Denmark’s data protection authority, Datatilsynet, found the city of Copenhagen’s use of its Central Person Register violated privacy laws in a case where a citizen filed a complaint about their information. The citizen said the city had data within its register despite the fact they had not lived in the city for years. The citizens asked the city to delete their information, and the request was fulfilled; however, the person’s data was copied, and a new entry was created once the original was removed. The DPA found this was a violation of the Data Protection Regulation and Data Protection Act, rules that went into effect when the EU General Data Protection Regulation arrived last May. (Original article is in Danish.)
If you want to comment on this post, you need to login.