Spain's data protection authority, the Agencia Española de Protección de Datos, published guidance on the use of biometric data for work and personal purposes, noting employers must follow the EU General Data Protection Regulation regardless of employee consent. The AEPD said consent is not a legal basis due to an "imbalance between the person who is subjected to the treatment and the person who is carrying it out."
27 Nov. 2023
AEPD releases guidance on biometric data use
Related stories
Notes from the IAPP Europe: Wrapping up November with the IAPP DPC
Ireland's DPC details legitimate interest prong of its LinkedIn enforcement action
What the new European Commission could mean for digital regulation
IAPP DPC 2024: Reynders discusses GDPR enforcement harmonization, adequacy developments
US Senate subcommittee ponders accountability for AI-assisted scams
