GDPR Rights in Sweden: Court confirms that authority must investigate complaints
The Stockholm administrative court held that a complainant under Article 77 GDPR has the right to request a decision from the Swedish Data Protection Authority (IMY) after six months.
Filter resources
-
GDPR Rights in Sweden: Court confirms that authority must investigate complaints
The Stockholm administrative court held that a complainant under Article 77 GDPR has the right to request a decision from the Swedish Data Protection Authority (IMY) after six months.
Read more
-
Mid-point EDRi strategy review: impact and adjustments in a changing field
In April 2020, during the early months of the Covid-19 pandemic in Europe, EDRi adopted its first network multi-annual strategy for the years 2020-2024. At the mid-term of the strategy implementation, what have we learned?
Read more
-
New Europol rules massively expand police powers and reduce rights protections
The new rules governing Europol, which came into force at the end of June, massively expand the tasks and powers of the EU’s policing agency whilst reducing external scrutiny of its data processing operations and rights protections for individuals.
Read more
-
Foreign authorities are banning Google and Microsoft services from schools, the Czech Republic is floundering
Jan Cibulka, a journalist for iROZHLAS and member of the Big Brother Awards CZ Jury, organised by EDRi member Iuridicum Remedium, has investigated how Czech authorities and schools are approaching the protection of privacy when using distance learning tools. Such tools send sensitive information overseas, where US law gives intelligence agencies access to it. The tools do not guarantee that children's private chats will not be accessed by, for example, teachers. While the first regional governments in Europe are developing safer alternatives, in the Czech Republic the risk assessment remains up to individual schools. In practice, they have little choice.
Read more
-
The UK Data Reform Bill and the British Bill of Rights: a tragedy in two acts
The dust hasn’t settled since plans to undermine everyone’s right to data protection were announced, but the UK Government are at it again. Plans to ditch the Human Rights Act in the UK were just unveiled, in a combined effort to steamroll the rule of law and the freedoms we have always taken for granted. EDRi member Open Rights Group explains how the impact of this constitutional butchery reverberates in data protection, and why both the Data Reform Bill and the Bill of Rights follow a common thread.
Read more
-
Good news: Dutch secret services destroy unlawfully stored information on millions of innocent citizens
The secret services store information on millions of citizens that they are no longer by law allowed to have. EDRi member Bits of Freefom filed a complaint about this with the supervisor. The supervisor stated on June 15, 2022, that the data must be destroyed.
Read more
-
Belgium’s data retention law must not undermine people’s right to privacy
Belgium's Parliament will soon vote on the draft law on the collection and retention of identification data and metadata in the electronic communications sector and the provision of such data to authorities. This draft law, as it is and if adopted without adequate adjustments, would pose a threat to people’s rights, such as the right to privacy and data protection, freedom of expression and information, press freedoms and professional secrecy guarantees, and would potentially set a dangerous precedent for other Member States.
Read more
-
Statement on 4 Years of GDPR
When the GDPR became applicable on 25 May 2018, it was perceived as a watershed moment. Comments were somewhere between the EU getting serious about privacy and the internet breaking down at midnight. The past four years have shown that a law alone does not change business models that are based on the abuse of personal data and a culture within the privacy profession that is often focusing on covering up non-compliance. After a first moment of shock, large part of the data industry has learned to live with GDPR without actually changing practices. This is mainly done by simply ignoring users’ rights and getting away with it.
Read more
-
Stop data retention in Germany and the European Union
Germany must show true leadership and set a strong precedent in the EU against the use of mass data retention to fight serious crimes. Mass data retention is one of the most privacy-intrusive instruments that treat everybody as criminals by presumption. It is high time that European governments implement rights-respecting and proportionate solutions in police investigations. Read the open letter EDRi and 12 civil society organisations sent to the German ministers of the Federal Ministry of the Interior to urge them to stop the use of data retention practices in crime investigations.
Read more
-
European Commission wants to eliminate online confidentiality
This might sound attention-seeking, but we really believe to be not far off the mark. It really looks like the European Commission wants to cancel encryption.
Read more
-
The AI Act: EU’s chance to regulate harmful border technologies
The AI Act will be the first regional mechanism of its kind in the world, but it needs a serious update to meaningfully address the profileration of harmful technologies tested and deployed at Europe’s borders.
Read more
-
Post-Brexit data protection laws are coming, and we should all be concerned about it
The UK Government are expected to reveal their Post-Brexit data protection bill on 10 May. They are proposing a framework that frames personal data in terms of economic assets and aims to "cut red tape" to promote their commercial use. These ideas draw considerable support among corporate lobbyists and large technology companies, which would no doubt leverage the "UK example" to advocate for weaker data protection standards in Europe. In turn, understanding and opposing these changes should not be seen as a domestic issue, but as a major threat for digital rights advocates across the globe.
Read more