Episode 8

13 / 05 / 2022

  1. Austrian DPA strikes at Google Analytics again and rejects “risk-based approach” for data transfers (link).
  2. The European Commission and the United States reached an agreement in principle for a Trans-Atlantic Data Privacy Framework (link, link).
  3. US Commerce Secretary Raimondo announced Global Cross-Border Privacy Rules (CBPR) Forum (link) based on the APEC Privacy Framework 2015 (link).
  4. House of Lords report: The advent of new technologies in the justice system (link).
  5. EU Parliament REPORT on artificial intelligence in a digital age (2020/2266(INI)) (link).
  6. European Data Protection Supervisor’s Annual Report 2021 with key developments (link).
  7. UK’s Digital Regulation Cooperation Forum (DRCF) to oversee algorithms (link).
  8. Dutch Impact Assessment: Fundamental rights and algorithms (link).
  9. Underwood v Bounty UK Ltd & Hampshire Hospitals NHS Foundation Trust [2022] EWHC 888 (QB) (link).
  10. CJEU confirms in C-319/20 that consumer associations may bring opt-out representative actions (link).
  11. Google to introduce a “reject all” cookies button (link).
  12. OECD paper on Mapping data portability initiatives, opportunities and challenges (link).
  13. Chapter 4: Accountability and governance of the draft anonymisation, pseudonymisation and privacy enhancing technologies guidance from the UK Information Commissioner’s Office (link).
  14. CJEU Case C-140/20 prohibiting the general and indiscriminate retention of data to combat serious crime (link).
  15. Temperature checks at Brussels Airport unlawful (link).
  16. CNIL fines processor €1.5M for health data breach (link).
  17. Danish DPA proposes a €1.3M fine on bank for failing to delete data (link).
  18. Hungarian DPA fines bank €660k for automated evaluation of customer service calls without transparency and legal basis (link).
  19. EU’s Digital Markets Act to tackle Big Tech and ensure fair competition (link).
  20. UK’s Digital Markets Unit (DMU) to be granted powers in the coming years to tackle Big Tech (link).
  21. The Dubai International Financial Centre (DIFC) Commissioner of Data Protection clarified data transfers in Data Export & Sharing Handbook (link) and released a Country Risk Rating Assessment for Data Protection tool (link).
  22. Sanso Rondon v LexisNexisRisk Solutions UK Ltd [2021] EWHC 1427 (QB) (link).
  23. UK’s Tougher consumer protections against malicious apps (link).