guideline

The Spanish data protection authority (AEPD) published a blog post discussing the shift from viewing identity as a fundamental right to treating it as a service. This shift can undermine personal control over data, impacting rights, social inclusion, and privacy. The post highlights the risks of commodifying identity, emphasizing that identity should not be a service controlled by governments or companies. It cites examples like the Aadhaar system in India, where exclusion from services has severe consequences, arguing for identity management that respects privacy and autonomy.

Spain’s AEPD Explores Identity as Service vs. Fundamental Right

The Spanish data protection authority (AEPD) published a blog post discussing the shift from viewing identity as a fundamental right to treating it as a service. This shift can undermine personal control over data, impacting rights, social inclusion, and privacy. The post highlights the risks of commodifying identity, emphasizing that identity should not be a service controlled by governments or companies. It cites examples like the Aadhaar system in India, where exclusion from services has severe consequences, arguing for identity management that respects privacy and autonomy.

Spain’s AEPD Explores Identity as Service vs. Fundamental Right Read More »

The European Data Protection Board published its final Guidelines on Article 37 of the Law Enforcement Directive (LED). These guidelines establish standards for appropriate safeguards in data transfers by competent authorities, focusing on legally binding instruments with third countries. Key points include selecting transfer mechanisms, evaluating transfer risks to data subjects, and maintaining enhanced accountability. The guidelines emphasize legal certainty and the necessity of ensuring equivalent data protection levels when personal data is transferred outside the EU.

EDPB Finalizes Guidelines on Law Enforcement Data Transfers

The European Data Protection Board published its final Guidelines on Article 37 of the Law Enforcement Directive (LED). These guidelines establish standards for appropriate safeguards in data transfers by competent authorities, focusing on legally binding instruments with third countries. Key points include selecting transfer mechanisms, evaluating transfer risks to data subjects, and maintaining enhanced accountability. The guidelines emphasize legal certainty and the necessity of ensuring equivalent data protection levels when personal data is transferred outside the EU.

EDPB Finalizes Guidelines on Law Enforcement Data Transfers Read More »

The Privacy Explorer | Week 18

Welcome to the privacy news recap for week 18 of 2024!

In this edition:
📱US Federal Communications Commission (FCC) Imposes Heavy Fines on Major US Carriers for Illegal Data Sharing Practices;

🤖 OpenAI’s GDPR Compliance Faces New Challenge In Europe;

👥 EU Commission Initiates Formal Proceedings Against Meta for Possible Digital Services Act Violations;

📄 Norwegian Data Protection Authority publishes annual report for 2023;

⚖️ CJEU Rules on Data Retention and Privacy in Copyright Enforcement Case (C-470/21 La Quadrature du Net and Others);

⚖️ CJEU Ruling on Data Access for Crime Investigation Under the ePrivacy Directive (C‑178/22);

🛡️ NIST publishes Cyber Security Framework 2.0 small business guide;

📥 Dutch DPA publishes guidelines on data scraping and considers it “mostly illegal”;

👁️ Dutch DPA publishes general framework for facial recognition;

📝 UK ICO launches tool to help create privacy notices;

🏛️ OECD Updates AI Principles.

The Privacy Explorer | Week 18 Read More »

Scroll to Top