ...Mehr lesen
02.02.2022

UK’s proposed data protection reforms - a step in the wrong direction?

The proposed reforms to data protection laws by the UK government are ones that have been longed promised in a post-Brexit world and their aim is to create an ambitious, pro-growth and innovation-friendly data protection regime. This article explores some of the key ...Mehr lesen
30.11.2021

6th INPLP conference – great success

The 6th INPLP Conference was successfully held in Vienna under the auspices of EuroCloud Europe and organised by Sourcing International. ...Mehr lesen
29.09.2021

Upcoming: the 6th INPLP annual conference

Vienna, Austria
19 - 21 November 2021 ...Mehr lesen
07.07.2021

Ö-Cloud Gütesiegel geht “live”

...Mehr lesen
07.05.2021

Die Cloud, die Gesundheit und die Bank

360° Cloud Webinar Nr. 2, 22.6.2021 um 19:00-20:00 Uhr ...Mehr lesen
07.05.2021

Die Cloud, die Beauty und der Großkonzern

360° Cloud Webinar Nr. 1, 21.5.2021 um 14:00-15:00 Uhr ...Mehr lesen
29.04.2021

Das Frühlingsevent von EuroCloud Swiss

Swissness in der Cloud ...Mehr lesen
26.04.2021

Pharma IT Compliance

Die Schnittstelle von IT und Qualitätssicherung unter dynamischen Rahmenbedingungen ...Mehr lesen
16.12.2020

Letter to the EDPB in response to the recently adopted recommendations published by the EDPB

With a letter to the European Data Protection Board (EDPB), the International Network of Privacy Law Professionals (INPLP) made use of the opportunity to provide comments on the recently adopted recommendations published by the EDPB. ...Mehr lesen
15.12.2020

EDM erhält 4-Sterne-Zertifikat

Der Cloud-Dienst des Bundesministeriums für Klimaschutz, Umwelt, Energie, Mobilität, Innovation und Technologie (BMK) erhält zum vierten Mal das EuroCloud StarAudit-Zertifikat. Auditoren bestätigenein außerordentlich hohes Niveau in Bezug auf ...Mehr lesen
14.12.2020

Monaco: the 2019 Report of the Personal Data Protection Authority published

The Monegasque Data Protection Authority (hereinafter “CCIN”) has just published its 11th Activity Report covering the year 2019, of which here is an overview. ...Mehr lesen
10.12.2020

A Path Forward – Draft Guidance Published For Dealing With International Data Transfers Post-Schrems II

In the wake of the decision of the Court of Justice of the European Union (CJEU) in Schrems II, controllers and processors have been working closely with legal advisors to find a compliant way to transfer personal data outside of the European Economic Area (EEA). ...Mehr lesen
07.12.2020

Scientific Research across Europe. Does the GDPR ensure an aligned approach?

The GDPR aims to establish a uniform legal framework applicable to the processing of personal data across Europe, while allowing Member States to legislate differently with regard to specific matters. One of those matters is the processing of personal data for scientific ...Mehr lesen
02.12.2020

Data Privacy And Protection Regulations In Nigeria

Challenges Confronting Implementation Of Data Privacy And Protection Regulations In Nigeria ...Mehr lesen
27.11.2020

Schrems II recommendations

Important recommendations EDPB (European Data Protection Board) after Schrems II and new standard contractual clauses ...Mehr lesen
25.11.2020

5th annual INPLP conference

The International Network of Privacy Law Professionals hosted its 5th annual conference ...Mehr lesen
19.11.2020

600.000 EUR fine to Google Belgium for misapplying the right to be forgotten

The right to be forgotten is one of the more complex rights in the GDPR, requiring a careful balancing of principles and interests. In a recent case before the Belgian data protection authority, Google Belgium was accused of interpreting the right too narrowly. The ...Mehr lesen
05.11.2020

Romanian DPA fines the lack of cooperation with the supervisory authority

The Romanian Data Protection Authority ("Romanian DPA") has recently sanctioned three entities (two private companies and a homeowners association) for lack of cooperation with the supervisory authority, imposing on these entities administrative fines of EUR 2,000 ...Mehr lesen
02.11.2020

Slovak country-wide COVID-19 testing from the perspective of personal data protection

Slovakia has recently witnessed a significant increase in the number of confirmed COVID-19 cases. The country exceeded the threshold of one thousand cases per day on Oct. 7. Only about a week later, tests revealed over 2.000 infected people per day. ...Mehr lesen
13.10.2020

The handbook on the protection of privacy by transport entities in a digital environment in Israel

The Israeli Privacy Protection Authority published a handbook for transport entities on the protection of privacy by in a digital environment (the “Guidance”). ...Mehr lesen
01.10.2020

GDPR versus ISO 27701

Although some jurisdiction such as EU's GDPR provide a mechanism for an organization to demonstrate its compliance to GDPR (Article 42 and 43), assessment programs representing this mechanism is not yet available. On the other hand, businesses would like to have ...Mehr lesen
12.06.2020

Startschuss für die Arbeitsgruppensitzung zur Ö-Cloud

Das Soucing International Team, repräsentiert von Dr. Tobias Höllwarth, ist stolz von Ministerin Margarete Schramböck zum Projekt Ö-Cloud eingeladen zu sein und die Arbeitsgruppe Zertifizierung zu repräsentieren. ...Mehr lesen
02.03.2020

Enforcement of GDPR Infringements by Third Parties – First Decision of the Austrian Supreme Court

While the GDPR deals extensively with the rights and claims of data subjects, it mainly leaves the provisions for the assertion of such claims by third parties to the member states and their courts. In a recent decision, the Austrian Supreme Court now addressed this ...Mehr lesen
20.12.2019

Report on the State of Privacy in Slovakia

The Office for Personal Data Protection of the Slovak Republic (hereinafter referred to as “Office”) pursuant to the provisions of § 81 para. 2, par. k) of Act no. 18/2018 Coll. on the protection of personal data and on amendments to certain acts shall submit to the ...Mehr lesen
20.12.2019

The Danish Data Protection Agency has published new rulings regarding email encryption within the security of processing area

Article 32 of the GDPR on the security of processing has been one of the main focus areas of the Danish Data Protection Agency (the DDPA) in 2019. ...Mehr lesen
13.12.2019

The Belgian data protection authority issues a fine for unlawful use of the national identity card as a tool for customer card enrolment

The Belgian electronic identity card system has been in vogue for a number of years now as a reliable means for electronic identification. It relies principally on the official national register number to identify citizens. Private sector use of that number is however ...Mehr lesen
13.12.2019

StarAudit Area 7 (GDPR) becomes mandatory starting from 2020

The most recent version of the StarAudit Catalogue v4.0 (Rev. 03) will be the mandatory version to be used in audits from 2020. ...Mehr lesen
12.12.2019

Administrative fine of 14.500.000 Euro imposed against German Real Estate Company

The Berlin Data Protection Authority has imposed an administrative fine against a Berlin real estate company for 14,5 Million euros due to violations of GDPR regulations ...Mehr lesen