ICO fines Emma’s Diary £140,000

Posted on by Federica Romanelli
On August 20, 2018, the Information Commissioner Officer, ICO – the British data protection authority - fined Lifecycle Marketing (Mother and Baby) Ltd, aka Emma's Diary, £140,000 for failing to comply with the data protection ‘fairness’ principle. The principle imposes a transparency duty requiring data controllers to provide data subjects with information about the purposes for which their personal data will be used. “The ‘fairness’ requirement […] also included a substantive duty Read more [...]

Cross-border cooperation and consistency procedures – State of play

Posted on by Federica Romanelli
On July 4 and 5, 2018,  the European Data Protection Board (EDPB) held its second plenary meeting where it discussed the cooperation systems among data protection supervisory authorities, the first experiences on the functioning of the One-Stop Shop mechanism, the performance of the Internal Market Information System (IMI), and the challenges the data protection authorities (DPAs) are facing and the type of questions received since the entrance into force of the General Data Protection Regulation Read more [...]

Italian DPA issues 2017 annual activity report – some interesting (and perhaps unexpected) information

Posted on by Federica Romanelli
On July 10, 2018, the Italian Data Protection Authority (DPA), the Garante per la Protezione dei Dati Personali, issued the annual report on its activity for 2017. The English version of the report is not yet available. However, we extracted some numbers for you from the Italian text. Overall, there is a decrease in the number of notified administrative violations compared to 2016, but the amount of fines imposed in 2017 is higher. In 2017, the Italian DPA adopted 573 decisions (561 were Read more [...]

ICO investigation on data analytics used for political purposes

Posted on by Federica Romanelli
On July 10, 2018, the Information Commissioner Officer, ICO, issued a report of the office investigations into the use of data analytics in political campaigns. According to the ICO, data analytics is causing information asymmetry between different groups of voters. The report details some of the organizations under investigation, as well as the enforcement actions undertaken so far. This includes the ICO’s intention to fine Facebook a maximum £500,000 for two breaches. Evidence emerged Read more [...]

EU-US Privacy Shield doesn’t provide enough protection: US must comply by September 1, MEPs say

Posted on by Federica Romanelli
The European Parliament Committee on Civil Liberties, Justice and Home Affairs (LIBE) calls on the European Commission to suspend the EU-US Privacy Shield since it does not provide enough protection for EU data subjects. The United States has to comply by September 1, 2018. According to MEPs, the EU-US Privacy Shield should also remain suspended until the US authorities comply with its terms in full. The Privacy Shield is an agreement between the US and the EU allowing companies considered Read more [...]