Blog

Facebook profile can be accessed by heirs, German federal court says

On July 12, 2018, the German federal court (Bundesgerichtshof, BGH) overturned the judgment of the Berlin’s highest state court (Kammergerichts), which had denied the parents’ access to their daughter’s Facebook account. The case involved a mother trying to access the deceased 15-year-old daughter’s Facebook account in order to understand the cause of death. With its judgment the BGH entitles the heirs to whatever is left on the web by the decedent. As  a contract, the user agreement Read more [...]

ECJ’s recommendations to national courts on preliminary ruling procedure

CJEU: in the references for preliminary rulings the national judge must anonymise the data   On July 20, 2018, the Official Journal of the European Union (C 257/1) published a document in which the European Court of Justice (“ECJ”) clarifies to national courts and tribunals the essential characteristics of the preliminary ruling procedure and the factors to be taken into account before submitting questions to the the ECJ for a preliminary ruling. In particular, the ECJ highlights Read more [...]

ICO fines Emma’s Diary £140,000

On August 20, 2018, the Information Commissioner Officer, ICO – the British data protection authority - fined Lifecycle Marketing (Mother and Baby) Ltd, aka Emma's Diary, £140,000 for failing to comply with the data protection ‘fairness’ principle. The principle imposes a transparency duty requiring data controllers to provide data subjects with information about the purposes for which their personal data will be used. “The ‘fairness’ requirement […] also included a substantive duty Read more [...]

Brazil approves new General Data Protection Law

On August 14, 2018, the Brazilian president signed the Lei Geral de Proteção de Dados Pessoais (LGPD) into law. The LGPD is a comprehensive data privacy regulation, which has many similarities with the GDPR, such as for example its ample scope of application, which includes processing activities conducted wholly outside of Brazil, but affecting or targeting Brazilian citizens. Similarly to the GDPR – which for some violations provides for fines “up to 10,000,000 EUR, or up to 2 % of the Read more [...]

Italy works on current privacy rules rather than completely deleting them

On August 8, 2018, the Italian Government communicated that the legislative decree that harmonizes the national legislation to the General Data Protection Regulation (GDPR) will not abrogate the Italian Privacy Code previously in force. According to an initial formulation, the legislative decree was intended to completely repeal the privacy laws in force. However, in the final formula, the previous Privacy Code remains in force but must be harmonized with the principles set out in the GDPR, first Read more [...]