On August 15, 2019, the UK Information Commissioner’s Office announced that it had launched an investigation into the use of live facial recognition technology at the King’s Cross development in London.
Continue Reading
International
CIPL Issues White Paper on New Standard Contractual Clauses for International Transfers under the GDPR
Posted on
On August 7, 2019, the Centre for Information Policy Leadership at Hunton Andrews Kurth LLP issued a white paper on “Key Issues Relating to Standard Contractual Clauses for International Transfers and the Way Forward for New Standard Contractual Clauses under the GDPR.” The White Paper was submitted to the European Commission as part of its ongoing work to update EU Standard Contractual Clauses for international transfers.…
Continue Reading
CJEU Ruling on Websites Using Facebook ‘Like’ Buttons
Posted on
On July 29, 2019, the Court of Justice of the European Union released its judgment in case C-40/17, Fashion ID GmbH & Co. KG vs. Verbraucherzentrale NRW eV, ruling that Fashion ID should be considered a joint controller with Facebook regarding the collection and disclosure of personal data to Facebook as a result of embedding the Facebook ‘Like’ button on its website.…
Continue Reading
ICO Announces First Data Protection Sandbox Participants
Posted on
Posted in European Union, International
On July 29, 2019, the UK Information Commissioner’s Office announced the selection of 10 projects (out of 64 applicants) to participate in its sandbox, which is designed to support organizations in developing innovative products and services with a clear public benefit.…
Continue Reading
CNIL Publishes New Template Records of Processing Activities
Posted on
Posted in European Union, International
On July 25, 2019, the French Data Protection Authority (the “CNIL”) published new template records of data processing activities pursuant to Article 30 of the EU General Data Protection Regulation (“GDPR”). This provision requires organizations subject to the GDPR to maintain internal records of data processing activities. The CNIL recalled that such records are a key accountability tool under the GDPR for identifying, understanding and controlling data processing activities. Setting up and maintaining these records provide businesses with the opportunity to ask the right questions and limit privacy risks under the GDPR. According to the CNIL, this is also a useful moment to set up a data protection compliance action plan.
…
Continue Reading
EDPB Adopts Guidelines on Data Processing Through Video Devices
Posted on
Posted in European Union, International
The European Data Protection Board recently adopted its Guidelines 3/2019 on processing of personal data through video devices. Although the Guidelines provide examples of data processing for video surveillance, these examples are not exhaustive.…
Continue Reading
EDPB Releases 2018 Annual Report
Posted on
Posted in European Union, International
On July 16, 2019, the European Data Protection Board published its first Annual Report for 2018, and this blog entry provides highlights from the report.…
Continue Reading
APEC Endorses Singapore CBPR Accountability Agent
Posted on
Posted in International
On July 23, 2019, APEC issued a press release announcing the recent appointment of the Infocomm Media Development Authority as Singapore’s Accountability Agent for the APEC Cross-Border Privacy Rules and APEC Privacy Recognition for Processors.…
Continue Reading
CNIL Publishes New Guidelines on Cookies and Similar Technologies
Posted on
Posted in European Union, International
On July 18, 2019, the French Data Protection Authority published new guidelines on cookies and similar technologies. This blog entry provides highlights on the guidelines.…
Continue Reading
Dutch DPA Announces Fine on Hospital for Lack of Appropriate Security Measures
Posted on
On July 16, 2019, the Dutch Data Protection Authority announced that it had imposed a fine of €460,000 on a Dutch hospital for insufficient security measures under Article 32 of the GDPR.…
Continue Reading