Privacy Transformation - Issue 87
PRIVACY
Data Protection Commission ‘acutely strained’ by big tech cases
The Data Protection Commission warned it was “acutely strained” as it grappled with cases involving giant multinational tech companies and rising complaints from members of the public.
European court opinion strengthens role of national data supervisors in Facebook case
The Court of Justice of the European Union (CJEU) Advocate General Bobek published his opinion on whether a national data protection authority can start proceedings against a company, in this case Facebook, for failing to protect users’ data, even if it is not the lead supervisory authority (LSA).
Related:
Schrems criticises Irish data regulator after Facebook case breakthrough
NOYB: Irish DPC settles Judicial Review and agrees to decide swiftly on Facebook's EU-US transfers
The effect of the Brexit Deal on data protection
After months of arduous negotiations, the EU-UK Trade and Cooperation Agreement (the Brexit Deal) of 24 December 2020 is good news and provides a welcome degree of certainty to businesses.
SECURITY & TECH
Signal sees surge in new signups after WhatsApp controversy
Signal Messenger App is seeing a surge in new signups that is causing delays in its phone number verification for new users. The reason for the swell in interest in the encrypted messaging platform is an Elon Musk plug and a complex WhatsApp privacy controversy.
Related:
Do you suddenly need to stop using WhatsApp?
Turkey launches probe into Facebook, WhatsApp data collection
WhatsApp reassures users of privacy as people flock to Signal and Telegram
Confusion over WhatsApp’s new T&Cs triggers privacy warning from Italy
Opinion: I really hope Signal is OK!...
US Capitol attack's cybersecurity fallout: Stolen laptops, lost data and possible espionage
The January 6 attack on Election Day certification proceedings in the US Capitol Building has deep cybersecurity ramifications.
ENFORCEMENT
Spanish DPA: 6M fine for GDPR Violations
The Spanish DPA (AEPD) fined Caixabank S.A. EUR 6,000,000 for violations of Art. 6 GDPR, Art. 13 GDPR and Art. 14 GDPR. [Notice is in Spanish]
Norwegian DPA: Fine for forwarding employee's email without informing
The Norwegian DPA (Datatilsynet) fined a company NOK 400 000 (€38,800) for enabling automatic forwarding of an employee's emails during a sick leave, without informing the employee or accepting her objection.
More on the latest GDPR enforcement news can be found on:
GUIDANCE
DPC: Domestic CCTV Guidance
Guidance from the Data Protection Commission on the use of domestic CCTV under the household exemption.
RESOURCES
EU Commission Issues Report on Implementing Certain GDPR Provisions, Including Obtaining Children’s Consent and Processing Special Categories of Personal Data
The Report addresses the implementation of EU Member States General Data Protection Regulation (GDPR) Articles governing, which includes obtaining children’s consent, processing special categories of personal data, restrictions to the exercise of data subjects’ rights, tensions between rights to personal data protection and the right to freedom of expression, and national derogations for scientific or historical research, statistical, or public interest purposes.
IAPP-FTI Consulting Privacy Governance Report 2020
This report takes a deep dive into the leadership structures, core functions, staff and budgets, and tasks and priorities of privacy programs around the globe.
CONTRIBUTE
Have an interesting article, book, video, podcast or other data protection or privacy resource that you would like to share with fellow privacy practitioners? Feel free to drop me a note.