Of ‘Mice and Men’ to ‘Maps and Machines’ – “Whatever in creation exists without my knowledge exists without my consent.” Further to my post in March, the purpose of this sequel post is to continue considering two guidelines published by European regulators regarding the processing of geolocation data. I continue to delve into the cloudy legal … Continue reading
Tag Archives: Article 29 Working Party
anonymisation / big data / Data protection / data protection agencies / European Data Protection Supervisor / General Data Protection Regulation / ICO / Privacy / pseudonymisation / Risk-based approach
The GDPR and the biggest mess of all: why accurate legal definitions really matter….
Issued last week, here is what seems to be the final version of the General Data Protection Regulation (the GDPR)! This 6 April 2016 version, likely to be adopted by the European Parliament this week, is now in the kiosks! HIP HIP HOORRAY I hear you thinking, either ironically because more than 4 years of … Continue reading
Latest Policy Guidance Published on Data Protection and Location Analytics Data
‘We Know Where You Are’ to ‘We Know Who You Are’ … How far are the risks involved with processing information collected from geo-location technologies alleviated by data protection rules? With the wide uptake of smart mobile devices and the rapid development of location-based apps and services, all kinds of geographic information about us are … Continue reading
EU Commission publishes Legal Texts of New ‘Privacy Shield’ Framework for Trans-Atlantic Data Transfers
…But, will the highly anticipated EU-US ‘Privacy Shield’ live up to its super-hero billing? Last month proved to be a particularly busy time for data protection news. First, the Council of the EU adopted a political agreement on the texts that will form part of the new Data Protection Reform Package. Also hitting headlines was … Continue reading
Access to data / Breach notification / Data protection / Data retention / General Data Protection Regulation / Law enforcement / Personal data / Privacy / Privacy impact assessment / Surveillance
Article 29 WP and the draft directive on the processing of personal data by law enforcement agencies: has Article 29 WP been heard?
Last month, the Permanent Representatives Committee (Coreper) of the Council of the EU the compromise texts agreed with the European Parliament on data protection reform. As a reminder, the reform is a legislative package concerning two legislative instruments: the second of which discussed here (and far less catching the press headlines than the General Data … Continue reading
Sick of hearing about safe harbours? What about Weltimmo?! – CJEU decision raises prospects for companies operating web services across the EU being subject to multiple data protection authorities
How should online businesses determine which data protection laws to comply with, and how should multiple claims to jurisdiction over the national application of data protection laws be resolved? Much has been written in the last week about the ruling of the Court of Justice of the EU (CJEU) in holding that EU Commission Decision … Continue reading
EU Parliament agrees to commence finalising the Passenger Name Record Directive in light of added data protection safeguards
Questions asked about the necessity and proportionality of yet another state scheme authorising the bulk sharing of personal data, and its storage, for risk assessment purposes – Will the EU get it right this time? In light of the growing threat posed by Islamic State militants, the issue of the EU air travel industry’s passenger … Continue reading
EU Data Protection Party warns the trilogue negotiators not to relax limits on how data controllers can use personal data after it has been collected
When it comes to further processing of personal data, will the EU institutions be able to agree on how to deal with purpose incompatibility? The extent to which businesses can justify further processing of personal data for new purposes (that is, for reasons distinct from the original purpose for which the data was collected) can … Continue reading
Opinion on drones released by EU Data Protection Working Party
“Technology is neither good nor bad; nor is it neutral” – How far might future usage of drone technology affect the very fabric of the societies in which we live? The Article 29 EU Working Party (WP) has issued an Opinion about the data protection and privacy implications of utilising unmanned aerial systems (“drones”). This … Continue reading
Businesses engaged in ‘big data’ personal data processing should consider carefully whether they have ‘legitimate interests’ grounds to justify their activities, says ICO
How exactly should data controllers carry out a ‘balance of interests’ test between their interests and the interests of data subjects? The application of data protection rules to big data technologies raises a number of legal and compliance issues, some of which I highlighted in my recent post about the latest comments from the Information … Continue reading