The role of the Data Protection Officer (DPO), or Encarregado de Dados, is critical to fostering a culture of privacy and data...

The Slovak Office for Personal Data Protection (hereinafter referred to as the “Office”) recently imposed a fine of EUR 7,500 on...

The Nigeria Data Protection Commission (the Commissi-on or NDPC), in exercise of its regulatory mandate and after a painstaking...

Banking entities in Panama are implementing biometric validation processes without considering basic principles of personal data...

The IC found that the food delivery companies had no legal basis for printing the identity numbers on the outside of the delivery...

Recently, two notable cases have emerged demonstrating that the consent requirement for cookies is not always adhered to. The Dutch...

The GDPR, designed to safeguard personal data, sometimes conflicts with rights like freedom of expression. In Sweden, online...

Unlock the potential and pitfalls of AI transcription services in your workplace—while they offer unmatched convenience, they also...

In early 2022, the Portuguese National Data Protection Supervisory Authority (“CNPD”) accused Lisbon’s Municipality of retaining...

Nixon Peabody is a full-service law firm with 15 locations and 600 attorneys throughout the United States and in international...

The Israeli parliament recently adopted a new amendment to the Israeli Protection of Privacy Law, 5741-1981 ("PPL") entering into...

This article seeks to inform businesses and industry professionals such as marketing specialists and data engineers on the data...

Report on ChatGPT outlines European data protection regulator's preliminary views and early indicators about the direction of...

Mexico's approach to personal data protection operates through distinct frameworks for the public and private sectors. The Federal...

This resolution includes data for 519 applicants i.e. their names and surnames, personal identification numbers (PIN), bank accounts...

The Turkish Data Protection Law was amended to introduce new mechanisms to transfer personal data from Turkey to other countries. One...

The Chinese government's focus on regulating data exports poses a major challenge for multinationals in China. This article discusses...

The Irish Data Protection Commission (“DPC”) published its 2023 Annual Report on 29 May 2024 (the “Report”). The Report can be...

This article is devoted to the positions of principle of the personal data supervisory authority of Monaco (hereinafter “CCIN”)...

Overfitting in AI, where models over-specialize in training data, exemplifies the challenge faced by Transformer-based LLMs which...

We are excited to announce the upcoming 9th INPLP conference, set to take place this November in the lively city of Luxembourg!...

At first sight, blockchain technology and the General Data Protection Regulation (GDPR) seem to be intrinsically incompatible. The...

The Personal Information Protection Commission recently publishes an interim summary of issues for the next amendment of the Japanese...

While India’s new Government will continue to push new digital laws, successful implementation of new concepts may require a little...

Despite ongoing efforts to align with EU data protection standards, the Swiss-U.S. Privacy Framework remains a work in progress,...

Adequacy is a status granted by the Commission of the European Union to countries outside the European Economic Area (EEA) that...

Over the course of several preliminary references during 2023 and 2024, the Court of Justice of the European Union (“CJEU”) has...

With the decision No. 5 of 2024, the Italian Data Protection Authority (“DPA”) penalised the Municipality of Trento for the unlawful...

On 17 June 2024, the Commissioner for Data Protection of Cyprus published her decisions (issued in February 2024) in relation to...

As France gears up to host the 2024 Olympic and Paralympic Games, expecting several million spectators and thousands of athletes, the...

Arochi & Lindner (A&L) is a premier law firm with more than 30 years of experience in providing world-class advice and representation...

Niubox is a premier consulting firm at the forefront of providing highly specialized legal counsel and strategic consulting services...

Data sharing is a subject of ever-increasing importance, and one that is occupying the European Union exponentially, which has sought...

The widely anticipated registration of controllers commenced on June 1, 2024, and both local and international controllers are...

Hart Muirhead Fatta is a law firm, offering a wide range of services to corporate and individual clients. The firm provides the range...

The Spanish DPA (AEPD) has ordered a precautionary measure against Meta Platforms Ireland Limited to immediately suspend the...

Karamanolis & Karamanolis LLC is a boutique firm with seasoned senior lawyers who specialize in commercial and corporate law. The...

Han Kun is a leading full-service law firm in China. Over the years, Han Kun has been widely recognized as a leader in complex...

The Danish Data Protection Agency has in the widely discussed Chromebook case assessed the legal basis for disclosure of personal...

Combating law violation and crime in school units in Cyprus through CCTV.

Chile is the first country in latinamerica that seeks to regulate AI. For this purpose, the country has chosen to follow the EU,...

The recently proposed Online Harms Act, introduced in Bill C-63, is Canada’s latest attempt at addressing online harms. This article...

The first of May is a public holiday in Germany, among other countries, and is known as Labour Day. To this day, the "Day of the...

MLL Legal Ltd is a leading Swiss law firm with a history that dates back to 1885. The firm has grown both organically and by means of...

In July 2023, the United States Department of State announced its partnership with the Government of Costa Rica to explore...

Naschitz, Brandes, Amir & Co., Advocates is one of Israel’s preeminent full-service law firms, with a long-standing international and...

AYR is one of Israel's largest and fastest-growing law firms, consistently ranked as a leader in quality and size by prestigious...

In December 2023, the European Court of Justice (CJEU) had to decide yet another case that will have a significant effect beyond the...

Depending on where you live, religious ceremonies can trigger a certain degree of administrative follow-up. In Belgium – like in many...

The first step has been taken in the long-awaited harmonisation of the Turkish Data Protection Law with the GDPR. With this step, the...

Argentina, along with 10 other countries, receives ratification from the European Union on its adequacy note for the international...

The current debates on artificial intelligence create a timely opportunity for the development of mechanisms that balance the...

Bulgarian Personal Data Protection Commission has issued an opinion on the admissibility of processing video surveillance records...

Whether or not (nearly) any and all violation of the General Data Protection Regulation (GDPR) entitles data subjects to non-material...

The past year was a success for the INPLP, marked by robust collaboration and network growth. The annual conference in Dublin, hosted...

This article explores the regulatory landscape for data controllers located outside Turkey and their obligations under the Turkish...

In a recent decision by the Office for Personal Data Protection, we witnessed a case of violation of the Personal Data Protection Act...

In a recent case, the Serbian Commissioner for Information of Public Importance and Personal Data Protection issued a cautionary...

"The genie is out of the bottle. We need to move forward on artificial intelligence development but we also need to be mindful of its...

The North Macedonian Personal Data Protection Agency has issued several fines for financial companies for fast loans due to...

This article outlines the complaints addressed to the CCIN by data subjects, the number of which, in proportion to Monaco, is rising...

In September 2023, the Irish Data Protection Commission (“DPC”) adopted its final decision in an own-volition inquiry into the...

This article analyses the impact of advancing neurotechnology on human rights, particularly regarding cognitive freedom, mental...

Despite Brazil having it’s own all-encompassing law on data protection (i.e. the General Data Protection Law - LGPD) and its own...

India is now one-month into its grand experiment with data privacy regulation, having replaced a decade-old set of data security...

Tevetoglu Legal is an Istanbul-based international law firm that excels in offering exceptional legal counsel to pioneering...

Information security compliance has become now a new exploit that cybercriminals are taking advantage from, prompting a need for...

California Privacy Protection Agency issues new amendments to the CPRA regs for discussion in its upcoming December 8 meeting. What...

YAZICIOGLU Legal is an Istanbul-based technology, media, telecommunications, data protection/cyber security and commercial law...

You may want to avoid getting lost in translation when preparing a data transfer to or from Mexico. We have different names to...

Even though Chile was the first Latin American country to have a data privacy regulation and has developed one of the most successful...

Managing cyber attacks has always been a complex task and, in almost every scenario, it implied the dismissal of the CISO of the...

This case highlights the challenging balance between safeguarding data privacy and preserving the integrity of sport through...

Hong Kong is grappling with a surge in cyber security breaches, prompting the authority to take proactive measures. This article...

The new Hungarian Digital Citizenship Act would make communication with public administration, as well as management of official...

The right for Privacy is a fundamental right according to Israeli law but it is a relative right. How should State interests to...

2023 has been a year of growth and learning for Costa Rica in terms of privacy. Two takeaways on local supervisory authority...

This article explores the regulatory landscape for data controllers located outside Turkey and their obligations under the Turkish...

California Governor, Gavin Newsom, issues Executive Order on Generative AI, which echoes some points in the recent Texas and...

Slovenia’s Constitutional Court found the provisions of the Criminal Procedure Act (CPA) enabling the prosecution (police) to access...

In a recent case, the Serbian Commissioner for Information of Public Importance and Personal Data Protection issued a cautionary...

On October 13, 2023, the Portuguese Parliament approved an updated version of Law No. 32/2008, which had been declared...

The Swedish Authority for Privacy Protection issued an administrative fine of SEK 35 million (3MEUR+) against the insurance company...

In its judgment 4 Ob 77/23m from 27th June 2023 the Austrian Supreme Court, among other things, ruled that the provision of...

Successful event held in Dublin with representatives from 20 countries.

The Italian Data Protection Authority recently gained international attention for being the first to address the privacy risks of...

The Czech Data Protection Office (Úřad pro ochranu osobních údajů or ÚOOÚ, further as “CZDPA”) is the authority supervising...

Since the end of December 2021, the preliminary ruling of the European Court of Justice (CJEU) on the conditions under which an...

For a period, the Nigeria Data Protection regulation (NDPR) 2019 was the reference point for data privacy and protection compliance...

Contrary to some persisting beliefs that the AI Act and GDPR are inherently incompatible, GDPR may in fact be interpreted in a way...

While generative AI has been getting attention in business, there has been a concern on the protection of personal information when...

The recently enacted Nigeria Data Protection Act (“the Act”) 2023 is now the principal data privacy and protection legislation in...

The General Data Protection Regulation (GDPR) and the Brazilian General Data Protection Act (LGPD) are two comprehensive data...

Online advertising is one of the largest online industries. However, it also has long faced issues with data protection regulators....

Romania transposed the EU Whistleblowing Directive on 22 December 2022, via Law No. 361/2022 on the protection of whistleblowers in...

French Data Protection Authority, the CNIL, has fined advertising company CRITEO €40 million for improper conduct in handling users’...

The European Commission's new adequacy decision concerning the United States puts a stop to the European doctrine that was taking...

In its judgement from February 2023, the Supreme Administrative Court of Poland announced a significant decision from 2019 of the...

The Central Bank of Barbados recently published its Technology and Cyber Risk Management Guideline. Not only does the Guideline...

The Spanish DPA (AEPD) published earlier this week new guidelines on cookies in order to update the existing ones to the...

As in the case of other Latin American and European jurisdictions, the scope of data protection rules in Peru has been designed to be...

In the ever-evolving landscape of data protection and privacy regulations, organizations must remain vigilant in upholding the...

Argentine Information Technology Subsecretariat approves a set of recommendations for trustworthy artificial intelligence (“AI”),...

The Danish Data Protection Authority, Datatilsynet, has issued severe criticism of Boligportal, Denmark's largest online marketplace...

On 8th June 2023 the ECJ’s Advocate General, Maciej Szpunar, delivered his opinion in the Case C-376/22, concerning the conformity of...

CVG Law Firm is an Istanbul-based law firm offering legal consultancy and dispute resolution services to foreign and Turkish...

November 17th – 18th (Dublin, Ireland)

Alessandri is one of the most prestigious law firms in Chile. Its services meet the entire range of legal requirements of local and...

On 8 March 2023, the Department for Science, Innovation and Technology ("DSIT") introduced the Data Protection and Digital...

On 22 May 2023, the Irish Data Protection Commission (DPC) announced the conclusion of its inquiry into Meta Platforms Ireland...

Bulgarian DPA is currently applying on a regular basis a new procedure in cases of data breach notifications which includes complex...

The type of information we need to know Publication of the CVs of persons holding public office serves the principle of...

The Law on Protection of Personal Data w. no. 6698 (“DPL”) contains data subject rights that are similar to those that can be found...

Palmer Legal provides best in class legal services with a human centered approached. They believe in listening to the client and...

Mexico has not yet explicitly included biometric data as a special category of personal data (or sensitive data), but this has not...

Argentina becomes the 23rd state to ratify Convention 108+.

The so-called “Travel Rule” will soon be extended to cover transfers of crypto-assets following the approval of the revised Transfer...

Statistics Norway (SSB) is a Norwegian government agency that is responsible for development of official statistics for public...

Following the American and European trend, Portugal is now one of the countries that has determined the use of Bodycams by security...

As of 2023 data privacy in Slovenia will be governed by the newly passed Personal Data Protection Act (ZVOP-2), which aims to bring...

According to the Labor Law of the Republic of Serbia, if an employee refuses to accept at the premises of the employer a document...

The Telecommunications Business Act (“TBA”) is a law administered by the Ministry of Internal Affairs and Communications of Japan....

The Hong Kong Privacy Commissioner for Personal Data has release signs of revamping the data protection regime in the region that...

After two years of the law in force, and a countless actions to ensure compliance with the data protection regulation in Brazil, the...

On 7 March 2023, the Data Protection Commission (“DPC”) released its 2022 Annual Report. We have summarized the key points from the...

Among the privacy changes some interesting Legislative amendments were proposed to the Israeli Privacy Protection Law (correction...

As in the past, the Luxembourg data protection Authority (the “CNPD”) launched in 2020 a thematic investigation on transparency...

The Austrian Data Protection Authority (DPA) decided (6th of March 2023, D155.028, 2022-0.726.643) that the use of the Facebook...

… And this time it’s not Max Schrems who’s behind it. On March 15, 2023, the Amsterdam District Court ruled that Facebook Ireland...

Understanding the Importance of Data Protection Compliance Management in Processing Chains: Key Takeaways from the CJEU’s “Proximus”...

The Italian Data Protection Authority (“Garante Privacy”) has ordered the limitation of the data processing activities carried out by...

The increasingly common use of AI in our daily lives raises multiple concerns, particularly around data privacy and regulatory...

At the end of January, we celebrated Data Protection Day. To mark that annual occasion, TGS Baltic’s Data Protection Team compiled an...

China recently released an administration regulation on the use of deep synthesis technologies and their use on the internet. The...

The Voivodeship Administrative Court in Warsaw recognizes online identifiers, including cookies, should not be automatically...

France makes the payment by insurers in case of cyber attacks conditional upon the prior filing of a criminal complaint within 72...

The Guidelines on Use of Cookies (the “Guidelines”) was published by the Personal Data Protection Authority (the “Authority”) on June...

Data protection claims are in the dock. The Irish Circuit Court has temporarily halted proceedings for non-material damage claims...

The Digital Operational Resilience Act (Regulation (EU) 2022/2554) solves an important problem in the EU financial regulation, as it...

Chancery Advocates is an innovative and progressive dispute resolution set, focused on corporate and commercial matters. Chancery...

Hayes solicitors provides a comprehensive range of legal services to corporate, public and private clients in Ireland and...

Security breaches and data loss are a core concern of any controller or processor. What possible avenues of redress can a Controller...

The Spanish DPA (AEPD) just published the conclusions of this first European report, coordinated by the European Data Protection...

The Danish Data Protection Authority has found that the largest bank in Denmark - Danske Bank - has failed to demonstrate that it has...

In accordance with Personal Data Protection Law No. 6698 (the “DPL”) and the Regulation on Data Controllers’ Registry (“Regulation”),...

How Cyprus found itself in the epicenter of the spy scandal in Greece

The lists for financial support for vulnerable categories of citizens may be available to the public only during the duration of the...

A highly advanced Personal Data Protection Law to become into force on May 31st 2023, brings some challenges to Ecuador’s economy...

Last year, there were some positive developments in related to data protection law. Unfortunately there were also bad ones in which...

Article 1.2 of the Nigeria Data Protection Regulation (NDPR) 2019 provides the extent and limit of the territorial application of the...

After a member of the French Parliament warned about the potential unlawfulness of using Office 365 and Google Workspace for free in...

The development of facial recognition technology has introduced many possibilities to increase cybersecurity, productivity, and...

On 6 October 2022, Advocate General Manuel Campos Sánchez-Bordona issued an opinion concerning the right to compensation for...

The Personal Data Supervisory Authority (hereinafter "CCIN") has published its 13th Activity Report covering the year 2021. This...

In 2021, the Norwegian Data Processing Authority (DPA) established a regulatory test environment (“sandbox”) for Artificial...

The Data Protection Law entered into force in March 2021, two years after its publication on March 29, 2019. This law -although...

In 2022, the Panamanian Data Protection Authority sanctioned the digital media for publishing a public document without the consent. ...

As part of negotiations, due diligence, preliminary reviews and analysis, a party may request or need certain information containing...

The UK Information Commissioner's Office (ICO) has started routinely publishing information about complaints made against...

This article summarizes the substantive highlights and legislative progress of the proposed Artificial Intelligence and Data Act...

Bulgarian DPA issued an opinion on the questions from a Bulgarian City Municipality regarding requested ongoing access from the...

Trough Resolutions No. 240/2022 and 244/2022 the Agency for Access to Public Information through Resolutions No. 240/2022 and...

JK GROUP is a legal and tax consulting company located in Slovenia, focused on south-east European countries. They are specializing...

If an entity collecting data is not fully transparent about the information that is being collected and how it will be processed and...

New US adequacy draft opinion is out. Everyone is talking about #SchremsIII (and IV and X), so I will not. Instead - let's discuss...

Slovenia’s Information Commissioner (IC) ordered a cloud computing provider (a public administration body) to enter into written...

The Swedish Authority for Privacy Protection (“the Swedish DPA”) is currently investigating four online pharmacies in Sweden for...

It has been perceived that the sanctioning activity of the Portuguese Supervisory Authority has been fundamentally focused on public...

This article discusses the content of and responses to President Biden’s executive order implementing the new EU-US Data Privacy...

Data is certainly a valuable commodity for the digital economy and society. As part of the 2020 European Data Strategy, the European...

Ozdagistanli Ekici is a leading independent firm located in Istanbul with an impressive track record in IP and IT matters. The firm...

Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report...

The Italian Data Protection Authority (“Garante Privacy”) has imposed a fine of 70,000 euros on a data controller for failing to...

The Personal Information Protection Commission (“PPC”), recently published a data mapping tool kit, while using cross-border transfer...

The 7th INPLP Conference was successfully held in Vienna under the auspices of EuroCloud Europe and organised by Sourcing...

A Copenhagen-based law firm has just been fined DKK 500,000, approx. EURO 67,150, for failing to implement basic security measures...

Businesses around the world now face strict rules governing the cross-border transfer of personal data. Like as has happened in...

This article discusses Bill C-27, the recently introduced Federal legislation to update Canada’s private sector privacy law. The bill...

India recently released a new draft Telecommunications Bill, 2022, which is currently open to public consultation. This Bill would...

The European Data Protection Board and the Irish Data Protection Commission have recently published guidelines for businesses in...

China’s Measures for Security Assessment for Outbound Data Transfer came into effect on 1 Sep 2022. The Measures require risk...

The privacy team of ECIX GROUP has carried out a comparative analysis focused on the existing different data protection regulations...

Rebaza, Alcázar & De Las Casas has a team of lawyers that is dedicated to advising local and international clients on complex issues,...

The current Ecuadorian government is about to issue a new digital transformation policy. Once the working tables have closed, the...

Companies have long used e-marketing to facilitate their development and attract new customers, and in our digital world, reliance on...

This summer, the data protection authorities (DPAs) of the three Baltic States – Estonia, Latvia and Lithuania – announced that they...

Heka Law was created with the aim of offering legal services through practical and intelligent solutions that contemplate a...

The Hungarian data protection authority confirmed in a new case that the controller cannot block access to voice recordings by...

The Metaverse uses a variety of technologies such as AR and VR, DLTs (Blockchain), AI, IoT, IoRT, 5G, that enable the creation of...

The right to be forgotten is one of the most frequently referenced and misunderstood parts of the GDPR. Like most data subject...

Despite being clear that Brazil’s Data Protection Law (”LGPD”) applies to employment relationships, it is not usual to discuss the...

Vienna, Austria 11 - 13 November 2022

25th May 2022 marked the 4th anniversary of the entry into force of the General Data Protection Regulation (GDPR) and the...

Bulgarian PDPC has adopted a list of processing operations that require prior consultation which is addressed to the authorities...

On May 11, 2022, the Costa Rican government declared a National State of Emergency throughout the public sector for cybercrimes...

Compared to the previous year, the number of supervisions carried out in 2021 by the Macedonian Personal Data Protection Agency is...

The UK government’s Department for Digital, Culture, Media & Sport ("DCMS") has published proposed legislation that will make...

In today's society, the issue of fulfilling the characteristics of personal data is the subject of many disputes as well as legal...

The question of cookies and data protection is always present, but what are cookies, are they always person-related, what is the...

The Austrian Data Protection Authority (DPA) decided in another decision (22nd of April 2022, D155.026, 2022-0.298.191) that the use...

The Constitutional Court of the Republic of Slovenia annulled the criminal conviction for the development, advertising, and selling...

Earlier this spring, the Swedish Authority for Privacy Protection issued an administrative fine of approximately EUR 724 000 against...

When establishing an employment relationship, employers often ask the candidates for a court confirmation that no criminal...

Aguilar Castillo Love’s vision for their role as a law firm is borne of their heritage. Their ethos is drawn from many models,...

Last April, the Portuguese Constitutional Court declared unconstitutional the provisions of articles 4, 6, and 9 of Law 32/2008 of...

Legitimate interest is one of the lawful bases for processing personal information. However, the Nigeria Data Protection Regulation...

The government's bill for a major reform of Monaco's personal data protection legislation is currently being examined by the...

In 2021, the Luxembourg National Commission for Data Protection (the “CNPD”) issued 48 decisions following assessments. 18 of these...

Updated regulations in Ireland regarding data subjects' access to their health data emerged in March 2022. The new regulations have...

It is the first time in history that the Dutch Data Protection Authority (DPA) has identified six violations of the GDPR in only one...

Generally, data transfers to third countries are prohibited unless the receiving country has received an adequacy decision from the...

Legal IT Abogados is the first legal boutique specialized in Digital Law in Panama. They offer legal solutions in the world of...

The Israeli Privacy Protection Authority recently published a new memo aimed to clarify the scope of interpretation of the obligation...

"Not everything that is technically possible is legally and ethically lawful." These are the words of Guido Scorza, member of the...

INPLP:

We continue our path to success and are pleased to welcome our new members from Mexico and Panama and thus further expand our...

Topics of this meeting were:

1. MEET&GREET: New member Héctor Guzmán (MEXICO)
2. BELEN: Next EU-US framework for international data...

BGBG provides solutions and highly specialized advice in an agile, clear, and sincere manner, generating positive results for their...

On 24 February 2022, the Data Protection Commission released its 2021 Annual Report (the “Report”) running to over one hundred pages....

The European Court of Justice has not just brought its settled case-law on data retention in line. Furthermore the ECJ also provides...

Argentina’s data protection authority, the Agency of Access to Public Information, i.e. the controlling authority pursuant to Data...

At the end of 2021, the Estonian Data Protection Inspectorate (DPA) issued a precept to a gas station using audio surveillance in its...

The Cyberspace Administration of China (CAC) has circulated the Regulations on the Management of Algorithm Recommendations for...

Ecuador continues to build its personal data protection system, for which those responsible for developing the regulation must...

The new Indian Privacy law mimics GDPR when it requires a ‘privacy by design’ architecture, sets up a central data protection...

Since 2019, The Federlñ Trade Commission (FTC) has been seeking ways to punish the new digital unfair practices, consisting on...

The process of designating the Personal Data Protection Authority, the next milestone in the construction of the national data...

CCTV monitoring has long been a key field for the Hungarian DPA. The article summarizes the DPA’s practice, as well as the related...

In September 2021, Munich’s regional court (the LG Munich) awarded a plaintiff 130,446 euros in damages. A vehicle purchased by the...

The United States and the European Commission have agreed in principle to a new Trans-Atlantic Data Privacy Framework (the...

The Data Security Law (“DSL”) and Personal Information Protection Law (“PIPL”) of mainland China, which came into force last year,...

A Code of Conduct regulating the processing of personal data in the field of clinical trials and other clinical research and...

The French supervisory authority has adopted 3 formal notices against famous French websites requiring them to stop using Google...

The Polish DPA (the President of the Personal Data Protection Office, further as "the Polish DPA") has reprimanded a webiste operator...

The past year was immensely impactful for the INPLP and characterized by strong collaboration, hard work, continued growth of the...

On 1 December 2021, the Telecommunication Telemedia Data Protection Act (“TTDSG”) came into effect. Amongst others, it was meant to...

Rob Corbet is a Partner and Head of Technology & Innovation at Arthur Cox. He leads a market leading team dedicated to specialist...

The first major GDPR class action under the Dutch Act on Mass Damages Settlement in Class Actions (WAMCA) has been declared...

Switzerland has made an effort to renew its Federal Act on Data Protection (revFADP) in order to modernise its data protection law...

Investigations into US facial recognition firm Clearview AI by Canadian regulators and UK/Australia yeilded similar findings...

Bulgarian Supreme Administrative Court issued a decision setting out criteria relevant for assessing the balance between the right to...

For the first time since the entry into force of the General Data Protection Regulation, the Federal Administrative Court has...

Argentina’s data protection authority, the Agency of Access to Public Information, i.e. the controlling authority pursuant to Data...

Virtual Voice Assistants (“VVA”) continue to grow in popularity as the precision of the technology improves. The European Data...

The EU General Data Regulation (GDPR) is among the world's toughest data protection laws. In this article you will have a general...

The Personal Data Supervisory Authority (hereinafter "CCIN") has published its 12th Activity Report covering the year 2020. This...

Stephenson Harwood is a law firm with over 1100 people worldwide, including more than 180 partners. They assemble teams of bright...

The proposed reforms to data protection laws by the UK government are ones that have been longed promised in a post-Brexit world and...

BTG Legal is a disputes and transactional law firm with best-of-breed technical expertise, a culture of innovation, and an...

The processing of COVID-19 related health data is certainly a hot and/or unsettled legal matter everywhere in the world. This article...

Ecuador joins the party of personal data protection with the issuance of its new law on the subject and leaves the group of regional...

This article provides an insight to the ever increasing market of performance analysis and the intersection with athlete's...

The use of cookies will therefore no longer be linked to the passivity of the users concerned (opt-out). Anyone who stores or obtains...

The Austrian Data Protection Authority (DPA) decided in a recent groundbreaking decision (22nd of December 2021, D155.027...

Following an investigation carried out by the Norwegian Consumer Council, the Norwegian Data Processing Authority on 13 December 2021...

Gerrish Legal offers Enterprise Solutions, Law Firm Services and Automated Law to clients being a multi-national company, a small to...

What the exemption from the application of the Regulation due to private and domestic purposes is? Polish Regional Administrative...

ECIJA GPA is recognized by prestigious international legal classification and research directories, offering legal services in all...

The Constitutional Court of the Republic of Slovenia annulled the criminal conviction for an online defamation, which was based on...

It often happens that we get confused by the difference between a controller and a processor. The problem may arise when a controller...

Transfer of data has become a major subject of international trade, and understanding the prerequisite for such transfer is...

The 6th INPLP Conference was successfully held in Vienna under the auspices of EuroCloud Europe and organised by Sourcing...

Malta has recently amended its rules in relation to the processing of personal data in the educational sector. ...

Under GDPR, data export to third countries is only permitted if the conditions under Chapter 5 are met. The adequacy decision by the...

Last October, the Portuguese parliament approved in a final vote a draft law that establishes the "right to be forgotten", preventing...

China has recently introduced two new data laws which as well as bringing the rules in relation to personal data in China up to date...

How to fulfil the data protection obligations when using artificial intelligence? One of the main issues of concern is the use of...

Responding to the extensive and intensive remote working during the Covid-19 pandemic and the risks that are lurking for employees’...

Big tech is getting sued for billions. What are these claims based on and who is supporting them? A short article on the recent...

The health situation in Luxembourg has been stable for several weeks now which allows for a possible return to a pre-crisis...

Facing the fact that the complaince with the new Law on Personal Data Protection was not in line with the planned dynamics, the...

Garante prohibits further data transfer and fines university 200,000EUR and for SchremsII failures in retaining a US based processor...

The Digital Arrangement Act was promuglated on May 19 of this year, which requires the Act on the Protection of Personal Information...

Argentina’s data protection authority, the Agency of Access to Public Information, i.e. the controlling authority pursuant to Data...

In recent years, and especially in recent times when remote work has become more common, the practice of employers using...

The Cyberspace Administration of China (CAC) has circulated the Provisions on the Management of Automotive Data Security (Trial) 2021...

After the “Schrems II” decision of the European Court of Justice invalidating the Privacy Shield framework and raising further doubts...

Bill C-11 died on the order paper in August when the Canadian federal election was called. In this article we explore how the...

This Annual Report comprehensively collects the activities carried out by this institution, most relevant facts and figures,...

Vienna, Austria 19 - 21 November 2021

The Provincial Administrative Court in Warsaw ruled that Polish Data Protection Supervisory Authority is not competent to order a...

On 9 July 2021, the Italian DPA released the new guidelines on the use of cookies. The purpose of these new guidelines is to achieve...

Due to their extreme importance in an increasingly digitalised and globalised economy, data transfers to third countries have been in...

The CISPE code of conduct simplifies data processing contracts under the GDPR and lays the foundations for a sovereign cloud. ...

A hacker was able to obtain the identification document photos of almost 300,000 people from a state database. Criminal...

Latournerie Wolfrom Avocats (LWA), a multidisciplinary and independent business Law Firm, is recognised for its technical expertise,...

The first ecuadorian data protection law have just came into force the last May 26th. Ecuador now starts a long and decesive journey...

Germany’s Federal Court of Justice decided on the scope of data subject’s rights under Art. 15 GDPR - and set certain limits....

At the legal intersection between the emerging distributed ledger technolgies and data privacy a lot has been said and written in...

The Federal Data Protection and Information Commissioner (FDPIC) has published in its new guidance how to proceed with data transfer...

Following one of ANPD’s main goals set out in its strategic agenda for 2021-2023, which includes establishing an effective regulatory...

The Bulgarian Supreme Administrative Court has referred several questions to the CJEU regarding preliminary rulings on the liability...

M. Bodero & Asociados is an Ecuadorian Law Firm, specialized in investment issues, complex transactions, business conflicts,...

The Austrian Supreme Court paved the way for a more coherent interpretation of the GDPR regarding damages by initiating the...

The pandemic context has accelerated the use of telework and triggered a shift towards additional flexibility of work that will most...

By filing an appeal against the first-instance decision, the controller worsened its situation when the supervisory body increased...

Regulatory pressure and heightened consumer concern around the use of third-party cookies to track users online and to deliver...

Argentina’s data protection authority, the Agency of Access to Public Information, i.e. the controlling authority pursuant to Data...

The pandemic year did not make data protection obsolete. Instead, a large amount of personal data was collected and processed in...

New Bill sets to Impose Limitations on Transfers of Personal Data FROM the US to countries to which export of personal data would...

Fitness trackers, electronic health cards, online consultations – the digital age has long since arrived in the world of medicine....

Francisco Perez Bes (INPLP member representing Spain) has edited the book "Artificial Intelligence and the Law" with the goal to...

Hungary’s new draft Act on National Data Assets introduces a new regime, where data held by state agencies and local governments...

On Oct. 1, 2020, amendements to the Regulation of Internet Broadcasts and Prevention of Crimes Committed through Such Broadcasts (Law...

Similar to GDPR, China’s draft Personal Information Protection Law also requires the designation of a Responsible Person for Personal...

Following a strike announcement by two Police unions (over low pay, among other issues), the Ministry of Interior published on its...

In January 2021, the Swedish Authority for Privacy Protection (“IMY”) published its privacy protection report for 2020 (the...

The on-going pandemic of Covid-19 has put many challenges before the society. In order to ensure healthy working environment, many...

INPLP continues its path of robust and professional growth and expects to welcome its 100th member in 2022.

Marval O’Farrell Mairal was founded in 1923 and is the largest law firm in Argentina. Being a market leader at both local and Latin...

Like the old Data Protection Directive, the GDPR allows the private sector to draft codes of conduct to help demonstrate compliance...

The article presents a current issue concerning sobriety data in the context of personal data protection and labour law from the...

SimpLEGAL is a Budapest-based state-of-the-art digital law firm both in the sense of practice areas and its client service methods....

As part of the fulfilment of the duties assigned to it by the General Data Protection Regulation (hereinafter “GDPR”), the National...

The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) has imposed a €475,000 fine on Booking.com because the company took...

Max Schrems and his organisation NOYB (None Of Your Business) have recently begun a new battle, taking place in Luxembourg! Legal...

According to the current Monegasque legislation, the automated processing of personal data is subject to the control of the CCIN...

The amendment on Enforcement Rules for the Act on the Protection of Personal Information was promulgated on March 26 of this year. ...

Spirit Legal is based in Leipzig, although they advise domestic and foreign businesses with an international focus, regardless of...

The dispute between the German Federal Cartel Office and Facebook continues before the ECJ. This may mean that business models of the...

The purpose of this Article is to provide an overview of the legal mechanisms by which personal data can be transferred from the...

The Polish Data Protection Authority has imposed on WARTA. S.A, a Polish insurance and reinsurance company, a new administrative...

Medical research is becoming increasingly reliant on the analysis of large amounts of biologically derived data. Greater scientific...

The European Data Protection Board issued the Guidelines 07/2020 on the concepts of controller and processor in the GDPR, version...

European Supervisory Authorities imposed more than €158m in fines under the GDPR during 2020; close to a 40% increase on the previous...

In Israel, as in many other countries, the coronavirus is rampant. There are various strategies available to contend with this...

Data breaches are violations of database security that may result not only from cyber attacks, as it is usually assumed, but also...

When it was introduced twenty years ago, Hong Kong’s data protection law was one of the leading regimes of its type in Asia. But time...

e|s|b Adwokaci i Radcowie Prawni (e|s|b Legal) is a boutique law firm with an international atmosphere and scale of activity, located...

The draft Data Governance Act, which was published by the European Commission last November, aims to foster the availability of both...

In one of its most recent decisions, the Swiss Federal Supreme Court ruled on smart metering. It decided that the permanent...

Živković Samardžić is one of the Serbia’s leading full-service independent law firms. Their 10 partners / 23 lawyers strong team...

Towards the end of 2020, the Romanian Data Protection Authority (ANSPDCP) disclosed on its website information regarding the...

A recent Opinion of the Bulgarian data protection authority and certain legislative changes lead to the conclusion that in Bulgaria...

Pinsent Masons is a full-service international law firm. They respond to the pressures and opportunities facing businesses globally...

On February 12th 2021 the city Court in Aarhus handed down the first verdict in Denmark that has led to a fine based on GDPR. The...

The Swiss Federal Supreme Court has made an interesting decision on the scope of the right to information under Swiss Federal Act on...

As personal data crossborder flows cannot benefit from the “EU-US privacy shield” anymore, as a consequence of the Schrems II...

Potential investors are being warned of the negative impact that the GDPR sanctions may have on the expected profitability of the...

Public authorities’ access to electronic communications data has always been and continues to be a hot topic, even (or especially)...

This article discusses how the proposed legislation seeks to strike a balance between protecting consumer’s personal information, and...

Despite being no stranger to data privacy regulation, only recently has Brazil enacted a comprehensive set of rules to regulate the...

On 19 October 2020, The Office of the Commissioner for Personal Data Protection ('the Commissioner') announced its decision to fine...

The GDPR explicitly allows Member States to determine whether and to what extent administrative fines can be imposed on public...

Gowling WLG provides its clients with in-depth expertise in key global sectors and a suite of legal services at home and abroad...

China published the Personal Information Protection Law (Draft) ("PIPL") for public consultation on 21 October 2020. This is the...

Pinsent Masons is a full-service international law firm. We respond to the pressures and opportunities facing businesses globally...

For many years, a common practice in Bulgaria is debtors to submit complains to the Bulgarian DPA for unlawful processing of their...

There is no shortage of recent examples of cyber-attacks and the current COVID-19 pandemic is undoubtedly contributing to an...

ALV Advogados is a mid-sized commercial law-firm established in 2006, with the purpose of assisting domestic and foreign clients in...

Art 15 GDPR does not only enable the data subject to obtain information on the content of his/her data undergoing processing, but...

This article presents interesting decisions on Austrian data protection law, in particular the decisions on (1) disclosure of trade...

Terrorist attacks aren’t new: they’ve been a feature of warfare ever since humans formed societies. As humanity evolves, the methods...

Pinsent Masons is a full-service international law firm. We respond to the pressures and opportunities facing businesses globally...

On 25th of September 2020, the Swiss parliament has adapted the Federal Act on Data Protection (FADP). However, the FADP - which aims...

ECIX is a consultancy specializing in data protection and regulatory compliance, helping its clients meet the challenges that the...

BONA FIDE is a full-service corporate law firm based in the Republic of North Macedonia and specialized in general corporate/M&A,...

On 17 December 2020, the Romanian Data Protection Authority (ANSPDCP) has published on its website a new administrative sanction in...

The Act on Improvement of Transparency and Fairness in Trading on Specified Digital Platforms

With a letter to the European Data Protection Board (EDPB), the International Network of Privacy Law Professionals (INPLP) made use...

The Monegasque Data Protection Authority (hereinafter “CCIN”) has just published its 11th Activity Report covering the year 2019, of...

In the wake of the decision of the Court of Justice of the European Union (CJEU) in Schrems II, controllers and processors have been...

The GDPR aims to establish a uniform legal framework applicable to the processing of personal data across Europe, while allowing...

The Spanish Data Protection Authority (AEPD) has just released a tool to help data controllers decide whether to communicate or not a...

Challenges Confronting Implementation Of Data Privacy And Protection Regulations In Nigeria

The U.S. government has published a whitepaper that outlines the robust limits and safeguards in the United States pertaining to...

Important recommendations EDPB (European Data Protection Board) after Schrems II and new standard contractual clauses ...

The International Network of Privacy Law Professionals hosted its 5th annual conference

The concept of open data in the European Union was firstly brought up by directive 2003/98/EC on the re-use of public sector...

The right to be forgotten is one of the more complex rights in the GDPR, requiring a careful balancing of principles and interests....

Under the GDPR, Codes of Conduct (CoC) constitute an effective accountability tool for achieving self-regulation and transparency of...

The Romanian Data Protection Authority ("Romanian DPA") has recently sanctioned three entities (two private companies and a...

Slovakia has recently witnessed a significant increase in the number of confirmed COVID-19 cases. The country exceeded the threshold...

The Danish Data Protection Agency has decided to supervise a number of activities in the research area. The Authority also initiates...

Technologies for facial recognition - capable of identifying and/or verifying a physical person automatically from a digital image or...

Under the Personal Data Protection Law No. 6698 Article 18 ("DPL") the Personal Data Protection Board (“Board”) has the authority to...

The DPA considered IBO’s processing to be in violation of the fairness requirement, transparency requirement and the accuracy...

The Israeli Privacy Protection Authority published a handbook for transport entities on the protection of privacy by in a digital...

In April 2019, the “EDPS” or European Data Protection Supervisor, launched an investigation into the use of Microsoft products and...

Although some jurisdiction such as EU's GDPR provide a mechanism for an organization to demonstrate its compliance to GDPR (Article...

The Spanish Data Protection Authority (AEPD) has just updated the Guide on the use of “cookies” to adapt it to the Guidelines 05/2020...

The Act on the Protection of Personal Information (“APPI”) of Japan was established in 2003, and had only been amended once, in 2015....

If systems such as Windows 7 and Windows Server 2008 R2 SP1 are no longer supported by Microsoft, this may result in inadequate...

Setterwalls is one of Sweden’s leading full-service business law firms, as well as one of Sweden’s largest law firms, with some 190...

Under the Personal Data Protection Law No. 6698 Article 18 ("DPL") the Personal Data Protection Board (“Board”) has the authority to...

In its Newsletter 4 (85) of July 2020 the Bulgarian Commission for Personal Data Protection (CPDP) released two opinions that provide...

The transformational value of data in today’s world cannot be overemphasised. The right to data privacy and protection is an...

In the context of the coronavirus pandemic, companies are implementing exceptional measures to protect the health and safety of their...

It is an undeniable fact that Artificial Intelligence (“AI”) has rapidly evolved in recent years and has even more swiftly been...

On 1 January 2020, a new Act allowing representative entities to seek damages in a collective action came into effect in the...

The annual report summaries the different issues on which the Italian Data Protection Authority (“Italian DPA” or “Authority”) worked...

On July 10, 2020, a press conference was held in the hall of Slovenia’s legislative body by Jožef Horvat, MP, a member of one of the...

The guidelines of the European Gaia-X cloud are now known.

The discussion is not new. The European Court of Justice (ECJ) had already decided on 01.10.2019. But only the German Federal Court...

On 6 May 2020, the Estonian Ministry of Justice sent for coordination round the concept of administrative fines. The goal is to...

Alliance Law Firm is a dynamic partnership registered under the laws of the Federal Republic of Nigeria. With a seamless blend of...

As everyone already knows, Article 53(2) of the General Data Protection Regulation prescribes the criteria that the director of a...

Criminal records contain personal data on the perpetrator of a criminal offense, on the criminal offense for which he was convicted,...

In May 2020 the Data Protection Commission (DPC) in Ireland issued its first fines under the GDPR, just prior to the second...

The 25th of May marked the second anniversary of the application of the General Data Protection Regulation (GDPR) in the European...

Due to the Covid-19 pandemic, the last debates in the Swiss parliament were postponed to the autumn session. However, an outlook can...

SGS Hong Kong Limited is the Hong Kong branch of SGS group. Established in 1878, SGS is the world’s leading inspection, verification,...

The Danish Protection Authority has adopted standard contractual clauses in accordance with article 28(3) of the GDPR. The national...

The Spanish DPA (AEPD) issued this May a statement regarding the practice of taking the temperature to data subjects in shops, work...

During the Covid-19 pandemic we received numerous and various questions from our clients regarding body temperature readings of...

In early May 2020, the Monegasque Data Protection Authority (Commission de Contrôle des Informations Nominatives, in brief “CCIN”)...

In February, the first decision of an Austrian Appellate Court regarding a claim for immaterial damages under Art 82 GDPR has been...

Dimitrov, Petrov & Co. (DPC) is a full-service business law firm, pioneer in the dynamic field of technology law and data protection...

Matsuda & Partners is a one-stop shop, offering a variety of legal services that cover business related practice including corporate...

During the unprecedented Covid-19 pandemic, but also before its appearance, the Greek Data Protection Authority (“DPA”) has taken an...

INPLP member, Olumide Babalola (Lagos, Nigeria), cordially invites the general public to the (virtual) presentation of a book titled...

For many companies, it is significant for customer acquisition not only to present the advantages of their own products and services,...

Founded in 1996, MOLITOR Avocats à la Cour is a highly respected and independent law firm in Luxembourg City, a full-service firm...

Nicole Beranek Zanon is a founding partner of de la cruz beranek Attorneys at Law Lt, which is one of the leading IT boutique law...

At the end of April, the European Union published non-binding guidance on apps supporting the fight against COVID 19 pandemic in...

Xawery Konarski is Senior Partner at Traple Konarski Podrecki & Partners which is one of the leading law firms on the Polish market...

The use of photographs in police investigations is nothing new. It is the use of algorithms so that a machine, using template image...

UK Supreme Court decision on an employer’s liability for data breach in the case of WM Morrison Supermarkets versus Various...

Olumide is the managing partner of Olumide Babalola, LP - his flagship full service law office with particular bias for digital...

It is not too uncommon for a single person to be in charge of general compliance in an organisation, and to also act as its DPO. Is...

On March 23, 2020, a 5 year class action that was until now under a gag order, was finally lifted and the Judgment (authorization of...

At the time of the fight against the corona virus pandemic, the need to establish an imaginary border between the protection of...

The COVID-19 pandemic and the measures to combat the spread of the virus are having a severe impact in a number of countries,...

This article answers many freuqently asked questions concerning data protection in turkey during times of Covid-19. ...

One of the possible solutions for processing personal data based on a legitimate interest of companies.

The Italian Data protection Authority (Italian DPA) issued two fines against Tim and Eni Gas e Luce, for a total amount of almost 36...

After many data protection authorities (in the European Union and beyond) provided guidance and FAQ's on the relationship between...

The re-use of Public Sector information has to be built on a balanced approach where the public interests of such use have to be...

The difficulty of drawing a hard-and-fast line between the right to privacy and the rights of other people to stay healthy ...

An administrative Fine of 82,000 EURO was imposed by the Cyprus Data Protection Authority concerning the lack of legal basis of...

The Dutch DPA imposed a fine of 525,000 euros for the unlawful sale of personal data by the Dutch national tennis association the...

This article presents interesting decisions on Austrian data protection law, which deal in particular with the admissibility of...

In order to guarantee protection of people who report breaches, I.E. Whistleblowers, employers will soon be obliged to create a clear...

While the GDPR deals extensively with the rights and claims of data subjects, it mainly leaves the provisions for the assertion of...

On the European Data Protection Day 2020 (i.e. on 28 January 2020), the Romanian DPA published (in Romanian and English languages) a...

The topic discussed here is the difference between personal data protection before the GDPR entered into effect and the current data...

2019 was a year of major developments for privacy and data protection in Ireland and abroad. According to Ireland, the year 2020 will...

Since the implementation of the GDPR, cloud players have been forced to both rethink their tools and review their contracts. ...

In Turkey, the Personal Data Protection Law No. 6698 (the "Law") requires data controllers to take all necessary technical and...

The end of the year is usually the time for reflections. Although the first year of GDPR officially ended at the end of May 2019, now...

The Office for Personal Data Protection of the Slovak Republic (hereinafter referred to as “Office”) pursuant to the provisions of §...

Article 32 of the GDPR on the security of processing has been one of the main focus areas of the Danish Data Protection Agency (the...

The Belgian electronic identity card system has been in vogue for a number of years now as a reliable means for electronic...

The Berlin Data Protection Authority has imposed an administrative fine against a Berlin real estate company for 14,5 Million euros...

On 16 October 2019, the German Data Protection Authorities (DPAs) published their concept of how to determine administrative fines. ...

More than a year has passed since the General Data Protection Regulation (hereinafter “GDPR”) has been applicable in all EU member...

Data, and not FIAT or digital currency, is the real currency that measures the worth of a gambling operation, and the single common...

On November 24, 2019 the Israeli Privacy Protection Authority (the “IPPA”) announced that it had hosted an inter-sectoral roundtable...

On 20 November 2019, the European Data Protection Board (EDPB) issued a draft of Guidelines on Data Protection by Design and by...

The preparatory work for the reform of the Monegasque data protection law (Act No. 1.165 of 23 December 1993, consolidated), carried...

Earlier in 2019 the Bulgarian data protection supervisory authority – the Bulgarian Commission for Personal Data Protection (“CPDP”)-...

Use of video recording of screens, coupled with recordings of telephone conversations in a professional setting, may be proportionate...

Law on Protection of Personal Data numbered 6698 provides under the article titled “Data Security Liabilities” that, data controllers...

In August 2019, Serbia started applying new Law on Personal Data Protection. Many challenges were expected before initiation of the...

In its recent judgment in the “Planet49 case”, the Court of Justice of the European Union (“CJEU”) held that consent for cookies...

Following a fast track procedure, the Greek Parliament adopted Law 4624/2019, which frames the provisions of the GDPR in Greece and...

The California Consumer Privacy Act (CCPA), a broad-based law protecting information that identifies California residents, was passed...

The California Consumer Privacy Act (CCPA), which takes effect in 2020, has been dubbed “GDPR-Lite” or “California GDPR” because it...

The California Consumer Privacy Act (CCPA), a broad-based law protecting information that identifies California residents, will take...

The California Consumer Privacy Act (CCPA), a broad-based law protecting information that identifies California residents, was passed...

This article presents the third out of three interesting decisions on Austrian data protection law, in particular dealing with...

When users browse through the internet, cookies perform multi-faceted functions for the benefit of both the webmasters and users...

This article presents the second out of three interesting decisions on Austrian data protection law, in particular dealing with...

For the first time, the Italian Data Protection Authority has exercised its power of "warning" provided by the GDPR, through which it...

This article presents the first out of three interesting decisions on Austrian data protection law, in particular dealing with...

The AEPD published in July 2019 a model report to help Public Administrations carry out im-pact assessments on data protection. ...

The Greek HDPA (Hellenic Data Protection Authority) imposed a fine of € 150.000,- on PWC Greece.

Over 2 years, GDPR and personal data protection has been discussed across the EU. Vast majority of companies, public authorities and...

This first fine under the GDPR is imposed on the Dutch Haga Hospital for having an insufficient internal security of patient records...

Slovenian courts have in place a system for audio recording of court hearings. The data recorded (which in itself constitute personal...

First, I would like to thank the members and the entire EuroCloud organization for letting me join their ranks. I sincerely thank...

Each Spring, the Estonian Data Protection Inspectorate (DPI) publishes its Annual, summarising its main activities of the previous...

To mark the occasion of GDPR's first anniversary, findings and statistics tracked from May 2018 to May 2019 concerning awareness,...

On the 14th of June 2019 (one year later than expected) Portugal has finally approved Draft Law no. 120/XIII/3.ª (GOV), implementing...

Until recently, most IT contracts, even the large-scale ones, were generally based on a simple purchase order and sometimes a...

We've introduced a new Area focused on GDPR and several enhancements to existing controls as part of this major update. ...

Last week the European Commission published guidance on the free flow of non-personal data, focussing on the interaction of the FFD...

Earlier in 2019 Bulgaria has become another European Union member to adopt the EU’s privacy regime. The Bulgarian Personal Data...

The Danish Data Protection Agency has reported the taxi company, Taxi 4x35, to the police and recommended the company for a fine of...

At the end of November 2018, the new Law on Personal Data Protection (Law) came into force but its application was postponed for nine...

The Belgian tax authorities maintain an online repository called FisconetPlus, on which tax payers can find key information and...

Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of...

In May 2018, the Israeli Protection Of Privacy Regulations (Data Security 2017) (the “Regulations”) came into effect. The...

Under Article 35 of the GDPR, the national Data Processing Authority (DPA) shall establish and make public a list of processing...

The aim of this article is to focus on three important legal opinions published by the Italian Data Protection Authority on the...

On the basis of the guidelines of the article 29 working party of what now is the EDPB (European Data Protection Board) and the...

The Spanish DPA published a recent report on the processing by political parties of personal data related to political opinions. ...

Since the 2016 referendum whereby voters expressed their wish for the United Kingdom (the “UK”) to leave the European Union (the...