Andreea Lisievici

Multistakeholder Expert Group’s Report on GDPR Application

EU law, GDPR |

On 10 June 2024, the Multistakeholder Expert Group on GDPR published a comprehensive report evaluating GDPR application. The report highlights increased data protection awareness and compliance among stakeholders. However, it also identifies ongoing issues such as legal fragmentation, difficulties in applying specific provisions, and challenges for SMEs. Concerns include transparency obligations, the interplay with other regulations like AML and PSD2, and complexities in data transfers. The report calls for enhanced guidance and consistency in GDPR application across EU member states.

Multistakeholder Expert Group’s Report on GDPR Application Read More »

FRA publishes “GDPR in practice – Experiences of data protection authorities”

EU law, GDPR |

The European Union Agency for Fundamental Rights (FRA) report analyzes the challenges faced by data protection authorities (DPAs) in the implementation of the General Data Protection Regulation (GDPR). Key findings include inadequate resources threatening DPAs’ mandates, high volumes of complaints, public misunderstanding of data protection laws, and challenges posed by new technologies. The report emphasizes the need for additional tools and stronger cooperation between DPAs, highlighting significant discrepancies in resources and capacities across Member States. This report complements the European Commission’s evaluation of GDPR.

FRA publishes “GDPR in practice – Experiences of data protection authorities” Read More »

Hamburg Commissioner Issues Guidance on Applicant Data Protection and Recruiting

AI, employees, Risk management |

The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has emphasized the importance of protecting personal data in the application process, especially with the rise of artificial intelligence. The position paper discusses the legal status and rights of applicants, highlights the need for clear definitions in recruiting, proper data storage in talent pools, and cautions against the use of AI for emotion analysis while outlining conditions for CV parsers. The document underscores the necessity for strict data protection measures to build candidate trust and minimize legal risks.

Hamburg Commissioner Issues Guidance on Applicant Data Protection and Recruiting Read More »

Addressing AI Risks in the Workplace: Workers and Algorithms

AI, employees, Risk management |

On 3 June 2024, the European Parliamentary Research Service issued a briefing on the impact of algorithms and AI in the workplace. AI’s potential to transform work raises ethical concerns and challenges existing labour laws. The briefing highlights the tension between strict regulation and minimal oversight, exploring how AI improves productivity but poses risks like job loss and worker surveillance. It also discusses the EU’s legislative approach and the role of collective bargaining in managing these technologies. Despite some regulatory efforts, significant questions about AI’s workplace impact remain.

Addressing AI Risks in the Workplace: Workers and Algorithms Read More »

New Security-Focused Software Testing Measure Added to Danish DPA’s Catalogue

cybersecurity |

The Danish Data Protection Agency (Datatilsynet) added a new security-focused software testing measure to its catalogue of recommended security actions. This measure aims to identify vulnerabilities in newly developed software, and includes various types of tests, such as vulnerability and penetration tests, ensuring comprehensive security coverage during software development.

New Security-Focused Software Testing Measure Added to Danish DPA’s Catalogue Read More »

Scroll to Top