Data Protection Bites 4/2019

PrintMailRate-it

 WORLDWIDE HOT TOPICS: INTERNATIONAL DATA PROTECTION UPDATES IN A NUTSHELL

​RUSSIA

New product labelling rules, specific aspects of medical product labelling in Russia

The Russian lawmakers keep consistently implementing the new product labelling system. New regulations affect almost every segment of the domestic market and every imported good. The main goals the lawmakers pursue are: organization of control over the product movements and prevention of introduction of falsified, low-quality and counterfeit goods into the market.

Click here to read the full article » 


CZECH REPUBLIC

Data Protection news from the Czech Republic

New Act on Personal Data Processing in the Czech Republic
After a twelve-moth legislative process, the Czech Parliament has finally passed new Act No. 110/2019 Sb. on personal data processing, repealing and replacing existing Act No. 101/2000 Sb., this March. The Act is particularly an adaptation act following the General Data Protection Regulation (GDPR) which has been providing for a uniform regulation in the European Union since 25 May 2018.
Click here to read the full article »


SPAIN

Draft Guidelines 2/2019 - What personal data processing may be considered as intrinsic to a contract?

The European Data Protection Board (hereinafter “EDPB”), which first priority is to contribute to the consistent application of data protection rules throughout the European Union has published a call for comments concerning Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects.

Click here to read the full article »


LATVIA

GDPR Compliant Reporting of the Patients’ Personal Data to the State Revenue Service

On April 9th, 2019, Cabinet of Ministers has approved amendments to the Regulations of the Cabinet of Ministers on the Use of Electronic Devices and other Equipment for Tax and other Payment Registration dated February 11th, 2014, hereinafter referred to as the Regulations, aiming at bringing it in compliance with the General Data Protection Regulation (GDPR).

Click here to read the full article »


 DPA OBSERVATORY

​POLAND

President of the Polish Personal Data Protection Office has slapped the first fine for breach of the GDPR

Nearly 10 months after the effective date of the General Data Protection Regulation (GDPR), the President of the Polish Personal Data Protection Office (PDPO) has imposed the very first fine for unlawful data processing. The fine has been imposed on a company which processes publicly available data from e.g. the Polish Central Registry and Information on Businesses. The company uses the above data for analysis using the scoring models.
Click here to read the full article »


GERMANY

2,500.00 EUR fines for improper use of event data

In February 2019, the regional supervisory authority in Baden-Wuerttemberg (Germany) imposed a fine for the improper use of participant data gathered for the organization of an event. In preparation for a regional conference of a political party, the chairman of the party's youth organisation received information on the names, ages and places of residence of all 168 participants.

Click here to read the full article »


ITALY

Requirements for consent to cookies

On 21 March 2019, Advocate General Maciej Szpunar ('Advocate General') of the Court of Justice of the European Union ('ECJ') delivered an opinion on how to obtain valid consent to the use of cookies. The opinion was given in view of case C-673/17 between Planet49 GmbH and the Federation of German Consumer Organisations, the "Bundesverband".

Click here to read the full article »


European Data Protection Board, Buttarelli: "Also in Italy rules to sanction parties that violate the privacy of voters are needed"

Buttarelli suggested a proposal to the Italian legislator: additional rules need to be introduced into the Italian data protection law to sanction Italian political parties that violate citizens' personal data for political purposes. "The Italian Privacy Code has been readapted", but "this code should cover the future and not include other limitations, and could be enriched with shared ethical rules that sees the parties and political forces sit down and not limit themselves, but take a step that allows you to make the best use of digital platforms and technology, assuming that what comes in terms of integrity and transparency of political forces goes beyond the interests of the party, but concerns the entire sector".

Click here to read more (in Italian) »


A unlawful processing of data as a result of data breaches

The provision concerns a case of data breach learned by Italian Data Protection Authority through the publication of newspaper articles informing citizens about a data breach suffered by a branch of a political party: the website of the Florence branch of a national political party had been hacked.

Click here to read the full article »


Guidelines on artificial intelligence and data protection

The guidelines provide the basic measures that the various artificial intelligence stakeholders should follow in order to ensure that AI applications do not undermine human dignity and human rights and fundamental freedoms of any individual and, in particular, the right to data protection.

Click here to read the full article »


The Data Protection Authority sanctioned the Association Rousseau

Are the minimum security measures dead? Without going into the merits of the inevitable, but useless, political and party polemics, attention must be drawn to the most significant aspect of the measure of the Italian Data Protection Authority relating to the Rousseau platform: a few weeks before Easter, the authority has confirmed to us that the repealed minimum security measures are still alive.

Click here to read the full article »


 COURT PRECEDENTS

UNITED KINGDOM

ICO issues warnings over access of personal data without a ‘valid business reason’

The ICO has warned employees that they might face a criminal prosecution if they access or share personal data without a ‘valid business reason’.  The warning was issued after the Birmingham Magistrates’ Court fined two workers in separate cases for breaching data protection laws.

Click here to read the full article »


ITALY

Artificial intelligence and public administration

In Italy, human intelligence maintains its state of supremacy over robots because the decisions of machines are questionable before a human judge. The Italian Supreme Administrative Court  dealing with algorithms and administrative procedure has sided in defense of individual rights when the decision-maker is a programmed computer (decision n. 2270 of 8 April 2019). The supreme authority of administrative justice has established that in these cases there must be maximum transparency on how the robot is programmed and how it works and the contestability to a human being of fully automated decisions.
Click here to read more (in Italian) »

 

Contact

Contact Person Picture

Avv. Rita Santaniello

Partner

+39 02 6328841
+39 02 63288420

Invia richiesta

Contact Person Picture

Avv. e Head of Data Protection Italy Nadia Martini

+39 02 6328841
+39 02 63288420

Invia richiesta

 Data Protection Bites

Our newsletter aims at collecting updates, news and insights on data protection matters worldwide, with a special focus on the GDPR. Read all releases »

Utilizziamo i cookies per personalizzare il sito web e offrire all’utente un servizio di maggior valore. Tra le diverse finalità, i cookies ci permettono di analizzare il percorso di navigazione dell’utente per migliorarne l’esperienza sul sito web. Continuando a navigare su questo sito accetta la politica sui cookie. Ulteriori informazioni sono contenute nostra informativa privacy.
Deutschland Weltweit Search Menu