On 2 September 2021, the Data Protection Commission (“DPC”) issued a 266-page ruling in which it levied its largest fine since its establishment, and the second largest fine ever issued under the General Data Protection Regulation 2016/679 (“GDPR”). The unprecedented penalty of €225,0...
General Data Protection Regulationdirective 95/46 ECOn January 25, 2012, the EU Commission set forth a proposal for a Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data ...
starting point of discussion to identify the extent to which impending proposals to revise the Data Protection Directive are closely aligned with the Opinion and consider the recent European Commission Communication (6/2010) on the comprehensive approach to personal data protection in the European Union...
The Commission has also made it clear in advisory guidelines that the personal data of children is generally considered to be sensitive personal data and must be accorded a higher standard of protection. Continue reading Change topic Law Definitions Authority Registration Data protection officers Collec...
Several mechanisms exist for international transfers to proceed lawfully. The European Commission and UK government consider a number of jurisdictions to provide adequate protection for personal data, and personal data can be transferred to these jurisdictions without additional safeguards. ...
It is the intention of the European Commission that fines should, where appropriate, be imposed by reference to the revenue of an economic undertaking rather than the revenues of the relevant controller or processor. Recital 150 of the GDPR states that 'undertaking' should be understood in accorda...
Data Protection Commission of Singapore ("Singapore's PDPC"), which for example explain that "the purposes [for which organizations can process personal data in reliance on deemed consent] are limited to those that are objectively obvious and reasonably appropriate from the surrounding circum...
The GDPR is a privacy law enacted by the European Commission in 2016. The GDPR replaces a prior EU privacy directive (Directive 95/46/EC). The regulation is a binding act, which must be followed in its entirety by all organizations who process EU residents' personal data, regardless of ...
(Google). All data collected by Google is transferred to servers located in the USA. To ensure an adequate level of protection, personal data is only transferred to Google on the basis of the European Commission’s standard contractual clauses for data transfers from controllers to processors ...
we look at data protection issues, including the regulation concerning the detection and removal of online child sexual abuse material, as well as Frontex’s handling of migrants’ data, and the recent news regarding the European Commission's violation of data protection rules in its use of M...