Constant video monitoring and screengrabs at work A company that used software designed to account for times of alleged “inactivity” and grabbed frequent photos of its employees’ computer screens was fined 40,000 euros by the French data protection regulator CNIL. The staff members were also continuously videotaped, both visually and audibly. In particular, the company […]
Author: Olya Vasylyk
Creator and editor of TechGDPR’s weekly Digest. Postgraduate masters Diploma in Data Protection, Digital law and Management. Over a decade Olga previously was a broadcast journalist in Ukraine and France specializing in international affairs.
Data protection digest 16-30 Jan 2025: The intersection of information and operational technologies in the health sector
EU Health sector The Commission presented an EU Action Plan to improve health sector cybersecurity. It will include hospitals, clinics, care homes, rehabilitation centres, various healthcare providers, the pharmaceutical, medical and biotechnology industries, medical device manufacturers, and health research institutions. A significant challenge for the cybersecurity of the health sector is the intersection of information […]
Data protection digest 1-15 Jan 2025: mobile app permissions should work in conjunction with consent requirements – CNIL
Mobile app permissions Technical permissions in mobile app are very useful for privacy, explains the French regulator CNIL. They allow users to block access to certain data technically. However, these permissions are not designed to validate users’ consent, within the meaning of the GDPR. Even when consent is required, a simple request for permission does […]
Data protection digest 16-31 Dec 2024: citizens’ privacy awareness is on the rise, yet attitude relies on income and obligations
Citizens’ privacy awareness: According to the latest survey by the Lithuanian data protection authority, a larger share of the public can correctly name an institution, (other than courts), that would help protect their rights in personal data protection. The regulator’s name, (VDAI), was indicated by 29% of respondents. 15% of respondents believe that they have […]
Data protection digest 1 – 15 Dec 2024: DORA application deadline, new Meta fine, AI impact assessment
In this issue, we explore the DORA application deadline and its interference with the GDPR; how to conduct an AI impact assessment or integrate it into your existing privacy risk management processes; what constitutes US-restricted data transfer to countries of concern; and what expectations customers have about their data; a Real-Time Bidding explainer; a Sky […]
Data protection digest 16-30 Nov 2024: Electronic patient records as a holistic picture of your health?
Electronic patient records (ePA) in Germany From 2025, people covered by health insurance will be able to use the electronic patient records, (ePA in German), voluntarily and free of charge. This record can digitally gather information about the person’s medical history in a single place. Patients will decide how long someone is granted access to […]
Data protection digest 1 – 15 Nov 2024: digital product liability, emerging genomics, surveillance databases
EU Product Liability The new Product Liability Directive has been published in the Official Journal of the European Union and will take effect in 20 days. The new law extends the definition of “product” to digital manufacturing files and software, (not excluding AI manufacturers in the future). Also, online platforms can be held liable for […]
Data protection digest 17 – 31 Oct 2024: clinical research service providers, non-for-profit, commercially available AI
Non-for-Profit Updated privacy guidance for not-for-profit has been released by the Office of the Australian Information Commissioner. It includes a discussion on what to consider when engaging third-party providers, such as for fundraising, or software vendors. For instance, when entering into arrangements with third parties, your non-for-profit should take reasonable steps to ensure that the third […]
Data protection digest 2 – 16 Oct 2024: knowing your processors and sub-processors, automated driving, election technologies
Reliance on processors and sub-processors The EDPB has issued an opinion on the interpretation of certain duties of controllers relying on processors and sub-processors, arising from Art. 28 of the GDPR, as well as the wording of controller-processor contracts. In particular, controllers should have information on the identity of all processors and sub-processors etc. readily […]
Data protection digest 17 Sep – 1 Oct 2024: EU Data Act as an illustration of the GDPR ‘prevail’ principle
How does the EU Data Act interact with the GDPR? The Data Act will become applicable in the EU starting on 12 September 2025. In the runup, the European Commission has published an FAQ on the new legislation. Together with the Data Governance Act, it enables a fair distribution of value by establishing clear rules […]
- 1
- 2
- 3
- …
- 10
- Next Page »
Do you need support on data protection, privacy or GDPR? TechGDPR can help.
Request your free consultation