DPA Archives - Page 2 of 3 - European Digital Rights (EDRi)

July 17, 2019 · On the ground | Privacy and data protection | Data protection standards

Microsoft Office 365 banned from German schools over privacy concerns

In a bombshell decision, the Data Protection Authority (DPA) of the German Land of Hesse has ruled that schools are banned from using Microsoft’s cloud office product “Office 365”. According to the decision, the platform’s standard settings expose personal information about school pupils and teachers “to possible access by US officials” and are thus incompatible […]

July 17, 2019 · On the ground | Privacy and data protection | Data protection standards

The first GDPR fines in Romania

The Romanian Data Protection Authority (DPA) has recently announced the first three fines applied in Romania as a result of the enforcement of the EU General Data Protection Regulation (GDPR).

April 24, 2019 · On the ground | Privacy and data protection | Online tracking industry / AdTech

Facebook Custom Audience illegal without explicit user consent

Online shops and marketers routinely share customer data with Facebook to reach them with targeted advertising. Turns out that in many cases this is illegal. A ground-breaking decision by a German Data Protection Authority (DPA) recently ruled that matching customers’ email addresses with their Facebook accounts requires their explicit consent.

February 27, 2019 · On the ground | Privacy and data protection | Data protection standards

ApTI submits complaint on Romanian GDPR implementation

In November 2018, the RISE Project case showed that the Romanian Data Protection Authority (ANSPDCP or Romanian DPA) was unprepared to respond to cases that involve both the right to freedom of expression and the right to privacy. RISE Project’s investigative journalism story #TeleormanLeaks was an important signal that the General Data Protection Regulation (GDPR) […]

February 21, 2019 · Blogs | Privacy and data protection | Online tracking industry / AdTech

Google and IAB: Knowingly enabling intrusive profiling

On 28 January, EDRi member Panoptykon joined a complaint against Google and the Interactive Advertising Bureau (IAB) in Poland, after it had become clear that the advertising categories provided by these entities are enabling the processing of extremely sensitive data of European citizens. On 20 February, new evidence was published proving that the IAB was […]

December 5, 2018 · Blogs | Privacy and data protection | Data protection standards

Complaints: Google infringes GDPR’s informed consent principle

On 27 November 2018, seven members of the European Consumer Organisation (BEUC) have launched complaints with their national Data Protection Authorities (DPAs) about Google potentially infringing the General Data Protection Regulation (GDPR).

October 10, 2018 · Blogs | Privacy and data protection | Data protection standards

The Facebook breach – a GDPR test-case

On 28 September, Facebook notified the Irish Data Protection Commissioner (DPC) about a massive data breach affecting more than 50 million of its users.

May 2, 2018 · Blogs | Privacy and data protection | Data protection standards

Are GDPR certification schemes the next data transfer disaster?

The General Data Protection Regulation (GDPR) encourages the establishment of data protection certification mechanisms, “in particular at [EU] level” (Art. 42(1)). But the GDPR also envisages various types of national schemes, and allows for the approval (“accreditation”) of schemes that are only very indirectly linked to the national data protection authority.

April 18, 2018 · Blogs | Privacy and data protection | Privacy and confidentiality

Hermes Center demands investigation of NAT-related data retention

On 27 March 2018, EDRi member Hermes Center for Transparency and Digital Human Rights filed a request with the Italian Data Protection Authority (DPA) to investigate on the widespread practice of logging Network Address Translations (NAT) by most of the telecommunication operators.

April 19, 2017 · Blogs

Dangerous myths peddled about data subject access rights

Now that the date on which the General Data Protection Regulation (GDPR) becomes enforceable is rapidly approaching, the European Data Protection Authorities (DPAs) are in the process of clarifying what their shared positions will be on various topics, including profiling. This is done through stakeholder consultation meetings.

November 23, 2016 · Blogs

#5 Freedom not to be labelled: How to fight profiling

This is the fifth blogpost of our series dedicated to privacy, security and freedoms. In the next weeks, we will explain how your freedoms are under threat, and what you can do to fight back.

November 4, 2015 · Blogs

Can the US be a “safe harbor” for travel surveillance?

This article is a shortened version of an analysis originally published on http://papersplease.org/wp/2015/10/29/can-the-us-be-a-safe-harbor-for-travel-surveillance At its plenary session on 29 October in Strasbourg, the European Parliament adopted a “Resolution on the electronic mass surveillance of European Union citizens”. As part of the Resolution, the European Parliament, “[c]alls on the EU Member States to drop any criminal […]

Search

DPA

Filter by...

Microsoft Office 365 banned from German schools over privacy concerns

The first GDPR fines in Romania

Facebook Custom Audience illegal without explicit user consent

ApTI submits complaint on Romanian GDPR implementation

Google and IAB: Knowingly enabling intrusive profiling

Complaints: Google infringes GDPR’s informed consent principle

The Facebook breach – a GDPR test-case

Are GDPR certification schemes the next data transfer disaster?

Hermes Center demands investigation of NAT-related data retention

Dangerous myths peddled about data subject access rights

#5 Freedom not to be labelled: How to fight profiling

Can the US be a “safe harbor” for travel surveillance?