The Data Protection Commission’s 2022 Annual Report
On 7 March 2023, the Data Protection Commission (“DPC”) released its 2022 Annual Report. We have summarized the key...
2022 was a busy year for all privacy practitioners. This active spirit did not...
Among the privacy changes some interesting Legislative amendments were proposed to the Israeli Privacy Protection...
Transparency in the sights of the Luxembourg data protection Authority
As in the past, the Luxembourg data protection Authority (the “CNPD”) launched in 2020 a thematic investigation on...
I Meta Tracking Tools Illegal – Austrian Data Protection Authority Holds That...
The Austrian Data Protection Authority (DPA) decided (6th of March 2023, D155.028, 2022-0.726.643) that the use of...
Facebook is in trouble again …
… And this time it’s not Max Schrems who’s behind it.
On March 15, 2023, the Amsterdam District Court ruled that...
Am I My Brother’s Keeper?
Understanding the Importance of Data Protection Compliance Management in Processing Chains: Key Takeaways from the...
The privacy risks of the “virtual friend”: the Italian DPA clamps down Replika
The Italian Data Protection Authority (“Garante Privacy”) has ordered the limitation of the data processing...
The ‘Chat GPT Effect’ – Parsing Privacy and AI Regulation in India
The increasingly common use of AI in our daily lives raises multiple concerns, particularly around data privacy and...
2022 and 2023 in Baltic Data Protection
At the end of January, we celebrated Data Protection Day. To mark that annual occasion, TGS Baltic’s Data...
Non-material Damage for Data Protection Breaches before the Irish and EU Courts...
Data protection claims are in the dock. The Irish Circuit Court has temporarily halted proceedings for non-material...
China first attempt to regulate deepfake-like risks.
China recently released an administration regulation on the use of deep synthesis technologies and their use on the...
Online identifiers are not always personal data
The Voivodeship Administrative Court in Warsaw recognizes online identifiers, including cookies, should not be...
Cyber insurance: the French legal framework is changing
France makes the payment by insurers in case of cyber attacks conditional upon the prior filing of a criminal...
The Guidelines on Use of Cookies in Turkey
The Guidelines on Use of Cookies (the “Guidelines”) was published by the Personal Data Protection Authority (the...
The Digital Operational Resilience Act (DORA)
The Digital Operational Resilience Act (Regulation (EU) 2022/2554) solves an important problem in the EU financial...
The interplay between contractual relations and the GDPR’s security principle: A...
Security breaches and data loss are a core concern of any controller or processor. What possible avenues of redress...
First European Report on the Use of Cloud Computing in the Public Sector From...
The Spanish DPA (AEPD) just published the conclusions of this first European report, coordinated by the European...
The largest bank in Denmark - Danske Bank - is set to be fined DKK 10 million...
The Danish Data Protection Authority has found that the largest bank in Denmark - Danske Bank - has failed to...
Data Controller Registry Requirement in Turkey
In accordance with Personal Data Protection Law No. 6698 (the “DPL”) and the Regulation on Data Controllers’...
Do you think that a black van serves only transportation purposes? Well, maybe...
How Cyprus found itself in the epicenter of the spy scandal in Greece