Motherboard – 1/2024
Selected Personal Data News – Hellenic Police: Website – Cyprus: Gyms – United Kingdom: Canteen – USA: Fingerprints – CoE: Arabic – Finland: Buses
In Brief – 2/2024: Public bodies and choice of data processors
The recently published Guide of the supervisory authority of Ontario (IPC / Canada) is about contracts in the public sector with third party service providers, among others, in the light of the protection of personal data. In this regard, the Guide develops best practices for exercising due diligence and ensuring accountability during the planning and conclusion of the relevant contracts. We round up the following seven points from the Guide that piqued our interest, adding, in conclusion, one of our own.
In Brief – 1/2024: Brain Fingerprinting and Unlawful Access to Brain Activity
The recently published TechDispatch #1/2024 of the European Data Protection Supervisor is about neurodata processing. Neurodata are personal data, primarily related to the activity of the human brain. We round up the following - seven plus one - points from TechDispatch that piqued our interest.
Comments of A. Koronaios on kathimerini.gr – Seven years after GDPR
Seven years after GDPR: The tricks of companies and the defense of citizens. Lawyers as well as the President of the Data Protection Authority answer the questions of "K".
Electronic surveillance of smartphones: The Report of the Council of Europe
Ten points from the recent Report of the Council of Europe on "Pegasus" spyware and its impact on human rights.
Electronic surveillance of smartphones: European Supervisor vs “Pegasus”
What we learned from the recent Preliminary Remarks of the European Data Protection Supervisor (EDPS) on modern electronic surveillance tools and in particular on "Pegasus".
GDPR: 18 scenarios of personal data breaches
Guidelines 1/2021 of the European Data Protection Board (EDPB) with examples of personal data breach notification (Guidelines 1/2021) approach this issue for the first time in such a practical way. The Guidelines were published in January 2021, were put to public consultation until March...
GDPR: The DPO under the microscope of the supervisory authorities
Data Protection Officer (DPO): key position in the public and private sector for the correct and full implementation of the legal framework for the protection of personal data. According to the GDPR, some controllers and processors are required to designate a DPO. In short, this obligation applies...
Personal data and cameras: The Annual Reports of Cyprus and Greece
In accordance with decision No. 12/2021, published on April 7, the Hellenic Data Protection Authority (HDPA) imposed on a company a fine of 2,000 euros for illegal camera operation against employees. The video surveillance system did not have a recorder, but transmitted image to the mobile phone of the owner of the company...
GDPR and emails automatic forwarding of (former or current) employees
The issue of handling the professional e-mail address of an employee, especially after his departure, remains at the forefront of the daily news, with a series of supervisory authorities' decisions. The practice that seems to be adopted very often by companies is the automatic forwarding of emails of the former employee - and sometimes of the current -...