- The European Commission is pursuing legal action against Belgium over concerns its Data Protection Authority is not operating independently as required under the EU General Data Protection Regulation. The commission said some members of the DPA “cannot be regarded as free from external influence” as they either report to a management committee, have participated in COVID-19 contact tracing or are members of the Information Security Committee.
- Cyprus’ Commissioner for the Protection of Personal Data Irene Nicolaidou announced a 925,000 euro fine against surveillance solutions company WS WiSpear Systems for violating Article 5 of the EU General Data Protection Regulation. Nicolaidou said the company collected unique device numbers and SIM card data of various devices without users’ knowledge. “This data, in combination with the geographical location of a device, at different times, can lead to the identification of the user of the device,” Nicolaidou’s announcement said.
- The Netherlands’ data protection authority, Autoriteit Persoonsgegevens, fined Transavia 400,000 euros in response to a 2019 data breach in which a hacker accessed the airline’s systems and downloaded the personal data of 83,000 people.
- Portugal’s National Data Protection Commission said a Government Law Proposal regulating the use of video surveillance by security forces “grossly violates the principle of proportionality in the restriction of fundamental rights, allowing for arbitrary and excessive use of video cameras.”
- Norway’s Data Inspectorate and Association of Privacy Ombudsmen will hold a webinar 1 Dec. on the role of privacy ombudsman, discussing challenges, compliance views and findings from the Data Inspectorate’s Privacy Ombudsman Survey 2020/21.
If you want to comment on this post, you need to login.