[ad_1]
To print this article, all you need is to be registered or login on Mondaq.com.
Data privacy case law and legislation is constantly updated in
the United Kingdom and European Union to address key issues. In
order to track the latest developments, we have set out a brief
overview of case law updates, legislation, guidance and news.
Case Law Updates and Fines
- On 25 August, the ICO fined This Is The Big Deal Limited
£30,000 for unsolicited direct marketing. Read the monetary
penalty notice here.
- On 28 August, in Spain, the AEPD fined Atresmedia €50,000
for unnecessary data processing. Read the decision, only available
in Spanish, here.
- On 30 August, the AEPD fined GLS Spain €140,000 for
unlawful data processing. Read the decision, only available in
Spanish, here.
- On 30 August, the Swedish data protection authority (IMY) fined
Trygg-Hansa SEK 35M for data security failures. Read the press
release here and the decision here, both only available in Swedish.
- On 28 August, the High Court of Ireland issued its decision in
the case of Johnny Ryan vs. Data Protection Commission [2023] IEHC
511. This case involved a challenge to the Data Protection
Commission’s handling of a complaint made under the General
Data Protection Regulation (GDPR) and the Data Protection Act 2018
by Johnny Ryan, concerning Google Ireland Ltd’s data processing
for targeted advertising through the Google Authorized Buyers Ad
Exchange. Read the judgment
here.
Legislation
- On 25 August, the European Commission announced that the
Digital Services Act entered into force, on the same date, for
large online platforms following its general entry into effect on
November 16, 2022. Read the press release here and the DSA here.
- On 20 August, the CNIL issued its opinion on a draft decree
relating to the use of algorithmic processing technologies relating
to the Paris 2024 Olympics. Read the opinion, only available in
French, here.
- On 1 September, in Switzerland, the Federal Act on Data
Protection 2020 and the Ordinance on the Federal Act on Data
Protection entered into force. For further information and
resources on Switzerland, see Switzerland homepage.
Guidance & Draft Guidance
- On 29 August, the Danish data protection authority
(Datatilsynet) published new guidance on the obligations of data
controllers when the ‘auto-complete’ function is used in
emails. Read the press release here and access the guidance here both only available in Danish.
- On 30 August, the ICO issued guidance on sending emails
containing personal data. Read the press release here and access the guidance here.
- On 31 August, in Switzerland, the FDPIC released its factsheet
on procedure for preparing a DPIA. Read the press release here and download the factsheet here.
- On 31 August, the ICO issued guidance on handling employee
health data. Read the press release here and access the guidance here.
- On 25 August, in Norway, Datatilsynet released guidance on
access to employees’ emails and electronically stored material.
Read the press release here guidance here, both only available in Norwegian.
Data Protection Authority Updates and Privacy News
- On 28 August, the CNIL requested comments on the draft
recommendation on processing presenting high risks. Read the press
release here and the draft recommendation here, both only available in French.
- On 24 August, in Turkey, the Personal Data Protection Authority
(KVKK) announced a data breach within Besiktas Sportif
Ürünleri Sanayi ve Ticaret. Read the press release, only
available in Turkish, here.
- On 29 August, in Serbia, the Commissioner for Information of
Public Importance and Personal Data Protection (the Poverenik)
announced that the Government of the Republic of Serbia had adopted
the personal data protection strategy for 2023 to 2030. Read the
press release here.
- On 29 August, the UK Culture, Media and Sport Committee
published its report titled ‘Connected tech: AI and creative
technology.’ Read the press release
here, the report here, and a summary of the report here.
- On 22 August, in Spain, the Ministry of Finance and Public
Function announced the approval by the Council of Ministers of a
Royal Decree approving the statute for the creation of the National
Artificial Intelligence Supervisory Agency. Read the press release,
only available in Spanish, here.
- On 31 August, in the Netherlands, the Dutch data protection
authority (AP) published a report titled Algorithmic Risks Report
Netherlands. Read the press release here and the report here.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Privacy from Worldwide
[ad_2]