On March 15, 2021, the state Data Protection Authority of Bavaria declared the use of U.S. e-mail marketing service Mailchimp by a fashion magazine in Bavaria impermissible due to lack of compliance with Schrems II mitigation steps for the transfer of e-mail addresses to the U.S.
Continue Reading Bavarian DPA Declares Transfers to E-mail Marketing Service Prohibited Due to Lack of Controller’s Assessment and Supplementary Measures
Germany
Takeaways from 100th Anniversary Meeting of German Data Protection Authorities
On November 26, 2020, the Conference of the German Data Protection Authorities issued a press release with conclusions from their 100th anniversary meeting. The key issues discussed were the implications of Schrems II on German privacy and cybersecurity.
Continue Reading Takeaways from 100th Anniversary Meeting of German Data Protection Authorities
Hamburg DPA Imposes Fine of 35.3 Million Euros on H&M
On October 1, 2020, the Hamburg Data Protection Authority fined H&M € 35.3 million for unlawful employee monitoring practices in the company’s service center concerning several hundred employees.
Continue Reading Hamburg DPA Imposes Fine of 35.3 Million Euros on H&M
EDPB Creates Taskforces on Complaints and Supplementary Measures for Data Transfers Following Schrems II Decision
On September 4, 2020, the European Data Protection Board announced that it established two taskforces following the judgment of the CJEU in the Schrems II case. …
Continue Reading EDPB Creates Taskforces on Complaints and Supplementary Measures for Data Transfers Following Schrems II Decision
German DPA Issues Guidance on Data Transfers Following Schrems II
On August 24, 2020, the Data Protection Authority of the German federal state of Baden-Württemberg issued guidance on international data transfers following the judgment of the Court of Justice of the European Union in the Schrems II case.
Continue Reading German DPA Issues Guidance on Data Transfers Following Schrems II
German BGH Decision Confirms Interplay Between Collection of Personal Data and Competition Law
On June 23, 2020, the German Federal Court of Justice issued a decision confirming the enforceability, in preliminary proceedings, of the order of the German Federal Cartel Office against Facebook’s data practices.
Continue Reading German BGH Decision Confirms Interplay Between Collection of Personal Data and Competition Law
EU Council Presidency Releases Progress Report on Draft ePrivacy Regulation
On June 3, 2020, the Presidency of the Council of the European Union published a progress report on the proposed Regulation concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications and Repealing Directive 2002/58/EC, better known as “the Draft ePrivacy Regulation.”…
Continue Reading EU Council Presidency Releases Progress Report on Draft ePrivacy Regulation
German BGH Ruling on Consent for Cookies and Third-Party Advertising
On May 29, 2020, the German Federal Court of Justice, Germany’s highest court for civil and criminal matters, issued its ruling on case Planet49 regarding consent requirements for the use of cookies and telemarketing activities. …
Continue Reading German BGH Ruling on Consent for Cookies and Third-Party Advertising
German DPA Guidance on Employee Data Protection and COVID-19 Issues
The Conference of German Data Protection Authorities recently issued joint recommendations regarding employers’ processing of employee personal data in the context of the coronavirus pandemic.
Continue Reading German DPA Guidance on Employee Data Protection and COVID-19 Issues
The Global Privacy Assembly Approves Data Sharing to Fight Coronavirus Pandemic
On March 17, 2020, the Executive Committee of the Global Privacy Assembly issued a statement giving their support to the sharing of personal data by organizations and governments for the purposes of fighting the spread of the COVID-19 pandemic.
Continue Reading The Global Privacy Assembly Approves Data Sharing to Fight Coronavirus Pandemic