For many organisations, the appointment of a DPO has become mandatory. Although Articles 37 to 39 of the GDPR make provisions for the designation, position and tasks of a DPO, some misconceptions still exist about who needs one, who can be one and what kind of tasks a DPO can undertake. Who is a DPO? […]
Tag: dpo
Data protection & privacy digest 4 – 17 March 2023: position of DPOs, user behavior analysis, creditworthiness and profiling
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress DPOs enforcement action: The EDPB launches coordinated enforcement action on the designation and position of data protection officers. DPOs across the EU will be sent questionnaires, with the possibility of further formal investigations and follow-ups. According to the Portuguese data […]
Data protection & privacy digest 4 – 17 Feb 2023: synthetic data for fintech, MS Excel guide, Palantir technology ban
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress: synthetic data for fintech, draft Data Act, DPO dismissals The UK Financial Conduct Authority, (FCA), issued a statement on synthetic data for beneficial innovation in UK financial markets. It strongly indicated fraud and anti-money laundering as a key use case […]
Data protection & privacy digest 13 – 26 September 2022: Google Analytics clash, caller identification, commercial practices & GDPR
TechGDPR’s review of international data-related stories from press and analytical reports. Official guidance: Google Analytics, DP assessment tool, work monitoring, privacy policy check-list, Machine Learning, APIs The Danish data protection authority, following several other European counterparts’ decisions, concludes that the Google Analytics tool cannot be used legally without implementing several additional measures, (eg, effective pseudonymization […]
Data protection & privacy digest 16 – 29 August 2022: data subject complaints, inappropriate reliance on consent & Smart TV reset
TechGDPR’s review of international data-related stories from press and analytical reports. Official guidance: data subject complaints, new business, ID cards, traffic licenses, TCF and OpenRTB, education platforms, insolvency claims, data sent by mistake, DPO The UK Information Commissioner’s Office offers a brief guide on how to deal with data subject complaints, (your staff, contractors, customers), […]
Data protection & privacy digest 2 – 15 August 2022: commercial surveillance, sensitive data “by comparison”, worker electronic monitoring
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: commercial surveillance, sensitive data “by comparison and deduction”, workers electronic monitoring, farming data The CJEU’s recent decision may have a major impact on digital services that use background tracking and profiling to target users with behavioral ads, TechCrunch reports. The EU top […]
Weekly digest 30 May – 6 June 2022: secure multiparty computation, public procurement, voiceprints & privacy
TechGDPR’s review of international data-related stories from press and analytical reports. Official Guidance: secure multiparty computation, public procurement, risk analysis, DPIAs The Spanish privacy regulator AEPD has published a tech-savvy blog post on Privacy by Design: Secure Multiparty Computation. It is possible to create federated data spaces, which avoid the communication and exposure of data […]
Weekly digest May 23-29, 2022: All you need to know about new sets of SCCs in Q&A
TechGDPR’s review of international data-related stories from press and analytical reports. Official Guidance: SCCs, facial recognition technology, DPOs, children’s data The European Commission has published questions and answers for the two sets of Standard Contractual Clauses, approved last year for data transfers within and outside of the bloc. These Q&As are based on feedback received […]
Weekly digest May 2 – 8, 2022: DPO dismissals, shareholders, athletes privacy, passwordless future & more
TechGDPR’s review of international data-related stories from press and analytical reports. Legal Processes and Redress: DPO dismissals, Connecticut privacy draft law, EU Health Data Ius Laboris blogpost explains when data protection officers have special protection from dismissal. Art. 38(3) of the GDPR expressly states that the data protection officer shall not be dismissed or penalised […]
Weekly digest March 28 – April 3, 2022: EU crypto-asset transfers to be traced and identified, with some exceptions
TechGDPR’s review of international data-related stories from press and analytical reports. Legal Processes: crypto-asset transfers, Belgian DPA’s independence EU lawmakers backed tougher rules for tracing transfers of bitcoin and other cryptocurrencies, Reuters reports. Now the EP as a whole should vote on it during the plenary session in April. Companies that transfer crypto-assets would need […]