The Dutch Data Protection Authority (DPA – Autoriteit Persoonsgegevens) has published the the Smart Net Management Code of Conduct related to the processing of personal data by network operators. This code of conduct describes in concrete terms how network operators providing services in The Netherlands must comply with the EU GDPR on activities such as...
The Municipality of Reykjavík has been fined nearly EUR 36,000 for violation of the GDPR. In April 2021 the Icelandic Supervisory Authority (SA) was notified that one of Reykjavík’s elementary schools was obtaining consent from parents for processing of personal data of students using the Seesaw educational system, which is an American cloud-based service. The...
The official press release reads that Members of the European Data Protection Board (EDPB) have agreed to further enhance cooperation on strategic cases and to diversify the range of cooperation methods used. Andrea Jelinek, Chair of the European Data Protection Board, underlines that “strong and swift enforcement is crucial for ensuring a consistent interpretation of...
The Garante per la protezione dei dati personali (the Italian DPA) has sanctioned Clearview AI with a €20M fine for violations of the GDPR and has requested immediate deletion of it’s existing databases of Italian citizens’ images. Clearview AI is a US company which collects photos from the web and through AI analyses, processes and...
The French DPA (CNIL) has published its 2022-2024 strategic plan, which is accessible here. The plan has three priority areas for a trusted digital society: promoting respect for rights, promoting the GDPR as an asset and targeting regulation on high-stakes subjects.
The Inspectorate of the Latvian DPA (Datum valsts inspeckija) has conducted an inspection regarding the use of cookies on the websites of the largest Latvian e-merchants. 29 websites of 26 merchants were inspected, of e-commerce websites offering goods and services to private citizens. Main verification addressed the compliance with the conditions for the use of cookies...
The UK Information Commissioners’ Office (ICO) has opened a public consultation on the draft guidance on the research provisions in the UK GDPR and the DPA 2018. Processing of personal data for research purposes is regulated by data protection laws despite the absence of a specific legislation on this, so the guidance is intended to provide more...
On 2 February 2022, the Belgian Data Protection Authority imposed a fine of €250,000 against the Interactive Advertising Bureau Europe (IAB Europe) for several alleged infringements of the GDPR, as a result of an investigation into the IAB Europe Transparency and Consent Framework (TCF). IAB has announced the intention to appeal the decision, and issued...
American Headquarters: European Office:
PrivacyRules Ltd.
201 East Fifth Street
Suite 1900 – #1362
Cincinnati, OH 45202, USA
Via dei Della Robbia 112
50132, Firenze
Italy (IT)Expertise