Posts by: dana

Monthly Roundup of Data Protection News: April 2019

Last month in data protection news: ● Voice recordings: a feature story on new cases about the legal treatment of voice recordings, depending on the purpose of their use ● Data Protection Impact Assessments ● EU Legislation watch: news about legislative processes ● Romania: helpline for cybersecurity threats launched ● CNIL: 2018 activity report & 2019 enforcement strategy published ●…

Monthly Roundup of Data Protection News: March 2019

Last month in data protection news: ● Political campaigns and the GDPR: a feature story on the issues raised by processing personal data for political purposes. ● First GDPR fine in Poland: business information aggregator sanctioned for lack of transparency. ● Copyright Directive vs GDPR: see where the legislation ovelaps and what this means for content sharing platforms. ● AdTech…

ECJ case to settle what should be common sense on cookie consent

This week ECJ Advocate General Maciej Szpunar issued his Opinion on the Planet 49 Case – a case dealing with issues which should have been sufficiently clear not to bother the Court in the first place. Namely, it is about (a) pre-checked boxes as means to collect consent for placing cookies and (b) if, under the ePrivacy Directive, the same…

What’s (not) new about EDPB’s Statement on political campaigns

On 14 March 2019 the EDPB issued a Statement on the use of personal data in the course of political campaigns, following its 8th plenary session. This was supposed to be an important position document in light of the upcoming EU Parliament elections in May, however it left us with even more questions and not one solution. Just a short…

[RO] Procedura de investigaţii ANSPDCP explicată

ANSPDCP, autoritatea română de protecţia datelor, a publicat Decizia nr. 161/2018, prin care a aprobat procedura de efectuare a investigaţiilor. Textul integral al procedurii este disponibil aici. Echipa PrivacyOne a analizat procedura şi vă prezintă principalele elemente de avut în vedere într-un Legal Alert dedicat integral acestei teme, diponibil online aici. Prezentarea conţine: Măsurile pe care le poate dispune ANSPDCP…

Romanian DPA adopts DPIA List

The Romanian data protection authority (the ANSPDCP) has adopted the final list of cases which require a data protection impact assessment (DPIA). PrivacyOne has contributed with observations on the draft DPIA list which was previously opened for public debates according to the national transparency regulations. The final list reflects some of the points we raised, such as certain terminology issues.…

[RO] Transferul datelor către grupul băncii în Codul de Conduită ARB

Pe 5 noiembrie 2018 Asociaţia Română a Băncilor a publicat noul său Cod de Conduită, care se referă şi la aspecte de protecţia datelor http://www.arb.ro/codul-de-conduita/. Codul stabileşte confidenţialitatea datelor furnizate de clienţi şi obligaţia angajaţilor băncii să protejeze aceste date. Însă, formularea legată de dezvăluirea acestor date personale către entităţi din grupul băncii (secţiunea 2.5 din Cod) poate crea confuzii:…

Romanian law implements the GDPR

  The law implementing GDPR in Romania (Law no. 190/2018) has been published and will enter into force on 31 July 2018. We have put together a brief description of the provisions together with some comments, in both Romanian and English language.          For an unofficial translation of the Romanian GDPR Implementation Law no. 190/2018, provided by…

[RO] Dreptul la portabilitatea datelor în GDPR

Dreptul la portabilitatea datelor este o noutate introdusă de Regulamentul General privind Protecția Datelor. Ca atare, implementarea acestui drept pleacă de la zero și, după cum arată analiza particularităților sale, nu este lipsită de neclarități și zone unde vor trebui dezvoltate bune practici. Articolul scris de Andreea Lisievici, partener PrivacyOne, își propune să analizeze principalele particularități ale portabilității datelor și…