data protection authority
Filter by...
-
Technologies for border surveillance and control in Italy
This research points out that identification and categorisation systems for migrants, refugees, and asylum-seekers, rely on vast quantities of biometric data including fingerprints and facial images. It is, however, often difficult to assess how these procedures are managed. Upon identification, the aforementioned groups have limited knowledge and awareness about where and how their personal and biometric data are going to be stored and used, hindering them from countering the pressure that this flow of information puts on their subsequent living conditions in Italy and in the European Union.
Read more
-
New Belgian data retention law: a European blueprint?
On 21 April 2021, the Belgian Constitutional Court canceled the country’s data retention law, which has allowed every Belgian’s telecom, location and internet metadata to be retained for 12 months, for its potential use in criminal investigations. The Belgian Constitutional Court followed the Court of Justice of the European Union’s (CJEU) judgment released a few months earlier, which declared that practice of general and indiscriminate retention of personal data illegal (for the third time).
Read more
-
EU must let its crown jewel shine: GDPR needs progress
On 24 June, the European Commission published the Communication reviewing of the two years of application of the General Data Protection Regulation (GDPR) The Communication received input from the multistakeholder expert group on the application of the GDPR, of which EDRi members Access Now and Privacy International belong to.
Read more
-
Massive political data leak in Malta
After a massive leak of the voter’s list showing the voting preferences, addresses, phones and dates of birth of a majority of the Maltese population, EDRi member noyb.eu will assist the Daphne Foundation and Repubblika in their class action and file complaints about the data breach in various EU Member States.
Read more
-
SHARE’s campaign bears fruit: Google appoints Serbian representatives
Serbian citizens can now bring their objections and requests regarding Google’s use of their private data to the tech giant’s new representative in the country.
Read more
-
Greece: The new data protection law raises concerns
On 29 August 2019, the much awaited new Greek data protection law came into force. Τhis law (4624/2019), implements both the provisions of the EU Law Enforcement Directive (LED, 2016/680) and the General Data Protection Regulation (GDPR) into national level. However, since the first days after the law was adopted, a lot of criticism was […]
Read more
-
Microsoft Office 365 banned from German schools over privacy concerns
In a bombshell decision, the Data Protection Authority (DPA) of the German Land of Hesse has ruled that schools are banned from using Microsoft’s cloud office product “Office 365”. According to the decision, the platform’s standard settings expose personal information about school pupils and teachers “to possible access by US officials” and are thus incompatible […]
Read more
-
The first GDPR fines in Romania
The Romanian Data Protection Authority (DPA) has recently announced the first three fines applied in Romania as a result of the enforcement of the EU General Data Protection Regulation (GDPR).
Read more
-
Serbian Data Protection Commissioner: NGOs call for transparency
Today, on 4 December, eight digital rights organisations from across Europe sent a letter to the National Assembly of Serbia, asking for a transparent process of the selection of the country’s new Data Protection Commissioner.
Read more
-
The Facebook breach – a GDPR test-case
On 28 September, Facebook notified the Irish Data Protection Commissioner (DPC) about a massive data breach affecting more than 50 million of its users.
Read more
-
Are GDPR certification schemes the next data transfer disaster?
The General Data Protection Regulation (GDPR) encourages the establishment of data protection certification mechanisms, “in particular at [EU] level” (Art. 42(1)). But the GDPR also envisages various types of national schemes, and allows for the approval (“accreditation”) of schemes that are only very indirectly linked to the national data protection authority.
Read more
-
#5 Freedom not to be labelled: How to fight profiling
This is the fifth blogpost of our series dedicated to privacy, security and freedoms. In the next weeks, we will explain how your freedoms are under threat, and what you can do to fight back.
Read more