Global News Roundup: March 30–April 6, 2020

(Apr 6, 2020) In this week's Privacy Tracker global legislative roundup, Brazil moves forward with plans to push back enforcement of its new privacy law. Aubin de Perthuis, CIPP/E, and Joanna Tomaszewska wrote about EU General Data Protection Regulation fines being overturned in Belgium and Poland. Gal Omer, CIPP/E, CIPP/US, dissected draft regulations on utilizing Israeli health data for research purposes. And in the U.S., Facebook and Google were hit with class-action privacy suits, while Twitter settled on... Read More

Roundup: Brazil, Belgium, Poland, US and more

(Apr 6, 2020) In this week's Privacy Tracker global legislative roundup, Brazil moves forward with plans to push back enforcement of its new privacy law. Aubin de Perthuis, CIPP/E, and Joanna Tomaszewska wrote about EU General Data Protection Regulation fines being overturned in Belgium and Poland. Gal Omer, CIPP/E, CIPP/US, dissected draft regulations on utilizing Israeli health data for research purposes. And in the U.S., Facebook and Google were hit with class-action privacy suits, while Twitter settled on... Read More

Why the Brussels appeals court overturned the DPA's GDPR fine

(Apr 3, 2020) On Feb. 19, the Brussels Court of Appeal overruled one of the first decisions of the Belgian Data Protection Authority in a case involving the use of an electronic ID to get a loyalty card. A liquor store was fined 100,000 euros for alleged violations of the EU General Data Protection Regulation for refusing to give a customer a loyalty card after they declined to show their identity card. Aubin de Perthuis, CIPP/E, breaks down the initial ruling and why it was overturned in this piece for The P... Read More

The latest COVID-19 privacy news from the EU, New Zealand and US

(Apr 3, 2020) As the COVID-19 pandemic continues, here are the latest stories on how the outbreak has affected privacy: According to Internal Market and Services Commissioner Thierry Breton, the European Commission is monitoring apps used to track COVID-19, EURACTIV.com reports. Politico Pro reports European Union regulators plan to meet to discuss the pandemic's impact on data protection. European Law Blog looks at the EU sharing data with countries that have received an adequacy standing and how it may... Read More

Notes from the IAPP Europe Managing Director, 3 April 2020

(Apr 2, 2020) Greetings from Brussels! With all the heated debate across Europe on the use of mobile technology to combat COVID-19, I was interested to read that Germany, in the race to get ahead of the epidemic, is set to launch a smartphone app within weeks to help trace infections. Digital surveillance is a sensitive topic in Germany, no more so than in former East Germany where there is still the raw memory for many of the state surveillance that was prevalent at the time. That aside, there has been a c... Read More

Supreme Court rules Morrisons not liable for 2014 data breach

(Apr 2, 2020) The Supreme Court of the United Kingdom ruled supermarket chain Morrisons is not liable for a 2014 data breach by an employee who leaked thousands of staff members’ personal details online, Bloomberg reports. Two lower courts said the company was “vicariously liable.” The top court this week ruled those decisions were “contrary to the established approach to questions of this kind, and were based on a misunderstanding of this court’s decision.”Full Story... Read More

COVID-19 privacy updates from Europe

(Apr 2, 2020) As the COVID-19 pandemic continues, here are the latest stories on how the outbreak has affected privacy in Europe: In Europe, 130 researchers from eight countries are developing applications to support contact tracing efforts in the fight against COVID-19, while complying with privacy laws, Reuters reports. Reuters reports German Justice Minister Christine Lambrecht said tracking apps used to fight COVID-19 can only be used voluntarily. U.K. Information Commissioner's Office Deputy Commiss... Read More

Data leak exposes 337K Maltese voters' records

(Apr 2, 2020) A database containing personal information of 337,384 Maltese voters has been exposed online, Times Malta reports. Exposed data included names, addresses, ID card information and phone numbers. The database, reportedly exposed by a Maltese IT company without a password or other authentication, has been secured. Deputy Data Protection Commissioner Ian Deguara said an investigation would be conducted “to establish all the facts surrounding this security incident.”Full Story... Read More

Polish court overturns DPA's first GDPR fine

(Apr 2, 2020) On Dec. 11, 2019, the Polish Regional Administrative Court in Warsaw overturned the decision of the Polish data protection authority, Urząd Ochrony Danych Osobowych, with regard to the first financial penalty imposed on a company under the EU General Data Protection Regulation. The case will need to be reconsidered once again by the UODO regarding the imposition of the fine. In this exclusive for The Privacy Advisor, Spaczynski, Szczepaniak i Wspolnicy Partner Joanna Tomaszewska reports on the c... Read More

Polish court overturns DPA's first GDPR fine

(Apr 2, 2020) On Dec. 11, 2019, the Polish Regional Administrative Court in Warsaw overturned the decision of the Polish data protection authority, Urząd Ochrony Danych Osobowych, with regard to the first financial penalty imposed on a company under the EU General Data Protection Regulation. The case will need to be reconsidered once again by the UODO regarding the imposition of the fine.   The UODO imposed a fine of approximately 221,000 euros on a data analytics company, accusing the company of infringing ... Read More