According to the NewEurope newspaper, “Sweden’s data protection authority has approved the use of facial recognition technology by the police, to help identify criminal suspects.”
“The new application of facial biometric screening will allow Swedish police to compare facial images from closed-circuit TV footage to an existing biometric database of over 40,000 pictures.”
“According to
The UK’s Information Commissioner’s Office has issued an opinion on the use of Live Facial Recognition technology by law enforcement.
Ireland’s Data Protection Commission has issued a guidance note on the right of access under the General Data Protection Regulation.
The United Kingdom’s Information Commissioner’s Office has launched a public consultation on how to create a toolkit to help organizations assess whether they have appropriate and effective internal data protection governance arrangements in place and to help them demonstrate their compliance with the General Data Protection Regulation (GDPR).
Per the GDPR accountability principle, data controllers
The Austrian Data Protection Authority has imposed an 18 Million Euro fine on Post AG for violating GDPR by processing personal information of individuals to create statistical probabilities about political party affinity and using them for marketing purposes.
Under GDPR. political affiliation is a “special category” personal data, the processing of which is deemed more
C is for “cookie” and also for “consent.”
Consent is necessary for online cookies and trackers, says the Court of Justice of the European Union in its Planet 49 decision.
Google Analytics is in the crossfire in Germany.
The data protection authorities of the German states are being flooded with complaints, approximately 200,000 in number, regarding deployment of the Google Analytics service on websites in a manner which allegedly is in violation of GDPR.
At issue is whether deploying Google Analytics is possible without acquiring
The Irish Data Protection Commission has issued guidance on data breach notification under GDPR.
Key takeaways:
A personal data breach is a security incident that negatively impacts the confidentiality, integrity, or availability of personal data, with the consequence that the controller is unable to ensure compliance with the principles for processing personal data as outlined
The Irish Data Protection Commission has issued guidance on cloud computing. Here are key takeaways for companies and cloud providers:
We heard recently from French Data Protection Authority CNIL on the topic of Data Protection Impact Assessments (DPIAs). Now, Ireland’s Data Protection Commission has issued its own Guidance Note on DPIAs under The General Data Protection Regulation.
It describes the process in detail and provides lists of risks and mitigation methods. Key takeaways: