Privacy & data protection

Selling, purchasing or licensing personal data | Timelex

Buying, selling or licensing are different ways of exchanging personal data. As a result, organisations can often quickly acquire new income. However, personal data is not a classic commodity, so can it just be traded or exchanged? What legal rules should be taken into account?

data donation

One of the most common questions in European research projects today is how to ensure access to research material and research data. Data donation (or data donorship) is mentioned more and more frequently as a possible solution.

deutsche-wohnen

On 30 October 2019, the Berlin Data Protection Authority (DPA) issued a big fine of 14.5 million EUR against Deutsche Wohnen SE. It is the biggest fine imposed by a German DPA so far.

facebook like

Do you use one of the Facebook plugins, such as the ‘Like’ button, to anticipate your website visits? Then you might be a joint controller with Facebook. This follows from a recent judgment of the European Court of Justice (‘CJEU’) in the Fashion ID judgment (C-40/17).

archief

The Danish supervisory authority proposes to impose a fine of DKK 1.5 million (approximately € 200,000) on a Danish furniture manufacturer (IDDesign) for failing to comply with the obligations regarding the retention periods of personal data.

facebook

On the 9th of July, the hearing of the so-called Schrems 2.0 case took place before the Grand Chamber of the European Court of Justice (“CJEU”).

CyberSec4EU

On Thursday the 4th of July 2019, Cyber Security for Europe (CyberSec4EU) hosted a panel on the Proposal for a Regulation establishing the European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres, the NCCC regulation.

British Airways

The British Supervisory Authority, the British Information Commissioner's Office (ICO), announced its intention to impose a GDPR fine of £183 million (equivalent to €243.47 million) on British Airways.

1 year GDPR

About a year ago, on 25 May 2018, the General Data Protection Regulation (GDPR) became applicable. Today, one year later, we draw up a balance sheet of the enforcement actions taken by the supervisory authorities across the EU.