Select your nation of interest

Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

Warning: Undefined array key 0 in /home/trust365/public_html/wp-content/themes/privacy/page-servizio-figlio.php on line 43

Warning: Trying to access array offset on value of type null in /home/trust365/public_html/wp-content/themes/privacy/page-servizio-figlio.php on line 43
Digital Markets Act – DMA
Home /
Digital Markets Act – DMA
DALL’AUTORITA’ PER LA PROTEZIONE DEI DATI HONG KONG: Il Commissario per la privacy sostiene la protezione dei dati personali in mezzo a COVID-19 alla Conferenza internazionale sulla privacy

Regulation (EU) 2022/1925, also known as the Digital Markets Act (DMA), is a European Union regulation that aims to ensure fair and competitive digital markets. The DMA introduces specific rules for large online platforms, referred to as gatekeepers, in order to prevent anti-competitive behaviour and promote competition and innovation.

The DMA enforcement advice service is designed to help companies understand and implement the provisions of the regulation, ensuring compliance and improving the management of their digital operations.

Objectives

  1. Regulatory Compliance:Ensure your company complies with all provisions of the Digital Markets Act.
  2. Promotion of Competition: Implement measures that promote competition and prevent anti-competitive behaviour.
  3. Transparency and Fairness: Enhancing the transparency of business operations and ensuring fair business practices.
  4. Gatekeeper Relationship Management: Optimise relationship management processes with large online platforms.
  5. Risk Reduction: Minimise legal and reputational risks associated with non-compliance.

Modalities

  1. Preliminary Assessment:
    • Assessment of Current Practices: Analysis of current business practices to identify areas of non-compliance with the DMA.
    • Mapping of DMA Provisions: Identification of specific DMA provisions applicable to the company.
  2. Development of Policies and Procedures:
    • Drafting of Corporate Policies: Development of internal policies to ensure compliance with the provisions of the DMA.
    • Operational Procedures: Implementation of operational procedures for managing gatekeeper relations and promoting competition.
  3. Gatekeeper Relationship Management:
    • Contracts and Agreements: Review and update of contracts and agreements with gatekeepers to ensure compliance with the DMA.
    • Monitoring of Business Practices: mplementation of systems to monitor gatekeepers’ business practices and ensure compliance with competition rules.
  4. Transparency Obligations:
    • Transparency Obligations: Ensure that the information required by the DMA is published in a transparent and accessible manner.
    • Reporting: Develop regular reports to demonstrate compliance with the DMA and provide detailed information on business activities.
  5. Training and Awareness-raising:
    • Training Programmes: Design and implementation of training programmes for staff on the provisions of the DMA and best practices for managing gatekeeper relationships.
    • Awareness-raising Campaigns: Internal campaigns to raise staff awareness of the importance of regulatory compliance and promotion of competition.
  6. Monitoring and Review:
    • Periodic Audits: Conducting periodic audits to verify ongoing compliance with the DMA and identify any areas for improvement.
    • Policy Update: Review and update policies and procedures according to regulatory changes and new best practices.

Benefits

  • Regulatory Compliance: Ensure that the company complies with all provisions of the DMA, reducing the risk of sanctions.
  • Promotion of Competition: Implement measures that promote competition and prevent anti-competitive behaviour.
  • Transparency and Fairness: Improve transparency of business operations and ensure fair business practices.
  • Effective Gatekeeper Relationship Management: Optimise relationship management processes with large online platforms.
  • Risk Reduction: Minimise legal and reputational risks associated with non-compliance.

Tools used

  • Compliance Management Platform: Tools for monitoring and managing DMA compliance.
  • Relationship Management Platforms: Tools for managing and monitoring relationships with gatekeepers.
  • Documentation Templates: Templates of policies, procedures and records for managing compliance activities.
  • Training Platforms: Online tools and training materials for staff training and awareness-raising.
  • Monitoring Dashboard: Tools to monitor compliance activities and verify the effectiveness of company policies.

Final considerations

365TRUST’s proposed service of advice on the implementation of Regulation (EU) 2022/1925 – Digital Markets Act, is essential for companies that operate in the digital services sector and wish to comply with the new European regulations. Through targeted advice and the implementation of effective policies, procedures and management systems, companies can improve the promotion of competition, ensure fair business practices, and reduce the legal and reputational risks associated with managing gatekeeper relationships.

Contact us

Recommended to you

GERMAN SUPERVISORY AUTHORITY: BfDI criticizes 1.000 days without implement the JI directive.

POLISH SUPERVISORY AUTHORITY, UODO: Parents’ access to data from monitoring recordings in kindergarten
LATVIAN SUPERVISORY AUTHORITY: Video surveillance on a large scale. Criteria and conditions GERMAN SUPERVISORY AUTHORITY: Berlin Group approves papers on LLMs and data sharing ITALIAN SUPERVISORY AUTHORITY: Healthcare: Privacy Guarantor fines a hospital company ITALIAN SUPERVISORY AUTHORITY: FAQs for accessing personal data in medical records published ITALIAN SUPERVISORY AUTHORITY: Certificates for absence from work, Guarantor: no to health data ITALIAN SUPERVISORY AUTHORITY: Telemarketing: the Guarantor imposes a 670 thousand euro fine on electricity and gas supplier SLOVENIAN SUPERVISORY AUTHORITY: Protecting personal data is essential for the responsible development of artificial intelligence models ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR DUTCH SUPERVISORY AUTHORITY: Netflix fined for not properly informing customers LATVIAN SUPERVISORY AUTHORITY: How to ensure legal video surveillance in a company? CROATIAN SUPERVISORY AUTHORITY: Opinion of the European Data Protection Board on artificial intelligence models ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR AUSTRALIAN SUPERVISORY AUTHORITY: Landmark settlement of $50m from Meta for Australian users impacted by Cambridge Analytica incident IRISH SUPERVISORY AUTHORITY: Meta fined €251 Million FRENCH SUPERVISORY AUTHORITY: Data transfers outside the EU: two new EDPB documents Cleo Product Exploitation Detected (AL04/241210/CSIRT-ITA) – Update ICELANDIC SUPERVISORY AUTHORITY: Opinion on Santa Claus’ registration of children’s personal information Apple Security Updates (AL01/241212/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: Sanction for violation of the GDPR FRENCH SUPERVISORY AUTHORITY: Misleading cookie banners: CNIL issues formal notice to website publishers Ivanti December Security Update (AL05/241211/CSIRT-ITA) Fixed vulnerabilities on GitLab CE/EE (AL06/241211/CSIRT-ITA) Vulnerabilities discovered in Splunk products (AL03/241211/CSIRT-ITA) Microsoft Monthly Updates (AL01/241211/CSIRT-ITA) Adobe Releases Updates to Fix Multiple Vulnerabilities (AL04/241211/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: Data processing in social media groups – when does the Data Regulation apply? CROATIAN SUPERVISORY AUTHORITY: EDPB – Guidelines on Article 48 of the GDPR published and new European data protection seal approved Cleo Product Exploitation Detected (AL04/241210/CSIRT-ITA) Vulnerability detected in 7-Zip (AL01/241122/CSIRT-ITA) – Update ROMANIAN SUPERVISORY AUTHORITY: Sanction for non-compliance with Law No. 506/2004 and GDPR FRENCH SUPERVISORY AUTHORITY: Advertisements inserted between emails: 50 million euro fine against ORANGE SAP Security Patch Day (AL01/241210/CSIRT-ITA) Schneider Electric: Vulnerabilities discovered in various products (AL02/241210/CSIRT-ITA) Vulnerability in QNAP Products (AL01/241125/CSIRT-ITA) – Update Vulnerabilities found in Needrestart (AL03/241121/CSIRT-ITA) – Update Siemens Product Updates (AL03/241210/CSIRT-ITA) CANADIAN SUPERVISORY AUTHORITY: welcomes commitment from LinkedIn to pause training of AI models using the personal information from Canadian member accounts SLOVENIAN SUPERVISORY AUTHORITY: World Human Rights Day: Protecting individuals in the digital age Remediated Vulnerabilities in Qlik Sense Enterprise (AL01/241209/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: participates in AI Board Subgroups CANADIAN SUPERVISORY AUTHORITY: Statement by the Privacy Commissioner following release of ETHI Committee report on oversight of social media platforms Microsoft Monthly Updates (AL01/240814/CSIRT-ITA) – Update Mitel: Public PoC for Exploitation of CVE-2024-41713, CVE-2024-35286 and a Zero-Day Vulnerability (AL02/241206/CSIRT-ITA) Google: Security Updates for Pixel Devices (AL03/241206/CSIRT-ITA) Vulnerability in QNAP Products (AL04/241206/CSIRT-ITA) HUNGARIAN SUPERVISORY AUTHORITY: EDPB Guidelines 02/2024 on the application of Article 48 of the GDPR Vulnerabilities in SonicWall Products (AL01/241206/CSIRT-ITA) Fixed vulnerability in SailPoint IdentityIQ (AL03/241205/CSIRT-ITA) Fixed vulnerabilities in Django (AL01/241205/CSIRT-ITA) LIECHTENSTEIN SUPERVISORY AUTHORITY: Relevant case law – Update #1 Vulnerability in Solarwinds (AL02/241205/CSIRT-ITA) IRISH SUPERVISORY AUTHORITY: The Data Protection Commission announces conclusion of inquiry into Sligo County Council Fixed vulnerabilities in MISP (AL04/241205/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: Use of BriefCam and other video analysis software by the State and municipalities: the CNIL issues several formal notices Vulnerability in Zabbix (AL01/241202/CSIRT-ITA) – Update Vulnerability in Progress WhatsUp Gold (AL01/240925/CSIRT-ITA) – Update CVE-2024-11667 Network Exploit Detected in Zyxel Firewall (AL02/241204/CSIRT-ITA) Vulnerability in Veeam Service Provider Console (AL03/241204/CSIRT-ITA) Fixed vulnerabilities in Google Chrome (AL01/241204/CSIRT-ITA) Android Security Updates (AL01/241203/CSIRT-ITA) ITALIAN SUPERVISORY AUTHORITY: Privacy Guarantor: yes to the Code of Conduct for management software producers ITALIAN SUPERVISORY AUTHORITY: No to photos of minors under 14 on social media without the consent of both parents – The Guarantor warns a father ITALIAN SUPERVISORY AUTHORITY: PA Competitions, from the Privacy Guarantor 50 thousand euro fine to INPS – Personal data of over 5 thousand participants released ITALIAN SUPERVISORY AUTHORITY: Telemarketing: the Privacy Guarantor fines Sky Italia – Over 840 thousand euros for consents and information not in compliance DANISH SUPERVISORY AUTHORITY: The EDPB adopts guidance on Article 48 of the Data Protection Regulation LATVIAN SUPERVISORY AUTHORITY: Data processing in closed social media groups. Private needs Vulnerability in Zabbix (AL01/241202/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: How can personal data be obtained? Jenkins Core Security Updates (AL01/241128/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation LATVIAN SUPERVISORY AUTHORITY: The examination of short-term vehicle rental compliance with data protection requirements has been completed Security Updates for Mozilla Products (AL03/241127/CSIRT-ITA) CANADIAN SUPERVISORY AUTHORITY: Federal, provincial, and territorial privacy regulators address responsible information-sharing in situations involving intimate partner violence DANISH SUPERVISORY AUTHORITY: reports Lyngby-Taarbæk Municipality to the police Fixed vulnerabilities in VMware products (AL01/241127/CSIRT-ITA) Fixed vulnerabilities on GitLab CE/EE (AL02/241127/CSIRT-ITA) AUSTRALIAN SUPERVISORY AUTHORITY: Grubisa companies interfered with Australians’ privacy by scraping data DANISH SUPERVISORY AUTHORITY: further strengthens guidance efforts in the event of a breach of personal data security FRENCH SUPERVISORY AUTHORITY: AI: Does your voice assistant know your private life? Vulnerability in QNAP Products (AL01/241125/CSIRT-ITA) Vulnerability detected in 7-Zip (AL01/241122/CSIRT-ITA) Vulnerabilities found in Needrestart (AL03/241121/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: Failure to designate a data protection officer: closure of the procedure against the municipality of KOUROU LATVIAN SUPERVISORY AUTHORITY: What is integrated data protection? HONG KONG SUPERVISORY AUTHORITY: PCPD and HKPC Jointly Release“Hong Kong Enterprise Cyber Security Readiness Index” Rises by 5.8 Points Approaching the Level in Year 2022; “Human Awareness Building” Remains at Low Levels Vulnerability detected in Atlassian products (AL01/241121/CSIRT-ITA) Drupal Updates (AL02/241121/CSIRT-ITA) SLOVENIAN SUPERVISORY AUTHORITY: Guide to data protection for small businesses POLISH SUPERVISORY AUTHORITY: Seminar “Health Protection in Employment and GDPR” – Summary Zyxel Product Updates (AL03/240903/CSIRT-ITA) – Update Citrix: Public PoC for CVE-2024-8069 Exploitation (AL02/241114/CSIRT-ITA) – Update Fixed vulnerabilities in Google Chrome (AL04/241120/CSIRT-ITA) Apple: Network Exploitation of CVE-2024-44308 and CVE-2024-44309 Vulnerabilities Detected (AL01/241120/CSIRT-ITA) SPANISH SUPERVISORY AUTHORITY: The Agency approves a new mediation system to speed up data protection claims in electronic communications Citrix: Public PoC for CVE-2024-8069 Exploitation (AL02/241114/CSIRT-ITA) – Update Vulnerabilities in Trend Micro Products (AL02/241120/CSIRT-ITA) Siemens Product Updates (AL01/241119/CSIRT-ITA) Palo Alto Networks: Network Exploitation of a Vulnerability in PAN-OS Software Detected (AL02/241115/CSIRT-ITA) – Update Vulnerability in Apache Tomcat (AL03/241119/CSIRT-ITA) Oracle: Network Exploitation of CVE-2024-21287 Detected (AL02/241119/CSIRT-ITA) Fixed Vulnerabilities in VMware Products (AL01/240918/CSIRT-ITA) – Update BELGIAN SUPERVISORY AUTHORITY: Limburg.net: DPA looks into privacy aspect of data leak NORWEGIAN SUPERVISORY AUTHORITY: X trains AI on user data FRENCH SUPERVISORY AUTHORITY: Augmented cameras in the passenger compartments of freight vehicles AUSTRALIAN SUPERVISORY AUTHORITY: Bunnings breached Australians’ privacy with facial recognition tool ROMANIAN SUPERVISORY AUTHORITY: Penalty for non-compliance with the GDPR HONG KONG SUPERVISORY AUTHORITY: Privacy Commissioner’s Office Reviews the Collection of Personal Data by 10 Online Travel Platforms DANISH SUPERVISORY AUTHORITY: Meta gives users more options FRENCH SUPERVISORY AUTHORITY: EDPS adopts guidelines to clarify the notion of “tracing” in the ePrivacy Directive Fixed vulnerabilities in Google Chrome (AL03/240918/CSIRT-ITA) POLISH SUPERVISORY AUTHORITY: The Supreme Administrative Court confirmed that withdrawal of consent cannot be impeded FRENCH SUPERVISORY AUTHORITY: EU-US data protection framework, data access for law enforcement: EDPB adopts two new documents Palo Alto Networks fixes vulnerabilities in various products (AL03/241114/CSIRT-ITA) HONG KONG SUPERVISORY AUTHORITY: A 29-year-old Female Arrested for Suspected Doxxing ofAnother WomanBecause of Relationship Entanglements FINNISH SUPERVISORY AUTHORITY: Penalty payment to Posti for data protection deficiencies in the OmaPosti service Palo Alto Networks: Public PoC for Exploitation of Vulnerabilities in Firewall Products (AL02/241010/CSIRT-ITA) – Update Palo Alto Networks: rilevato sfruttamento in rete di una vulnerabilità nel software PAN-OS (AL02/241115/CSIRT-ITA) Detecting Vulnerability in PostgreSQL (AL03/241115/CSIRT-ITA) Vulnerabilities in Zoom (AL04/241114/CSIRT-ITA) SPANISH SUPERVISORY AUTHORITY: The AEPD and the Atresmedia Foundation launch the campaign ‘No to the digital free bar’ to warn about the risks of early access to mobile phones Citrix: Public PoC for CVE-2024-8069 Exploitation (AL02/241114/CSIRT-ITA) Mozilla: Vulnerability in Thunderbird Software (AL01/241114/CSIRT-ITA) Fixed vulnerabilities on GitLab CE/EE (AL06/241113/CSIRT-ITA) D-Link: Public PoC for Exploitation of CVE-2024-10914 (AL01/241111/CSIRT-ITA) – Update POLISH SUPERVISORY AUTHORITY: Personal data and liability for damages: Consequences of the CJEU judgment NORWEGIAN SUPERVISORY AUTHORITY: Meta gives users new options Adobe Releases Updates to Fix Multiple Vulnerabilities (AL04/241113/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation Microsoft Monthly Updates (AL01/241113/CSIRT-ITA) Fortinet: Vulnerabilities found in multiple products (AL05/241113/CSIRT-ITA) Vulnerabilities in Citrix Products (AL02/241113/CSIRT-ITA) Ivanti November Security Update (AL03/241113/CSIRT-ITA) SAP Security Patch Day (AL02/241112/CSIRT-ITA) Schneider Electric: Vulnerabilities Resolved in Various Products (AL01/241112/CSIRT-ITA) Vulnerabilities Found in DLink DSL6740C Product (AL03/241112/CSIRT-ITA) SPANISH SUPERVISORY AUTHORITY: The age verification system proposed by the AEPD receives two awards at the Global Privacy Assembly HONG KONG SUPERVISORY AUTHORITY: Commended 67 Secondary Schools as “Partnering Schools” in Promoting a Privacy-Friendly Culture on Campus Siemens Product Updates (AL04/241112/CSIRT-ITA) CANADIAN SUPERVISORY AUTHORITY: Privacy Commissioner announces investigation into World Anti-Doping Agency DANISH SUPERVISORY AUTHORITY: Brøndby Municipality receives serious criticism for lack of safety measures D-Link: Public PoC for Exploitation of CVE-2024-10914 (AL01/241111/CSIRT-ITA) Palo Alto Networks Addresses Vulnerabilities in Multiple Products (AL03/240711/CSIRT-ITA) – Update Google: Security Updates for Pixel Devices (AL01/241108/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation Vulnerabilities in Netgear Products (AL02/241107/CSIRT-ITA) Resolved vulnerabilities in Cisco products (AL01/241107/CSIRT-ITA) Vulnerability in Veeam Backup Enterprise Manager (AL03/241107/CSIRT-ITA) Security Updates for Synology Products (AL05/241107/CSIRT-ITA) DUTCH SUPERVISORY AUTHORITY: Final recommendation on supervision of AI: sector and centrally coordinated FINNISH SUPERVISORY AUTHORITY: The EDPB evaluated the data transfer framework of the EU and the US and issued a statement on law enforcement authorities’ access to personal data Android Security Updates (AL02/241106/CSIRT-ITA) Security Updates for Synology Products (AL03/241029/CSIRT-ITA) – Update Fixed vulnerabilities in Google Chrome (AL01/241106/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: Processing of criminal records: CNIL calls two ministries to order CROATIAN SUPERVISORY AUTHORITY: EDPB session chaired by Vice President Zdravko Vukić: adopted the first report on the EU-US Data Protection Framework and the statement on recommendations on access to data for law enforcement AUSTRALIAN SUPERVISORY AUTHORITY: OAIC publishes guidance on tracking pixels and privacy obligations Vulnerability in QNAP Products (AL01/241104/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation LATVIAN SUPERVISORY AUTHORITY: What are the most common mistakes made in cookie banners? POLISH SUPERVISORY AUTHORITY: Lack of appropriate technical and organisational measures may cause problems GERMAN SUPERVISORY AUTHORITY: Global Privacy Assembly adopts resolution for trustworthy international data traffic SWISS SUPERVISORY AUTHORITY: Concluding Statement on Data Scraping Fixed vulnerabilities in Google Chrome (AL01/301024/CSIRT-ITA) Updates for Autodesk Products (AL04/241030/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: Data leak and theft of your IBAN: how to protect yourself if you are affected? CyberPanel: Network Exploitation of 3 CVEs Detected (AL03/241030/CSIRT-ITA) Security Updates for Mozilla Products (AL02/241030/CSIRT-ITA) NORWEGIAN SUPERVISORY AUTHORITY: Violation fee to Grue Municipality Apple Security Updates (AL01/241029/CSIRT-ITA) Vulnerability in QNAP Products (AL04/241029/CSIRT-ITA) Fixed vulnerability in Squid (AL02/241029/CSIRT-ITA) Security Updates for Synology Products (AL03/241029/CSIRT-ITA) HONG KONG SUPERVISORY AUTHORITY: Data Scraping on Social Media Raises Concerns – The PCPD, together with 15 Privacy Protection Authorities, Issuesa Global Joint Statement to Social Media Platforms CANADIAN SUPERVISORY AUTHORITY: Global privacy authorities issue follow-up joint statement on data scraping after industry engagement Updates for VMware Spring (AL01/241028/CSIRT-ITA) Updates for REXML (AL02/241028/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: Boliglag.dk is criticized for illegal processing of information about home owners Samsung: CVE-2024-44068 Network Exploit Detected on Exynos Products (AL02/241025/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: investigated the free primary schools’ processing of personal data Resolved Vulnerabilities in Cisco Products (AL02/241024/CSIRT-ITA) – Update Detected network exploitation of CVE-2024-37383 relating to Roundcube Webmail (AL01/241025/CSIRT-ITA) ICELANDIC SUPERVISORY AUTHORITY: Opinion on the use of social media by political organizations for the 2021 parliamentary elections IRISH SUPERVISORY AUTHORITY: fined LinkedIn Ireland €310 million Fortinet: Network Exploitation of CVE-2024-47575 Detected (AL01/241024/CSIRT-ITA) Siemens: updates for InterMesh Subscriber (AL03/241024/CSIRT-ITA) Fixed vulnerabilities on GitLab CE/EE (AL03/241023/CSIRT-ITA) DUTCH SUPERVISORY AUTHORITY: Holiday parks adjust use of facial recognition after investigation by Dutch DPA Vulnerabilities in Google Chrome fixed (AL02/241023/CSIRT-ITA) Vulnerability in Liferay (AL01/241023/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation HONG KONG SUPERVISORY AUTHORITY: Published Investigation Findings onthe Data Breach Incident of South China Athletic Association and Launched “Data Security” Package for Schools, NGOs and SMEs Security Updates for Synology Products (AL01/241022/CSIRT-ITA) Microsoft Monthly Updates (AL01/240710/CSIRT-ITA) – Update AUSTRALIAN SUPERVISORY AUTHORITY: New AI guidance makes privacy compliance easier for business Apple Security Updates (AL01/240917/CSIRT-ITA) – Update Trend Micro Product Updates (AL02/241018/CSIRT-ITA) Vulnerabilities detected in F5 BIG-IP (AL01/241018/CSIRT-ITA) Updates for VMware Spring (AL04/241018/CSIRT-ITA) Multiple Vulnerabilities in Various Veeam Products (AL02/240906/CSIRT-ITA) – Update Fixed vulnerabilities in Google Chrome (AL05/241017/CSIRT-ITA) Fixed vulnerability in Grafana (AL03/241018/CSIRT-ITA) BELGIAN SUPERVISORY AUTHORITY: Data processing for “legitimate interests”: the EDPB publishes its guidelines LIECHTENSTEIN SUPERVISORY AUTHORITY: Disclosure of personal data by public bodies in Liechtenstein FRENCH SUPERVISORY AUTHORITY: G7 data protection authorities affirm their role in AI governance Microsoft Monthly Updates (AL01/240612/CSIRT-ITA) – Update Drupal Updates (AL04/241017/CSIRT-ITA) Vulnerability in Solarwinds Web Help Desk (AL05/240814/CSIRT-ITA) – Update Vulnerability found in Image Builder for Kubernetes (AL02/241017/CSIRT-ITA) Vulnerability detected in VMware products (AL01/241017/CSIRT-ITA) Resolved vulnerabilities in Cisco products (AL03/241017/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board clarified the requirements for the use of personal data processors and issued a statement on the draft regulation on cross-border matters Oracle Critical Patch Update (AL02/241016/CSIRT-ITA) Mozilla: Firefox Browser Vulnerability (AL01/241016/CSIRT-ITA) Vulnerabilities in Solarwinds Products (AL03/241016/CSIRT-ITA) ICELANDIC SUPERVISORY AUTHORITY: EDPB opinion on processors and guidance on legitimate interests HONG KONG SUPERVISORY AUTHORITY: Welcomed LinkedIn’sPause of Using Hong Kong Users’ Personal Data forTraining Generative Artificial Intelligence (AI) Models Detecting Vulnerability in Splunk Products (AL01/241015/CSIRT-ITA) Updates for VMware Spring (AL02/240913/CSIRT-ITA) – Update Apple Security Updates (AL01/240917/CSIRT-ITA) – Update Microsoft Monthly Updates (AL01/241009/CSIRT-ITA) – Update Fixed vulnerabilities in Apache OFBiz (AL02/240904/CSIRT-ITA) – Update Mozilla: CVE-2024-9680 (AL03/241010/CSIRT-ITA) Network Exploit Detected – Update GERMAN SUPERVISORY AUTHORITY: BfDI at G7 Roundtable in Rome FRENCH SUPERVISORY AUTHORITY: Online age verification: the CNIL has issued its opinion on the Arcom framework concerning access to pornographic sites Vulnerabilities in SonicWall Products (AL01/241011/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: Lawful data processing – application of the legal basis Vulnerabilities found in Fortinet products (AL03/240209/CSIRT-ITA) – Update Fixed vulnerability on GitLab CE/EE (AL01/241010/CSIRT-ITA) Palo Alto Networks: Public PoC for Exploitation of Vulnerabilities in Firewall Products (AL02/241010/CSIRT-ITA) Ruby-SAML Updates (AL05/240918/CSIRT-ITA) – Update Security Updates for Juniper Networks Products (AL04/241010/CSIRT-ITA) Microsoft Monthly Updates (AL01/241009/CSIRT-ITA) Fixed vulnerabilities in Google Chrome (AL02/241009/CSIRT-ITA) Vulnerabilities in Apache Avro (AL02/241008/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: The CNIL has issued eleven new sanctions in the last three months under the simplified procedure CROATIAN SUPERVISORY AUTHORITY: The European Data Protection Board adopted the Guidelines on Legitimate Interest DANISH SUPERVISORY AUTHORITY: The EDPB adopts an opinion on the data controller’s obligations when using data processors Adobe Releases Updates to Fix Multiple Vulnerabilities (AL03/241009/CSIRT-ITA) Android Security Updates (AL01/241008/CSIRT-ITA) Fixed vulnerabilities in Schneider Electric products (AL03/241008/CSIRT-ITA) Ivanti October Security Update (AL06/241008/CSIRT-ITA) SAP Security Patch Day (AL04/241008/CSIRT-ITA) Updates for Siemens products (AL05/241008/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: Helsingør Municipality’s processing of illegally obtained information was in accordance with the data protection rules LATVIAN SUPERVISORY AUTHORITY: In Cyber ​​Security Month, we remind you about data security online! DrayTek Products Vulnerabilities Remediated (AL01/241007/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: Citizens had the right to access the name of the unintended recipient Fixed vulnerabilities on Zimbra Collaboration (AL01/240906/CSIRT-ITA) – Update ICELANDIC SUPERVISORY AUTHORITY: Meta fined over 13 billion for keeping social media users’ passwords unencrypted Fixed vulnerability in Ivanti products (AL03/240522/CSIRT-ITA) – Update WithSecure Updates (AL04/241003/CSIRT-ITA) Resolved vulnerabilities in Cisco products (AL03/241003/CSIRT-ITA) Sophos Intercept X for Windows Vulnerability Resolution (AL02/241003/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: Sanctions for non-compliance with the GDPR SPANISH SUPERVISORY AUTHORITY: The AEPD publishes an analysis on the protection of children and adolescents in the digital environment FINNISH SUPERVISORY AUTHORITY: Deputy Data Protection Commissioner: mobile phone subscription forwarding data can be personal data Fixed vulnerabilities on Zimbra Collaboration (AL01/240906/CSIRT-ITA) – Update Security Updates for Mozilla Products (AL01/241002/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: How can information about data processing be provided to the data subject? GERMAN SUPERVISORY AUTHORITY: BfDI welcomes BKA-II decision IRISH SUPERVISORY AUTHORITY: Irish Data Protection Commission fines Meta Ireland €91 million Vulnerability in PHP (AL03/240927/CSIRT-ITA) Security Update for Synology Products (AL02/240927/CSIRT-ITA) OpenPrinting: Vulnerability detected in CUPS (AL01/240927/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: Processing of personal data after termination of employment relationship #2 AUSTRALIAN SUPERVISORY AUTHORITY: ‘Mainstreaming’ access to information a must for IAID 2024 Fixed Grafana weakness (AL03/240926/CSIRT-ITA) Addressing Vulnerability in Cisco Products (AL02/240926/CSIRT-ITA) SPANISH SUPERVISORY AUTHORITY: The AEPD participates in the second edition of the European Blockchain Sandbox, a project of the European Commission to offer legal certainty Vulnerability resolved in Google Chrome (AL01/240926/CSIRT-ITA) Vulnerability in Progress WhatsUp Gold (AL01/240925/CSIRT-ITA) Vulnerability in Progress WhatsUp Gold (AL01/240925/CSIRT-ITA) Hype-themed smishing campaign (AL02/240925/CSIRT-ITA) Ivanti August security update (A03/240814/CSIRT -ITA) – Update FRENCH SUPERVISORY AUTHORITY: Mobile applications: your privacy must be better protected Vulnerability in Apache Tomcat (AL02/240924/CSIRT-ITA) GREEK SUPERVISORY AUTHORITY: Decision on new type of identity card for Greek citizens Fixed vulnerabilities in Google Chrome (AL03/240822/CSIRT-ITA) – Update POLISH SUPERVISORY AUTHORITY: Personal data breaches caused by the flood situation Multiple vulnerabilities in various Veeam products (AL02/240906/CSIRT-ITA) Ivanti: Network Exploitation of CVE-2024-8963 Detected in Cloud Service Appliance Product (AL01/240920/CSIRT-ITA) HONG KONG SUPERVISORY AUTHORITY: Privacy Commissioner Urges Job Seekers to Stay Vigilant about“Blind” Recruitment Advertisements – Online Doxxing Messages Dropped by 90% on Third Anniversary of Anti-Doxxing Law FINNISH SUPERVISORY AUTHORITY: The decision of the Deputy Data Protection Commissioner in the case regarding the disclosure of incorrect payment default information became legally binding Ruby-SAML Updates (AL05/240918/CSIRT-ITA) Fixed vulnerability in Apache OFBiz (AL02/240805/CSIRT-ITA) – Update NORWEGIAN SUPERVISORY AUTHORITY: X trains AI on user data SPANISH SUPERVISORY AUTHORITY: The AEPD prepares guidelines on obligations and responsibilities for the use of mobile devices in educational centres Microsoft Monthly Updates (AL01/240814/CSIRT-ITA) – Update Vulnerabilities in Solarwinds Products (AL03/240916/CSIRT-ITA) ITALIAN SUPERVISORY AUTHORITY: €5 million fine to electricity and gas supplier – Door-to-door agents activated unsolicited contracts for unaware customers ITALIAN SUPERVISORY AUTHORITY: Deceptive design, international survey: still too many obstacles for users – The results of the Sweep, carried out by the Global Privacy Enforcement Network (GPEN), of which the Italian Data Protection Authority is a part ITALIAN SUPERVISORY AUTHORITY: Journalism: Guarantor, no to details that violate the privacy of minors CROATIAN SUPERVISORY AUTHORITY: New administrative fines were issued in the total amount of 270,700 euros Updates for VMware Spring (AL02/240913/CSIRT-ITA) IRISH SUPERVISORY AUTHORITY: Data Protection Commission launches inquiry into Google AI model Palo Alto Networks: PAN-OS vulnerabilities fixed (AL01/240912/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: Health data: €800,000 fine against CEGEDIM SANTÉ Cisco Products Vulnerabilities Addressed (AL03/240912/CSIRT-ITA) Fixed vulnerabilities on GitLab CE/EE (AL02/240912/CSIRT-ITA) LITHUANIAN SUPERVISORY AUTHORITY: VDAI warns residents about fraud Vulnerabilities in OwnCloud Products (AL09/240911/CSIRT-ITA) Microsoft Monthly Updates (AL01/240911/CSIRT-ITA) Remediated vulnerabilities in Schneider Electric products (AL02/240910/CSIRT-ITA) SAP Security Patch Day (AL01/240910/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: What should be taken into account when identifying a person by telephone? CANADIAN SUPERVISORY AUTHORITY: welcomes the Federal Court of Appeal’s decision on Facebook Vulnerability in QNAP Products (AL01/240909/CSIRT-ITA) Apache AirFlow Vulnerabilities fixed (AL02/240909/CSIRT-ITA) Kibana Updates (AL04/240906/CSIRT-ITA) Vulnerabilities in SonicWall Products (AL02/240823/CSIRT-ITA) – Update BELGIAN SUPERVISORY AUTHORITY: GBA takes measures against Mediahuis for unlawful use of cookie banners on press sites Fixed vulnerabilities on Zimbra Collaboration (AL01/240906/CSIRT-ITA) Multiple vulnerabilities in various Veeam products (AL02/240906/CSIRT-ITA) Trend Micro Product Updates (AL03/240906/CSIRT-ITA) Fixed vulnerability in Cisco products (AL02/240905/CSIRT-ITA) Zyxel Product Updates (AL03/240903/CSIRT-ITA) – Update LIECHTENSTEIN SUPERVISORY AUTHORITY: Activity Report 2023 Security Updates for Google Pixel Devices (AL03/240905/CSIRT-ITA) OpenEdge Vulnerabilities Fixed (AL01/240905/CSIRT-ITA) Fixed vulnerabilities in Django (AL01/240904/CSIRT-ITA) Fixed vulnerabilities in Apache OFBiz (AL02/240904/CSIRT-ITA) IRISH SUPERVISORY AUTHORITY: welcomed conclusion of proceedings relating to X’s AI tool ‘Grok’ Vulnerabilities Found in DLink DIR-846 Wireless Router (AL05/240904/CSIRT-ITA) Android Security Updates (AL03/240904/CSIRT-ITA) Security Updates for Mozilla Products (AL04/240904/CSIRT-ITA) New malware spreading technique detected via GitHub (AL06/240904/CSIRT-ITA) Fixed vulnerabilities in Google Chrome (AL02/240903/CSIRT-ITA) Zyxel Product Updates (AL03/240903/CSIRT-ITA) Fixed vulnerability in VMware Fusion (AL04/240903/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: How are student and graduate data processed? Fixed vulnerabilities in MISP (AL01/240903/CSIRT-ITA) DUTCH SUPERVISORY AUTHORITY: fine on Clearview because of illegal data collection for facial recognition HONG KONG SUPERVISORY AUTHORITY: A 50-year-old Female Arrested forSuspected Doxxing Arising from Monetary Disputes Moodle Vulnerability (AL04/240822/CSIRT-ITA) – Update CANADIAN SUPERVISORY AUTHORITY: OPC funds research projects related to children’s privacy, and the impact of technology on privacy Fixed vulnerability in Apache OFBiz (AL02/240805/CSIRT-ITA) – Update Fixed vulnerability in Cisco products (AL01/240829/CSIRT-ITA) Fixed vulnerabilities in Google Chrome (AL02/240829/CSIRT-ITA) FileCatalyst Workflow Updates Released (AL01/240828/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: Contract performance as a legal basis for personal data processing FRENCH SUPERVISORY AUTHORITY: Binding Corporate Rules (BCR): CNIL publishes a monitoring tool Fixed vulnerabilities in Google Chrome (AL03/240822/CSIRT-ITA) – Update DANISH SUPERVISORY AUTHORITY: IDA Forsikring’s use of artificial intelligence for the analysis of recorded telephone conversations AUTORITÀ DI CONTROLLO OLANDESE: Dutch DPA imposes a fine of 290 million euro on Uber because of transfers of drivers’ data to the US Role of cloud service providers in the Thai PDPA: Responsibilities and obligations in handling customer data Role of cloud service providers in the Thai PDPA: Responsibilities and obligations in handling customer data Artificial Intelligence and the Thai PDPA: a complex union PDPA vs GDPR: an in-depth comparison The Thai PDPA: an in-depth analysis of sanctions and the importance of the DPO and representative Vulnerabilities in SonicWall Products (AL02/240823/CSIRT-ITA) The Thai Personal Data Protection Act (PDPA) Microsoft Edge Updates (AL01/240823/CSIRT-ITA) Updates for REXML (AL02/240822/CSIRT-ITA) HONG KONG SUPERVISORY AUTHORITY: New Versions of“Code of Practice on the Identity Card Number and other Personal Identifiers: Compliance Guide for Data Users” andInformation Leaflet titled “Your Identity Card Number and Your Privacy” Fixed vulnerabilities in Google Chrome (AL03/240822/CSIRT-ITA) Moodle Vulnerability (AL04/240822/CSIRT-ITA) Fixed vulnerabilities on GitHub Enterprise Server (AL01/240822/CSIRT-ITA) Vulnerability in Solarwinds Web Help Desk (AL05/240814/CSIRT-ITA) – Update AUSTRALIAN SUPERVISORY AUTHORITY: Statement on Clearview AI Vulnerability in Progress WhatsUp Gold (AL02/240821/CSIRT-ITA) Vulnerability found in NGINX Ingress Controller for Kubernetes (AL03/240821/CSIRT-ITA) Autodesk Product Updates (AL04/240821/CSIRT-ITA) Vulnerability in Azure Managed Instance for Apache Cassandra (AL01/240821/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: A new penalty for breaching GDPR Vulnerability in Apache DolphinScheduler (AL01/240820/CSIRT-ITA) Vulnerabilities detected in F5 BIG-IP (AL01/240819/CSIRT-ITA) Palo Alto Networks: Cortex XSOAR vulnerability resolved (AL01/240816/CSIRT-ITA) Updates for VMware Spring (AL02/240816/CSIRT-ITA) SWISS SUPERVISORY AUTHORITY: New Swiss-US Data Privacy Framework Ivanti August Security Update (AL03/240814/CSIRT-ITA) Adobe Releases Updates to Fix Multiple Vulnerabilities (AL02/240814/CSIRT-ITA) Zoom Vulnerability (AL04/240814/CSIRT-ITA) Microsoft Monthly Updates (AL01/240814/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: Can a teacher ask students to complete surveys? SAP Security Patch Day (AL03/240813/CSIRT-ITA) Remediated vulnerabilities in Schneider Electric products (AL01/240813/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: The Family Court is once again receiving serious criticism LITHUANIAN SUPERVISORY AUTHORITY: updated the Guidelines for managed personal data security measures and risk assessment for data managers and data processors Siemens Product Updates (AL02/240813/CSIRT-ITA) Vulnerabilities found in PostgreSQL (AL01/240812/CSIRT-ITA) ICELANDIC SUPERVISORY AUTHORITY: X ordered to stop processing personal data of its users in order to train the artificial intelligence tool “Grok” Security Updates for Mozilla Products (AL06/240806/CSIRT-ITA) – Update ITALIAN SUPERVISORY AUTHORITY: Car Rental: Privacy Guarantor fines a bank and a leasing company. Proceedings concluded with the payment of a reduced fine Vulnerability in Microsoft Windows (AL01/240809/CSIRT-ITA) ITALIAN SUPERVISORY AUTHORITY: Artificial Intelligence, Guarantor: yes to the bill but with due caution.Further measures requested to protect personal data Microsoft Monthly Updates (AL01/240710/CSIRT-ITA) – Update ITALIAN SUPERVISORY AUTHORITY: Oncological oblivion, useful information from the Privacy Guarantor for citizens and businesses IRISH SUPERVISORY AUTHORITY: The DPC welcomes X’s agreement to suspend its processing of personal data for the purpose of training AI tool ‘Grok’. Security Updates for Google Pixel Devices (AL03/240808/CSIRT-ITA) Vulnerabilities found in MongoDB (AL02/240808/CSIRT-ITA) Jenkins Core Security Updates (AL01/240808/CSIRT-ITA) Fixed vulnerabilities in Google Chrome (AL01/240807/CSIRT-ITA) Vulnerability in Progress WhatsUp Gold (AL02/240627/CSIRT-ITA) – Update Kibana Update (AL02/240806/CSIRT-ITA) LibreOffice Security Updates (AL03/240806/CSIRT-ITA) Android Security Updates (AL04/240806/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation DUTCH SUPERVISORY AUTHORITY: Caution: use of AI chatbot may lead to data breaches Roundcube Webmail Vulnerabilities Fixed (AL01/240806/CSIRT-ITA) Fixed vulnerability in Django (AL05/240806/CSIRT-ITA) Security Updates for Mozilla Products (AL06/240806/CSIRT-ITA) Microsoft Monthly Updates (AL07/240409/CSIRT-ITA) – Update Fixed vulnerability in Apache OFBiz (AL02/240805/CSIRT-ITA) Apache: CVE-2024-32113 Network Exploit Detected (AL01/240805/CSIRT-ITA) ICELANDIC SUPERVISORY AUTHORITY: EDPB publishes guidelines on the arrangements for data transfers by European Union institutions to third countries ICELANDIC SUPERVISORY AUTHORITY: European Union AI law comes into force today  HONG KONG SUPERVISORY AUTHORITY: Six Tips to Prevent Fraud and demonstration Deepfake Face Swapping Fixed vulnerability in Bitdefender (AL02/240801/CSIRT-ITA) Updates for REXML (AL03/240801/CSIRT-ITA) Fixed vulnerability in cURL (AL01/240801/CSIRT-ITA) Fixed vulnerabilities in Google Chrome (AL01/240731/CSIRT-ITA) FINNISH SUPERVISORY AUTHORITY: The European Commission’s assessment of the GDPR: the regulation has achieved significant results, but harmonization still needs to be developed LITHUANIAN SUPERVISORY AUTHORITY: investigation into data breach of the Employment Service under the Ministry of Social Security and Labor of the Republic of Lithuania Apple Security Updates (AL01/240730/CSIRT-ITA) LIECHTENSTEIN SUPERVISORY AUTHORITY: Google Street View in Liechtenstein Oracle Critical Patch Update (AL01/240717/CSIRT-ITA) – Update Vulnerability in Apache HTTP Server (AL01/240722/CSIRT-ITA) – Update Fixed vulnerability in Moby for Docker (AL02/240726/CSIRT-ITA) – Update VMware ESXi and VMware Cloud Foundation: Network Exploitation of CVE-2024-37085 Detected (AL03/240730/CSIRT-ITA) Microsoft Monthly Updates (AL01/240710/CSIRT-ITA) – Update SLOVENIAN SUPERVISORY AUTHORITY: New IWGDPT Working Papers on Facial Recognition Technologies and Central Bank Digital Currencies CYPRIOT SUPERVISORY AUTHORITY: Posting / reposting a school photoon social media Updates for REXML (AL02/240718/CSIRT-ITA) – Update Vulnerabilities in ServiceNow Products (AL05/240711/CSIRT-ITA) – Update Fixed vulnerability in Moby for Docker (AL02/240726/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: Failure to appoint a data protection officer: the municipality of KOUROU will still have to pay 6,900 euros Vulnerabilities discovered in Progress Telerik products (AL01/240726/CSIRT-ITA) Updates for VMware Spring Cloud Data Flow (AL01/240725/CSIRT-ITA) Fixed vulnerabilities on GitLab CE/EE (AL02/240725/CSIRT-ITA) Security Updates for Acronis Cyber ​​Infrastructure (AL03/240724/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: The Korean Data Protection Authority (PIPC) publishes guidelines for foreign companies Fixed vulnerabilities in Google Chrome (AL02/240724/CSIRT-ITA) Fixed vulnerability in Linux kernel (AL01/240724/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: The sanctioning regime for the public sector Updates for ISC BIND (AL01/240723/CSIRT-ITA) Vulnerability in Apache HTTP Server (AL01/240722/CSIRT-ITA) Updates for Siemens products (AL02/240722/CSIRT-ITA) Vulnerability in Solarwinds Products (AL05/240718/CSIRT-ITA) – Update FRENCH SUPERVISORY AUTHORITY: Cloud: the risks of a European certification allowing foreign authorities access to sensitive data SUPERVISORY AUTHORITY OF LUXEMBOURG: THEMATIC INVESTIGATIONS ON TRANSPARENCY IN THE ONLINE SERVICES SECTOR Critical Patch Update of Oracle (AL01/240717/CSIRT-ITA) Vulnerabilities in Solarwinds products (AL05/240718/CSIRT-ITA) AUSTRALIAN SUPERVISORY AUTHORITY: Statement on MediSecure breach Zero-day vulnerabilities found in NetScaler ADC and NetScaler Gateway (AL02/240117/CSIRT-ITA) – Update Updates for REXML (AL02/240718/CSIRT-ITA) Fixed vulnerabilities in Cisco products (AL01/240718/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: How to Deploy Generative AI: CNIL Provides Initial Clarifications Vulnerabilities in SonicWall Products (AL03/240718/CSIRT-ITA) Vulnerabilities discovered in Atlassian products (AL04/240718/CSIRT-ITA) IRISH SUPERVISORY AUTHORITY: AI, Large Language Models and Data Protection Adobe releases updates to fix multiple vulnerabilities (AL03/240612/CSIRT-ITA) – Update Vulnerability in Solarwinds Products (AL06/240612/CSIRT-ITA) – Update Network exploitation of CVE-2024-27348 vulnerability related to Apache HugeGraph-Server (AL03/240717/CSIRT-ITA) detected Fixed vulnerabilities in Google Chrome (AL02/240717/CSIRT-ITA) Security Updates for Mozilla Products (AL06/240709/CSIRT-ITA) – Update DANISH SUPERVISORY AUTHORITY: Press release from EDPB meeting on 16 July 2024 Updates for Autodesk products (AL04/240717/CSIRT-ITA) Fixed vulnerabilities in Ivanti products (AL05/240717/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: 2024 Legislative Elections: The CNIL Election Observatory’s Report Fixed Vulnerabilities in VMware vCenter Server (AL01/240618/CSIRT-ITA) – Update Microsoft Monthly Updates (AL01/240710/CSIRT-ITA) – Update Fixed vulnerabilities on GitLab CE/EE (AL01/240627/CSIRT-ITA) – Update HONG KONG SUPERVISORY AUTHORITY: Response of the Privacy Commissioner’s Office to the Consumer Council’s Study Report on Home Removal Companies Vulnerability in Progress WhatsUp Gold (AL02/240627/CSIRT-ITA) – Update Android Security Updates (AL01/240703/CSIRT-ITA) – Update Updates for Siemens products (AL03/240709/CSIRT-ITA) – Update Exim: Public PoC for the exploitation of CVE-2024-39929 (AL01/240715/CSIRT-ITA) Microsoft Monthly Updates (AL01/240612/CSIRT-ITA) – Update CYPRIOT SUPERVISORY AUTHORITY: NOTICE OF DPO FOR CLOSED CIRCUIT TELEVISION IN GYMS Vulnerabilities in Citrix products (AL01/240712/CSIRT-ITA) Palo Alto Networks Addresses Vulnerabilities in Multiple Products (AL03/240711/CSIRT-ITA) Vulnerabilities in Netgear products (AL06/240711/CSIRT-ITA) Vulnerabilities in Juniper Networks Products (AL04/240711/CSIRT-ITA) Fixed vulnerability in VMware products (AL02/240711/CSIRT-ITA) Vulnerabilities in ServiceNow products (AL05/240711/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: Night club receives serious criticism: Lack of insight into and deletion of TV surveillance recordings HUNGARIAN SUPERVISORY AUTHORITY: Review of systems and applications using artificial intelligence Fixed vulnerabilities on GitLab CE/EE (AL01/240711/CSIRT-ITA) Microsoft Monthly Updates (AL01/240710/CSIRT-ITA) Vulnerabilities found in Fortinet products (AL03/240710/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: Parental consent to the processing of the child’s personal data AUSTRALIAN SUPERVISORY AUTHORITY: GPEN Sweep finds majority of websites and mobile apps use deceptive design to influence privacy choices DANISH SUPERVISORY AUTHORITY: The Chromebook case: The municipalities comply with the Data Protection Authority’s latest order Adobe releases updates to fix multiple vulnerabilities (AL04/240710/CSIRT-ITA) New OpenSSH vulnerability detected (AL05/240710/CSIRT-ITA) Citrix Product Updates (AL02/240710/CSIRT-ITA) PORTUGUESE SUPERVISORY AUTHORITY: CNPD UPDATE INFORMATION ABOUT THE WORLDCOIN CASE Medical Device Regulation – MDR Sustainability Report – ESG Zoom vulnerability (AL05/240709/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: Measuring diversity at work: the CNIL launches a public consultation on a draft recommendation Security Updates for Node.js (AL01/240709/CSIRT-ITA) Remediated vulnerabilities in Schneider Electric products (AL02/240709/CSIRT-ITA) Artificial Intelligence Act – AI Act Siemens Product Updates (AL03/240709/CSIRT-ITA) SAP Security Patch Day (AL04/240709/CSIRT-ITA) Digital Markets Act – DMA Security Updates for Mozilla Products (AL06/240709/CSIRT-ITA) Digital Services Act – DSA Vulnerabilities Found in Splunk Products (AL03/240702/CSIRT-ITA) – Update Vulnerability found in Mastodon (AL02/240708/CSIRT-ITA) NORWEGIAN SUPERVISORY AUTHORITY: Two AI projects selected for the first round of the regulatory sandbox Cisco: Network Exploitation of CVE-2024-20399 (AL02/240702/CSIRT-ITA) Detected – Update Ghostscript: Public PoC for Exploitation of CVE-2024-29510 (AL01/240708/CSIRT-ITA) Trend Micro Product Updates (AL02/240607/CSIRT-ITA) – Update SECTORS Vulnerabilities found in 7-Zip (AL02/240705/CSIRT-ITA) Public PoC for the exploitation of CVE-2024-36401 related to the GeoServer product (AL03/240705/CSIRT-ITA) Vulnerabilities in Apache Tomcat (AL01/240705/CSIRT-ITA) NORWEGIAN SUPERVISORY AUTHORITY: The police had the law on their side FRENCH SUPERVISORY AUTHORITY: Online advertising: the CNIL is preparing for changes in business models DANISH SUPERVISORY AUTHORITY: Updated guidance on handling breaches Vulnerabilities Detected in Splunk Products (AL03/240702/CSIRT-ITA) – Update Zyxel Product Updates (AL01/240604/CSIRT-ITA) – Update Adobe releases updates to fix multiple vulnerabilities (AL03/240612/CSIRT-ITA) Vulnerabilities found in MongoDB (AL01/240704/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: sanction of 2.3 million euros against VINTED LITHUANIAN SUPERVISORY AUTHORITY: Fined a company operating an online second-hand clothing trading and exchange platform Android Security Updates (AL01/240703/CSIRT-ITA) Vulnerabilities found in Splunk products (AL03/240702/CSIRT-ITA) regreSSHion: OpenSSH vulnerability detected (AL01/240702/CSIRT-ITA) Juniper Networks Firewall Security Updates (AL04/240702/CSIRT-ITA) HONG KONG SUPERVISORY AUTHORITY: A Car Company Convicted of Direct Marketing Offences- Welcomed the Court’s Ruling Vulnerabilities in Apache HTTP Server (AL05/240702/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: Who are joint controllers? Fixed vulnerabilities in Cisco products (AL04/240418/CSIRT-ITA) – Update Cisco: network exploitation of CVE-2024-20399 detected (AL02/240702/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: investigation into the Rejsekort app FRENCH SUPERVISORY AUTHORITY: The data protection officer (DPO): a profession increasingly represented in small structures NORWEGIAN SUPERVISORY AUTHORITY: The Oslo District Court upholds the fine against Grindr Vulnerabilities in Juniper Networks products (AL01/240701/CSIRT-ITA) Updates for Elastic NV products (AL01/240628/CSIRT-ITA) ROMANIAN SUPERVISORY AUTHORITY: FRA Report – “GDPR in practice – Experiences of data protection authorities” Microsoft Monthly Updates (AL01/240612/CSIRT-ITA) – Update Fortra FileCatalyst Workflow: public PoC for the exploitation of CVE-2024-5276 (AL03/240627/CSIRT-ITA) Microsoft Monthly Updates (AL01/240612/CSIRT-ITA) – Update Rectified vulnerabilities on GitLab CE/EE (AL01/240627/CSIRT-ITA) Vulnerability in Progress WhatsUp Gold (AL02/240627/CSIRT-ITA) MOVEit Transfer: public PoC for the exploitation of CVE-2024-5806 (AL02/240626/CSIRT-ITA) Zyxel Product Updates (AL01/240604/CSIRT-ITA) – Update LibreOffice security updates (AL01/240626/CSIRT-ITA) Vulnerabilities in VMware vCenter Server fixed (AL01/240618/CSIRT-ITA) – Update FRENCH SUPERVISORY AUTHORITY: The CNIL, Cybermalveillance.gouv.fr and Unaf publish two guides on cyber threats for families and seniors Fixed vulnerabilities in Google Chrome (AL01/240625/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: The Municipality of Copenhagen receives criticism in the supervisory case about AULA FRENCH SUPERVISORY AUTHORITY: The California Privacy Protection Agency (CPPA) and the CNIL sign a declaration of cooperation XWiki: Public PoC for the exploitation of CVE-2024-31982 (AL03/240625/CSIRT-ITA) WordPress Plugin Compromised Detected (AL02/240625/CSIRT-ITA) Vulnerabilities in Netgear products (AL01/240624/CSIRT-ITA) Microsoft Monthly Updates (AL01/240214/CSIRT-ITA) – Update GERMAN SUPERVISORY AUTHORITY: BfDI among the most innovative supervisory authorities POLISH SUPERVISORY AUTHORITY: The controller is obliged to cooperate with the President of the Personal Data Protection Office SWISS SUPERVISORY AUTHORITY: Meta: No change to the terms of use for Switzerland for the time being Fixed vulnerability in Cisco Finesse (AL04/240607/CSIRT-ITA) – Update Security Updates for Mozilla Products (AL04/240515/CSIRT-ITA) – Update Updates for Trellix Products (AL01/240620/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: What does the controller need to know when appointing a processor? Vulnerability in Solarwinds Products (AL06/240612/CSIRT-ITA) – Update NORWEGIAN SUPERVISORY AUTHORITY: EDPB: The Norwegian Data Protection Authority cannot impose daily fines in cross-border cases Zyxel Product Updates (AL01/240604/CSIRT-ITA) – Update PORTUGUESE SUPERVISORY AUTHORITY: CNPD PRESIDENT GAVE A LECTURE ON “DATA PROTECTION IN THE LABOUR MARKET” DANISH SUPERVISORY AUTHORITY: Kids and gaming: Strengthening data protection Category Search Advanced Search Vulnerability found in Atlassian Jira Core Data Centre (AL04/240619/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: GDPR universe for small associations Vulnerabilities in Google Chrome fixed (AL01/240619/CSIRT-ITA) Vulnerabilities in Moodle (AL02/240619/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: Early parliamentary elections: the CNIL continues its action to protect voters’ data Update for Autodesk products (AL03/240619/CSIRT-ITA)Update HONG KONG SUPERVISORY AUTHORITY: A 54-year-old Male Arrested for suspected Doxxing Arising from Monetary Disputes GERMAN SUPERVISORY AUTHORITY: Complaints options for data transfers to the USA FRENCH SUPERVISORY AUTHORITY: published updated instructions for the organization that appointed the data protection officer SWISS SUPERVISORY AUTHORITY: New factsheet on planning and justifying online access Vulnerabilities in VMware vCenter Server fixed (AL01/240618/CSIRT-ITA) POLISH SUPERVISORY AUTHORITY: Meta suspends using users’ data to train artificial intelligence Security updates for Nextcloud (AL02/240618/CSIRT-ITA) CROATIAN SUPERVISORY AUTHORITY: Director Zdravko Vukić presented the web tool “Olivia” at the Privacy Symposium in Venice Vulnerabilities in ASUS products (AL02/240617/CSIRT-ITA) Microsoft Monthly Updates (AL01/240612/CSIRT-ITA) – Update PHP: Public PoC for the exploitation of CVE-2024-2408 (AL01/240617/CSIRT-ITA) Veeam: public PoC for the exploitation of CVE-2024-29855 (AL01/240614/CSIRT-ITA) IRISH SUPERVISORY AUTHORITY: The DPC’s Engagement with Meta on AI Vulnerability remedied in cURL (AL04/230914/CSIRT-ITA) – Update Vulnerabilities in PHP (AL03/240607/CSIRT-ITA) – Update Microsoft Monthly Updates (AL01/240313/CSIRT-ITA) – Update Vulnerabilities in Ivanti products fixed (AL03/240522/CSIRT-ITA) – Update NORWEGIAN SUPERVISORY AUTHORITY: Privacy survey 2024 – figures and trends GERMAN SUPERVISORY AUTHORITY: Berlin Group adopts working paper on digital central bank money Google Pixel: network exploitation of CVE-2024-32896 detected (AL02/240613/CSIRT-ITA) Adobe releases updates to fix multiple vulnerabilities (AL03/240612/CSIRT-ITA) Vulnerabilities in Google Chrome fixed (AL04/240612/CSIRT-ITA) Security Updates for Mozilla Products (AL05/240612/CSIRT-ITA) POLISH SUPERVISORY AUTHORITY: President of the Polish SA comments on the draft act on supporting parents Vulnerabilities in Solarwinds products (AL06/240612/CSIRT-ITA) Microsoft Monthly Updates (AL01/240612/CSIRT-ITA) Vulnerability in Veeam Backup Enterprise Manager (AL04/240522/CSIRT-ITA) – Update Remediated vulnerabilities in Schneider Electric products (AL02/240611/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: What should the controller observe when dealing with a data subject’s request? HONG KONG SUPERVISORY AUTHORITY: Publishes“Artificial Intelligence: Model Personal Data Protection Framework” GERMAN SUPERVISORY AUTHORITY: BfDI and ICO strengthen cooperation Siemens Product Updates (AL03/240611/CSIRT-ITA) SAP Security Patch Day (AL01/240611/CSIRT-ITA) CANADIAN SUPERVISORY AUTHORITY: Privacy authorities for Canada and the United Kingdom launch joint investigation into 23andMe data breach Vulnerabilities in PHP (AL03/240607/CSIRT-ITA) – Update Vulnerability in Netgear products (AL01/240610/CSIRT-ITA) Vulnerabilities in Solarwinds products (AL02/240604/CSIRT-ITA) – Update CANADIAN SUPERVISORY AUTHORITY: Launch of exploratory consultations on the privacy implications of age-assurance systems FRENCH SUPERVISORY AUTHORITY: European elections 2024: the CNIL’s action plan to protect voters’ data Microsoft Monthly Updates (AL01/240515/CSIRT-ITA) – Update Vulnerabilities resolved in Bitdefender (AL01/240607/CSIRT-ITA) Vulnerabilities in PHP (AL03/240607/CSIRT-ITA) Resolved vulnerability in Cisco Finesse (AL04/240607/CSIRT-ITA) CYPRIOT SUPERVISORY AUTHORITY: Audit on the operation of a closed-circuit video surveillance system (CCTV) at the Monastery of Saint Abbacum Updates for Trend Micro Products (AL02/240607/CSIRT-ITA SPANISH SUPERVISORY AUTHORITY: The AEPD announces the ‘Data Protection Awards 2024’ to recognise commitment to the promotion and dissemination of this right DANISH SUPERVISORY AUTHORITY: investigates compliance with the rules on insight in connection with online trading Privacy Day Forum 2024 GERMAN SUPERVISORY AUTHORITY: BfDI calls for an update on freedom of information ITALIAN SUPERVISORY AUTHORITY: Guidance document. Workplace e-mail management and metadata processing software and services FINNISH SUPERVISORY AUTHORITY: EDPB takes a stand on facial recognition at airports – “people should be able to manage their biometric data as well as possible” AUSTRALIAN SUPERVISORY AUTHORITY: CheckPoint: network exploitation of CVE-2024-24919 relating to Security Gateways products detected (AL03/240529/CSIRT-ITA) – Update FRENCH SUPERVISORY AUTHORITY: CNIL issues nine new penalties under the simplified procedure GERMAN SUPERVISORY AUTHORITY: Berlin Group adopts working paper on facial recognition technology Linux: Public PoC for CVE-2023-3390 Exploitation (AL01/240605/CSIRT-ITA) Android Security Updates (AL02/240605/CSIRT-ITA) FINNISH SUPERVISORY AUTHORITY: The decision on the retention of the search results link became final CANADIAN SUPERVISORY AUTHORITY: Commissioners launch joint investigation into company that does background checks SPANISH SUPERVISORY AUTHORITY: Worldcoin pledges to halt its activity in Spain Criticality detected in Azure Nework Service Tags (AL03/240604/CSIRT-ITA) Zyxel Product Updates (AL01/240604/CSIRT-ITA) Vulnerabilities in Solarwinds Products (AL02/240604/CSIRT-ITA) NORWEGIAN SUPERVISORY AUTHORITY: Nordic co-operation on children’s privacy in games, AI and infringement fees Fixed vulnerabilities in Google Chrome (AL08/231213/CSIRT-ITA) – Update Network Exploitation of CVE-2024-1086 related to Linux Kernel Detected (AL02/240531/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: Copenhagen Municipality severely criticised for lack of security measures DANISH SUPERVISORY AUTHORITY: severely criticised NemID crash case GREEK SUPERVISORY AUTHORITY: Press Release – Fine and compliance order imposed on MEP and Ministry of Interior following leak of personal data file of expatriates FRENCH SUPERVISORY AUTHORITY: The law aimed at securing and regulating the digital space (SREN) strengthens the protection of Internet users by entrusting the CNIL with new missions DANISH SUPERVISORY AUTHORITY: Netcompany investigation closed GERMAN SUPERVISORY AUTHORITY: BfDI files suit against the Federal Intelligence Service DANISH SUPERVISORY AUTHORITY: New templates for conducting impact assessments AUSTRALIAN SUPERVISORY AUTHORITY: Statement on MediSecure data breach ITALIAN SUPERVISORY AUTHORITY: Medical research: the safeguards to be adopted in cases where it is not possible to obtain patients‘ consent – Telemarketing: the fines of 100,000 euro on two energy operators – No to the publication of images that violate patients’ dignity – Video surveillance and presence detection: sanctioned a municipality FINNISH SUPERVISORY AUTHORITY: investigating City of Helsinki personal data breach FRENCH SUPERVISORY AUTHORITY: Parasport: collecting data on athletes’ disabilities FRENCH SUPERVISORY AUTHORITY: 2024 Olympic and Paralympic Games: CNIL comments on the pass system ROMANIAN SUPERVISORY AUTHORITY: Penalties for breach of the GDPR ROMANIAN SUPERVISORY AUTHORITY: Penalties for breach of the GDPR DANISH SUPERVISORY AUTHORITY: Criticism of Telmore A/S’ processing of personal data DANISH SUPERVISORY AUTHORITY: Criticism of high school’s use of exam proctoring software ITALIAN SUPERVISORY AUTHORITY: Tlc: sanctioned a dealer for unlawful activation of SIM cards and subscriptions – Work: the employee has the right to access his own data – Gender violence: anonymity guaranteed in emergency services database – Emerging technologies and anti-money laundering among the topics of the Spring Conference in Riga DANISH SUPERVISORY AUTHORITY: asks questions about the Rejsekort app ICELANDIC SUPERVISORY AUTHORITY: The EU Commission has an investigation into Facebook and Instagram HUNGARIAN SUPERVISORY AUTHORITY: Amendment to the eIDAS Regulation published ROMANIAN SUPERVISORY AUTHORITY: A new sanction for non-compliance with GDPR CROATIAN SUPERVISORY AUTHORITY: Nine new administrative fines totaling EUR 51,000 ROMANIAN SUPERVISORY AUTHORITY: A new sanction for non-compliance with GDPR DANISH SUPERVISORY AUTHORITY: EDPB adopted a new strategy DANISH SUPERVISORY AUTHORITY: EDPB adopts opinion on ‘consent or pay’ solutions BELGIAN SUPERVISORY AUTHORITY: EDUbox Data and Privacy: the balance between sharing and protecting GREEK SUPERVISORY AUTHORITY: Investigation of a complaint against a diagnostic centre for breach of confidentiality of medical data FRENCH SUPERVISORY AUTHORITY: Theft of equipment and hijacking of services in schools: how to manage data breaches? CZECH SUPERVISORY AUTHORITY: Czech DPA imposed fine of 351 million CZK for GDPR infringement Professional Profile ROMANIAN SUPERVISORY AUTHORITY: Penalty for breach of GDPR ITALIAN SUPERVISORY AUTHORITY: Hacker attack on Lazio Region computer systems: sanctions by the Guarantor – Health dossier: the Guarantor sanctions an ASL – Pa: website transparency, the Guarantor calls for more protection for personal data – EU Prosecutor’s Office interceptions: the Guarantor’s OK for the national database CYPRIOT SUPERVISORY AUTHORITY: Operation of Closed Circuit Video Surveillance (CCTV) in Schools FRENCH SUPERVISORY AUTHORITY: Commercial canvassing: HUBSIDE.STORE fined €525,000 FRENCH SUPERVISORY AUTHORITY: AI: CNIL publishes its first recommendations on the development of artificial intelligence systems ICELANDIC SUPERVISORY AUTHORITY: Children in the United States under the age of 14 are prohibited from using social media FRENCH SUPERVISORY AUTHORITY: Personal data and AI: the contribution of the ISO/IEC 27701 and 42001 standards FINNISH SUPERVISORY AUTHORITY: In 2024, the focus of the EDPS’s inspection activities will be on the supervision of the processing of personal data in organisations and the management of access rights FINNISH SUPERVISORY AUTHORITY: Positive Credit Register to be introduced on 1 April – how it affects the processing of your personal data ITALIAN SUPERVISORY AUTHORITY: Work: the Garante’s no to the use of facial recognition to check attendance – Transport: Garante, more protection for subscribers’ data – Websites and apps for contact between doctor and patient: the Garante’s indications – Wiretapping, Garante: green light for interdistrict digital archives SWISS SUPERVISORY AUTHORITY: Data Protection Commissioner welcomes public debate on the inter-cantonal agreement on the exchange of data between police corps and the planned involvement of the federal governm PORTUGUESE SUPERVISORY AUTHORITY: CNPD SUSPENDS COLLECTION OF BIOMETRIC DATA DANISH SUPERVISORY AUTHORITY: Supervision of secure residential institutions’ use of CCTV surveillance DANISH SUPERVISORY AUTHORITY: Cookie walls: Statistics were not a necessary part of the alternative to paid access HONG KONG SUPERVISORY AUTHORITY: Privacy Commissioner’s Office Issues Two Leaflets on the Smart Use ofSmartphones and Social Media to Protect Personal Data Privacy NORWEGIAN SUPERVISORY AUTHORITY: Easter is a time for digital attacks FINNISH SUPERVISORY AUTHORITY: Supreme Administrative Court confirmed Deputy Data Protection Ombudsman’s decision and obliged Google to remove links from search results DANISH SUPERVISORY AUTHORITY: investigation on the duty of disclosure at three parking companies IRISH SUPERVISORY AUTHORITY: Launch of coordinated enforcement action on the right of access FRENCH SUPERVISORY AUTHORITY: Fraud using a combination of techniques: how to manage these data breaches? HONG KONG SUPERVISORY AUTHORITY: Privacy Commissioner welcomes the Passage of the Safeguarding National Security Ordinance FINNISH SUPERVISORY AUTHORITY: Administrative fine imposed on Verkkokauppa.com for failing to define storage period of customer data – requiring customers to register was also illegal SPANISH SUPERVISORY AUTHORITY: The Agency pushes forward the development of the European Committee’s guidelines for age verification systems on the Internet ICELANDIC SUPERVISORY AUTHORITY: The European Data Protection Authority concludes that the EU Commission’s use of Microsoft 365 violates privacy FRENCH SUPERVISORY AUTHORITY: France Travail: CNIL investigates data leak and gives advice on how to protect yourself GERMAN SUPERVISORY AUTHORITY: BfDI welcomes the European AI Regulation DANISH SUPERVISORY AUTHORITY: investigates boliglag.dk FRENCH SUPERVISORY AUTHORITY: CNIL has issued fifteen new sanctions under the simplified procedure since January 2024 FRENCH SUPERVISORY AUTHORITY: European elections 2024: the CNIL’s action plan to protect voters’ data CYPRIOT SUPERVISORY AUTHORITY: Attention to the publication of personal data of third parties ITALIAN SUPERVISORY AUTHORITY: Data breach: sanctioned UniCredit for 2.8 million euro – Apps for diabetics: fined a medical device company – Speed cameras, Garante: favourable opinion to MIT – EU privacy authorities will have greater autonomy against non-EU companies BELGIAN SUPERVISORY AUTHORITY: IAB EUROPE case: The CJEU answers the questions referred for a preliminary ruling SPANISH SUPERVISORY AUTHORITY: orders injunction preventing Worldcoin from continuing to process personal data in Spain ROMANIAN SUPERVISORY AUTHORITY: Imposition of periodic penalty payments – public institution DANISH SUPERVISORY AUTHORITY: New regulatory sandbox for AI FRENCH SUPERVISORY AUTHORITY: Commercial canvassing: €310,000 fine imposed on FORIOU HUNGARIAN SUPERVISORY AUTHORITY: A coordinated EU action plan on the practical application of the right of access HONG KONG SUPERVISORY AUTHORITY: Strongly Condemns Ted HUIfor Suspected Doxxing of Hong Kong Judgesand Other Law Enforcement Officers DANISH SUPERVISORY AUTHORITY: Change in the Danish Data Protection Agency’s standard data processing agreement GREEK SUPERVISORY AUTHORITY: Investigation into the alleged sending of unsolicited emails by a Member of the European Parliament LIECHTENSTEIN SUPERVISORY AUTHORITY: European initiative on the right to information FRENCH SUPERVISORY AUTHORITY: The economic impact of the RGPD, 5 years on FRENCH SUPERVISORY AUTHORITY: EDPS: statement on the future regulation against sexual abuse of minors and clarification of the concept of principal place of business LITHUANIAN SUPERVISORY AUTHORITY: 2024 Plan for planned inspections and monitoring of the application of the General Data Protection Regulation Microsoft Monthly Updates (AL09/230613/CSIRT-ITA) – Update DANISH SUPERVISORY AUTHORITY: Relevance of the Chromebook case to other organisations and cloud services DANISH SUPERVISORY AUTHORITY: asks questions to Netcompany FINNISH SUPERVISORY AUTHORITY: Office of the Data Protection Ombudsman examines realisation of right of access to data as part of Europe-wide measure LATVIAN SUPERVISORY AUTHORITY: EDPS launches coordinated review on the implementation of the right of access DANISH SUPERVISORY AUTHORITY: Coordinated action on data controller compliance with the right of access Network Exploitation of CVE-2023-46805 and CVE-2024-21887 Detected in Ivanti Products (AL01/240111/CSIRT-ITA) – Update LATVIAN SUPERVISORY AUTHORITY: What should I observe when installing CCTV on shared property? What if a camera is installed arbitrarily? ROMANIAN SUPERVISORY AUTHORITY: Penalty for breach of GDPR CANADIAN SUPERVISORY AUTHORITY: Privacy Commissioner to investigate privacy breach at Global Affairs Canada RedHat fixes OpenShift vulnerability (AL01/240223/CSIRT-ITA) Vulnerabilities in Netgear Products (AL03/240222/CSIRT-ITA) FINNISH SUPERVISORY AUTHORITY: Clarification from the European Data Protection Board on the definition of headquarters and opinion on the proposal to combat child abuse AUSTRALIAN SUPERVISORY AUTHORITY: Data breach report highlights supply chain risks POLISH SUPERVISORY AUTHORITY: Transparency of public officers does not justify the interference in privacy of their spouses Security Updates for Mozilla Products (AL05/240220/CSIRT-ITA) – Update LITHUANIAN SUPERVISORY AUTHORITY: inspections on data protection officers DANISH SUPERVISORY AUTHORITY: New themed site on consent to help citizens know their rights AUSTRALIAN SUPERVISORY AUTHORITY: OAIC opens investigation into HWL Ebsworth over data breach HONG KONG SUPERVISORY AUTHORITY: Implications of the Development or Use of Artificial Intelligenceon Personal Data Privacy Zyxel Product Updates (AL03/240220/CSIRT-ITA) SUPERVISORY AUTHORITY OF LUXEMBOURG: EDPB PUBLISHES A REPORT ON SECURITY OF PROCESSING AND NOTIFICATION OF DATA BREACHES FRENCH SUPERVISORY AUTHORITY: Collecting data to measure the individual physical performance of top-level or professional athletes POLISH SUPERVISORY AUTHORITY: decided to investigate the cases of disclosure of data that led to the tragedy CYPRIOT SUPERVISORY AUTHORITY: Compliance Guide with GDPR HUNGARIAN SUPERVISORY AUTHORITY: European Data Protection Board Declaration 1/2024 on the prevention of child sexual abuse Vulnerabilities in Solarwinds Products (AL02/240219/CSIRT-ITA) GREEK SUPERVISORY AUTHORITY: Fine and reprimand to employer for processing employee’s personal data CYPRIOT SUPERVISORY AUTHORITY: Sending promotional messages Updates for Eset Products (AL01/240216/CSIRT-ITA) FINNISH SUPERVISORY AUTHORITY: The new regulations for digital services come into effect – this is how the user’s position improves NORWEGIAN SUPERVISORY AUTHORITY: Seven sandboxes gathered in Switzerland DANISH SUPERVISORY AUTHORITY: EDPB appoints representatives to evaluate EU-US agreement HUNGARIAN SUPERVISORY AUTHORITY: Opinion of the European Data Protection Board on the concept of a centre of activity of a controller in the EU CANADIAN SUPERVISORY AUTHORITY: Investigations highlight need for stronger measures to protect privacy at federal departments and agencies Security Updates for Node.js (AL04/240215/CSIRT-ITA) GERMAN SUPERVISORY AUTHORITY: BfDI calls for compliance with fundamental rights in chat control DANISH SUPERVISORY AUTHORITY: Increasing number of reports to whistleblower programme Vulnerabilities in Solarwinds Products (AL01/240212/CSIRT-ITA) GREEK SUPERVISORY AUTHORITY: Application for a remedy against a filing by the Authority on grounds of competence – Collection and use of personal data before a court ITALIAN SUPERVISORY AUTHORITY: Employment agencies: the Authority has approved the Code of Conduct – Online dating: sanctioned a dating site for 200,000 euro – Medical prescriptions outside the surgery: a doctor sanctioned – Health: an aesthetic medicine centre sanctioned for breach of privacy Zoom Vulnerability (AL04/240213/CSIRT-ITA) IRISH SUPERVISORY AUTHORITY: DPC survey to examine sports clubs’ data protection awareness and understanding FRENCH SUPERVISORY AUTHORITY: Data retention and security: CNIL fines PAP €100,000 CROATIAN SUPERVISORY AUTHORITY: main business event and Regulation on establishing rules for preventing and combating sexual abuse of children Phishing Campaign Themed “Helpdesk Support” (AL02/240212/CSIRT-ITA) LATVIAN SUPERVISORY AUTHORITY: How can I protect my privacy when browsing the internet? FRENCH SUPERVISORY AUTHORITY: Health data: the CNIL issues a reminder of the security and confidentiality measures for access to computerised patient records (DPI) Vulnerabilities found in PostgreSQL (AL02/240209/CSIRT-ITA) FRENCH SUPERVISORY AUTHORITY: CNIL controls in 2024: data on minors, Olympic Games, right of access and dematerialised till receipts Vulnerabilities in SonicWall Products (AL01/240208/CSIRT-ITA) POLISH SUPERVISORY AUTHORITY: again fined Morele.net company FRENCH SUPERVISORY AUTHORITY: Data breach by two third-party payment operators: the CNIL opens an investigation and reminds policyholders of the precautions to take NORWEGIAN SUPERVISORY AUTHORITY: Divided views on generative artificial intelligence Fixed vulnerabilities in VMware Aria Operations (AL01/240207/CSIRT-ITA) POLISH SUPERVISORY AUTHORITY: The Voivodeship Administrative Court confirms that data breaches cannot be trivialised DANISH SUPERVISORY AUTHORITY: Two new opinions on datasets for language technology development ROMANIAN SUPERVISORY AUTHORITY: Another fine for breach of GDPR FRENCH SUPERVISORY AUTHORITY: Collating information online: what you publish can reveal your private life IRISH SUPERVISORY AUTHORITY: Managing your digital footprint Fixed vulnerabilities in Google Chrome (AL01/230906/CSIRT-ITA) – Update LATVIAN SUPERVISORY AUTHORITY: What do I need to know about data processing before the courts? ROMANIAN SUPERVISORY AUTHORITY: Fine for breach of GDPR ICELANDIC SUPERVISORY AUTHORITY: issues instructions to local authorities regarding the use of Google’s cloud services in primary school activities DANISH SUPERVISORY AUTHORITY: investigated the duty of disclosure at Tryg Forsikring A/S Vulnerability in QNAP Products (AL01/240205/CSIRT-ITA) DANISH SUPERVISORY AUTHORITY: News about the scope of the AUH decision FINNISH SUPERVISORY AUTHORITY: adopted decision on the use of Google software in primary schools DANISH SUPERVISORY AUTHORITY: Private hospital Capio A/S recommended for fine FRENCH SUPERVISORY AUTHORITY: Visa management in the Schengen area: CNIL sanctions two ministries ROMANIAN SUPERVISORY AUTHORITY: Penalty for breach of GDPR Fixed vulnerabilities in Google Chrome (AL01/240131/CSIRT-ITA) DUTCH SUPERVISORY AUTHORITY: Uber fined €10 million for infringement of privacy regulations FRENCH SUPERVISORY AUTHORITY: Data brokers: TAGADAMEDIA fined €75,000 HUNGARIAN SUPERVISORY AUTHORITY: Data Protection Day 2024 Updates for Zyxel NAS (AL01/240130/CSIRT-ITA) SPANISH SUPERVISORY AUTHORITY: The Agency presents its Global Strategy on Children, Digital Health and Privacy SWISS SUPERVISORY AUTHORITY: Data Protection Day 2024: Digital transformation – Do we still have control over our data? Fixed vulnerability in Cisco products (AL01/240125/CSIRT-ITA) Public PoC for Exploitation of CVE-2024-0204 related to Fortra GoAnywhere MFT (AL01/240124/CSIRT-ITA) BELGIAN SUPERVISORY AUTHORITY: The role of the DPO: EDPB report and BE DPA comments HONG KONG SUPERVISORY AUTHORITY: Global Data Breach Involving Various Social Media and Online Platforms Apple Security Updates (AL01/240123/CSIRT-ITA) SWISS SUPERVISORY AUTHORITY: Guide to Technical and Organisational Data Protection Measures (TOM) NEW ZEALAND SUPERVISORY AUTHORITY: New Zealand is ‘adequate’ Fixed Vulnerabilities in VMware vCenter Server (AL02/231025/CSIRT-ITA) – Update CYPRIOT SUPERVISORY AUTHORITY: Results of the coordinated action of the EDPB on the role of DPOs Vulnerabilities in Ivanti Products (AL01/230808/CSIRT-ITA) – Update AI and algorithm risks on the rise amidst increased use: master plan necessary to prepare the Netherlands for a future with AI Trend Micro Product Updates (AL01/240118/CSIRT-ITA) SLOVENIAN SUPERVISORY AUTHORITY: results of a coordinated joint supervisory action on DPOs Fixed vulnerability in Google Chrome (AL01/240117/CSIRT-ITA) ISLE OF MAN SUPERVISORY AUTHORITY: Isle of Man Adequacy Decision Fixed vulnerability in VMware Aria Automation (AL02/240116/CSIRT-ITA) LIECHTENSTEIN SUPERVISORY AUTHORITY: Adequacy decisions for Switzerland and 10 other third countries remain in force SWISS SUPERVISORY AUTHORITY: EU adequacy decision regarding Switzerland HONG KONG SUPERVISORY AUTHORITY: A 42-year-old Male Convicted and Sentenced for Doxxing another person because of Monetary Dispute FINNISH SUPERVISORY AUTHORITY: New obligations for digital operators – the goal is safer and more open online services Zoho ManageEngine ADSelfService Plus Vulnerability Remediated (AL02/240112/CSIRT-ITA) HONG KONG SUPERVISORY AUTHORITY: Completed Compliance Checks of All Credit Reference Agencies in Hong Kong to Ensure the Data Security of Credit Reference Databases Vulnerabilities found in Cisco products (AL02/240111/CSIRT-ITA) Fixed vulnerability in Google Chrome (AL03/240110/CSIRT-ITA) HONG KONG SUPERVISORY AUTHORITY: Response on the Social Welfare Department’s Data Breach Incident LATVIAN SUPERVISORY AUTHORITY: Can you film your employees? FRENCH SUPERVISORY AUTHORITY: The CNIL publishes a guide for prevention and occupational health services (SPST) CROATIAN SUPERVISORY AUTHORITY: Due to great interest, the ARC2 workshop “Organizational and technical measures in GDPR – access management and data protection” was held again FRENCH SUPERVISORY AUTHORITY: Message addressed to public officials on pension reform: the CNIL calls two ministries to order CYPRIOT SUPERVISORY AUTHORITY: 2nd Decision on cyber-attacks on the network of the Department of Cadastre and Land Surveying FINNISH SUPERVISORY AUTHORITY: Administrative fine imposed on company for processing health information without the appropriate consent LATVIAN SUPERVISORY AUTHORITY: State Data Inspectorate established 23 years ago POLISH SUPERVISORY AUTHORITY: A fine of PLN 100,000 for disclosure of health data CROATIAN SUPERVISORY AUTHORITY: Protection of personal data during the holiday season SWISS SUPERVISORY AUTHORITY: Phishing Attack on Hotels BELGIAN SUPERVISORY AUTHORITY: a baptized person has the right to be deleted from the baptismal register FINNISH SUPERVISORY AUTHORITY: The Administrative Courts of Helsinki and Hämeenlinna upheld the Data Protection Ombudsman’s decision on tax information portals ICELANDIC SUPERVISORY AUTHORITY: The Swedish Supervisory Authority fines the use of Google’s cloud services in primary schools ITALIAN SUPERVISORY AUTHORITY: Autostrade and Amazon transport fined; Healthcare: training company fined; Condominium: no to video surveillance systems without assembly resolution; Two municipalities fined for unlawful use of interview recordings ROMANIAN SUPERVISORY AUTHORITY: fined a natural person GERMAN SUPERVISORY AUTHORITY: BfDI for Data Free Flow with Trust LATVIAN SUPERVISORY AUTHORITY: #DVIexplains: How to protect your privacy with ‘chatbots’? FRENCH SUPERVISORY AUTHORITY: Tables Informatique et Libertés: the CNIL publishes its doctrine on data protection DANISH SUPERVISORY AUTHORITY: New guidelines on CCTV surveillance LITHUANIAN SUPERVISORY AUTHORITY: Human Rights Day honours a representative of the State Data Protection Inspectorate FRENCH SUPERVISORY AUTHORITY: signs a joint declaration with the Competition Authority DANISH SUPERVISORY AUTHORITY: Statement on the application of an exception to the obligation to provide information BELGIAN SUPERVISORY AUTHORITY: Save the date! February 5, an event for the DPOs ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation DANISH SUPERVISORY AUTHORITY: EDPB publishes a decision regarding Meta CANADIAN SUPERVISORY AUTHORITY: Joint Statement on Privacy and Democratic Rights CANADIAN SUPERVISORY AUTHORITY: Commissioner Dufresne joins Asia Pacific counterparts to discuss progress on key privacy challenges CANADIAN SUPERVISORY AUTHORITY: Deputy Commissioner propose changing the law governing the National DNA Databank LITHUANIAN SUPERVISORY AUTHORITY: EU supervisory authorities meet on the practice of assessing certification criteria under the General Data Protection Regulation IRISH SUPERVISORY AUTHORITY: Data protection during Christmastime blog – what you need to know SWISS SUPERVISORY AUTHORITY: Freedom of Information Act: FDPIC publishes six recommendations on contracts for COVID vaccines ISRAELI SUPERVISORY AUTHORITY: Fighting Incitement Online AUSTRALIAN SUPERVISORY AUTHORITY: Digital platform regulators release working papers on algorithms and AI CANADIAN SUPERVISORY AUTHORITY: Privacy Commissioner initiates investigations into breach impacting federal government personnel who used relocation services SWISS SUPERVISORY AUTHORITY: Workshop in Bern: European Case Handling Workshop SPANISH SUPERVISORY AUTHORITY: AI System: just one algorithm or multiple algorithms? FRENCH SUPERVISORY AUTHORITY: Trophées des classes 2024: “Together, we can all protect ourselves on the Internet! DUTCH SUPERVISORY AUTHORITY: €30,000 fine for municipality of Voorschoten FRENCH SUPERVISORY AUTHORITY: EDPB: guidelines to clarify the notion of “tracing” in the ePrivacy Directive FRENCH SUPERVISORY AUTHORITY: Storage periods in the social and medical-social sector: the CNIL publishes a reference system and a practical sheet FRENCH SUPERVISORY AUTHORITY: Message to civil servants on pension reform: CNIL calls two ministries to order DANISH SUPERVISORY AUTHORITY: Data processor criticised for lack of security SWISS SUPERVISORY AUTHORITY: Current data protection legislation is directly applicable to AI FINNISH SUPERVISORY AUTHORITY: reminds controllers: Organisations must assess the severity of a personal data breach to the data subjects ITALIAN SUPERVISORY AUTHORITY: a company is fined 70 thousand euros for telemarketing- With the purchase of the coffee there were also unsolicited phone calls POLISH SUPERVISORY AUTHORITY: Training for participants of the 14th edition of the “Your Data – Your Concern” Programme SPANISH SUPERVISORY AUTHORITY: The AEPD awarded for its actions carried out for the protection of children and adolescents in the digital environment AUSTRALIAN SUPERVISORY AUTHORITY: commences Federal Court proceedings against Australian Clinical Labs Limited FINNISH SUPERVISORY AUTHORITY: adopts Valtori’s secure forms NORWEGIAN SUPERVISORY AUTHORITY: The decision against Meta is extended to the EU/EEA and made permanent SPANISH SUPERVISORY AUTHORITY: The director of the AEPD, Mar España, awarded in the category ‘Innovation’ in the VI Confilegal Awards CANADIAN SUPERVISORY AUTHORITY: highlights importance of protecting children’s privacy in appearance before Parliament ROMANIAN SUPERVISORY AUTHORITY: A new sanction for breach of the GDPR CANADIAN SUPERVISORY AUTHORITY: OPC-funded research looks at the impacts of artificial intelligence on privacy POLISH SUPERVISORY AUTHORITY: The Voivodeship Administrative Court has accepted the fine imposed on Virgin Mobile FRENCH SUPERVISORY AUTHORITY: EDPS news: Opinion on the draft regulation on the digital euro and topic of the next coordinated implementation framework SWEDISH SUPERVISORY AUTHORITY: H&M has made it unnecessarily difficult to avoid marketing CANADIAN SUPERVISORY AUTHORITY: Privacy Commissioner appears before Parliament to discuss proposals to modernize federal privacy law CANADIAN SUPERVISORY AUTHORITY: Canadian privacy regulators issue companion pieces to resolution on best interests of young people GERMAN SUPERVISORY AUTHORITY: Berlin Group adopts working paper on telemetry FINNISH SUPERVISORY AUTHORITY: psychotherapy provider: Administrative fine imposed for shortcomings in fulfilling the client’s right of access to data ITALIAN SUPERVISORY AUTHORITY: Decalogue of the Supervisory Authorithy on the use of artificial intelligence in the health sector CANADIAN SUPERVISORY AUTHORITY: OPC posts submission to government’s consultation on strengthening Canada’s anti-money laundering and anti-terrorist financing regime DANISH SUPERVISORY AUTHORITY: The company Texas Andreas Petersen A/S is reported to the police and asked to pay a fine CANADIAN SUPERVISORY AUTHORITY: Canadian privacy regulators pass resolutions on the privacy of young people and workplace privacy SWISS SUPERVISORY AUTHORITY: Oracle: No concerns for people living in Switzerland CANADIAN SUPERVISORY AUTHORITY: Statement of the Canada’s Privacy Commissioner who welcomes Federal Court of Appeal decision on Google LATVIAN SUPERVISORY AUTHORITY: Processing of biometric data in employment relationship LATVIAN SUPERVISORY AUTHORITY: The legitimate interests of the controller as a legal basis for processing personal data. Balancing test CROATIAN SUPERVISORY AUTHORITY: ARC2 workshop: GDPR – Processing and protection of personal data in work relationships FINNISH SUPERVISORY AUTHORITY: European data protection authorities continue to cooperate on the supervision of Yango taxi service’s data transfers – Yango is allowed to continue operating in Finland until further notice DANISH SUPERVISORY AUTHORITY: EDPB and EDPS provide comments on the template for the description of consumer profiling techniques POLISH SUPERVISORY AUTHORITY: The Supreme Administrative Court upheld the decision of the UODO POLISH SUPERVISORY AUTHORITY: The technology has to be compliant with the GDPR LATVIAN SUPERVISORY AUTHORITY: What should one pay attention to when shopping online? IRISH SUPERVISORY AUTHORITY: announces €345 million fine of TikTok CROATIAN SUPERVISORY AUTHORITY: fine imposed on Zagreb Holding NEWS TRAINING & KNOWLEDGE LEGAL & COMPLIANCE AUDIT & CERTIFICATION GOVERNANCE & AWARENESS CYBER & INTELLIGENCE PRIVACY & DATA PROTECTION FINNISH SUPERVISORY AUTHORITY: Administrative fine imposed on business directory operator for infringements of the right to obtain call recordings IRISH SUPERVISORY AUTHORITY: welcomes latest successful prosecutions of marketing offences ITALIAN SUPERVISORY AUTHORITY: The Garante sanctions Tiscali and Comparafacile for “wild” telemarketing NORWEGIAN SUPERVISORY AUTHORITY: Record fee to Grindr remains in place GERMAN SUPERVISORY AUTHORITY: Berlin Group has adopted Working Paper on “Smart Cities” AUSTRALIAN SUPERVISORY AUTHORITY: Ongoing vigilance in data protection measures essential SWEDISH SUPERVISORY AUTHORITY: Administrative fine of SEK 35 million against Trygg-Hansa LIECHTENSTEIN SUPERVISORY AUTHORITY: New data protection law in Switzerland LATVIAN SUPERVISORY AUTHORITY: Data processing under loyalty programs DUTCH SUPERVISORY AUTHORITY: First Algorithmic Risks Report – Netherlands calls for additional action to control algorithmic and AI risks FINNISH SUPERVISORY AUTHORITY: Supervisory authorities continue investigating the Yango taxi service’s data transfers IRISH SUPERVISORY AUTHORITY: Back-to-school photos — Keeping information about your child safe POLISH SUPERVISORY AUTHORITY: Ryanair’s passenger verification procedure. The Polish SA reacts CANADIAN SUPERVISORY AUTHORITY: Social media companies should take steps to prevent unlawful data scraping CANADIAN SUPERVISORY AUTHORITY: Joint statement on data scraping and the protection of privacy CROATIAN SUPERVISORY AUTHORITY: Online workshop for DPOs: “GDPR – basic module” URUGUAYAN SUPERVISORY AUTHORITY: The National Data Protection Event was held on the 15th anniversary of Law Nº 18.331 AUSTRALIAN SUPERVISORY AUTHORITY: Data breaches seen as number one privacy concern, survey shows NORWEGIAN SUPERVISORY AUTHORITY: Meta case in Oslo District Court ITALIAN SUPERVISORY AUTHORITY: Whistleblowing: guarantees fixed for the employee who turns to Anac. Ok of the Authority to the Guidelines of the Anti-Corruption Authority DANISH SUPERVISORY AUTHORITY: Binding decision on TikTok FINNISH SUPERVISORY AUTHORITY: redirection to an online service did not meet the requirement of being easy to object to direct marketing PORTUGUESE SUPERVISORY AUTHORITY: CNPD President speaks on “REGULATION OF PERSONAL DATA” POLISH SUPERVISORY AUTHORITY: Further administrative fines for lack of cooperation with the DPA AUSTRALIAN SUPERVISORY AUTHORITY: meeting communique of the Association of Information Access Commissioners of Australia and New Zealand (AIAC) BELGIAN SUPERVISORY AUTHORITY: A new adequacy decision for data transfers to the United States POLISH SUPERVISORY AUTHORITY: Your data cannot be well protected without proper safeguards ROMANIAN SUPERVISORY AUTHORITY: new sanction for violating the GDPR ITALIAN SUPERVISORY AUTHORITY: Rinascente fined EUR 300,000. Numerous violations found in the processing of customer data BULGARIAN SUPERVISORY AUTHORITY: New adequacy decision of the European Commission for safe and trusted EU-US data flows SUPERVISORY AUTHORITY OF LUXEMBOURG: EUROPEAN COMMISSION ADOPTS NEW ADEQUACY DECISION ON US MALTESE SUPERVISORY AUTHORITY: EU – US Data Privacy Framework SUPERVISORY AUTHORITY OF LUXEMBOURG: Collection of images for Apple Maps BULGARIAN SUPERVISORY AUTHORITY: The CPDL opens a public consultation on a draft Regulation on the keeping of the register of alerts and on the referral of internal alerts to the Commission for Personal Data Protection FINNISH SUPERVISORY AUTHORITY: Resepti data protection survey: data protection is well implemented in the social security sector ICELANDIC SUPERVISORY AUTHORITY: Fine due to security weaknesses in Heilsuvera SWEDISH SUPERVISORY AUTHORITY: Four companies must stop using Google Analytics DANISH SUPERVISORY AUTHORITY: New guide on direct marketing POLISH SUPERVISORY AUTHORITY: More and more Poles recognise phishing, but only half of them know what to do if they click on link IRISH SUPERVISORY AUTHORITY: Failure to share information with a nursing home about a resident’s criminal convictions ITALIAN SUPERVISORY AUTHORITY: advertising e-mails without consent are unlawful. Inserting an unsubscribe link does not make the sending lawful POLISH SUPERVISORY AUTHORITY: Ineffective technical safeguards as a reason for imposing a fine SWISS SUPERVISORY AUTHORITY: 30th Annual Report 2022/2023: New law strengthens the FDPIC ITALIAN SUPERVISORY AUTHORITY: Sanctioned a Veneto local healthcare company for data breach. Health ticket exemption certificates sent to the wrong patients CANADIAN SUPERVISORY AUTHORITY: Roundtable of G7 Data Protection and Privacy Authorities SWISS SUPERVISORY AUTHORITY: Fedpol and the FOCBS under investigation CROATIAN SUPERVISORY AUTHORITY: consultation on the protection of personal data for micro, small and medium-sized entrepreneurs in Varaždin POLISH SUPERVISORY AUTHORITY: Only correct analysis helps to adapt measures and procedures to the assessed risk CANADIAN SUPERVISORY AUTHORITY: Canadians less confident that their privacy rights are being respected: poll SWEDISH SUPERVISORY AUTHORITY: Administrative fee against Spotify SUPERVISORY AUTHORITY OF LUXEMBOURG: PWC CYBERSECURITY & PRIVACY DAY PORTUGUESE SUPERVISORY AUTHORITY: EDPB APPROVES GUIDELINE FOR THE APPLICATION OF FINES DANISH SUPERVISORY AUTHORITY: Serious criticism and order to Boligportal for use of Facebook Business Tools CANADIAN SUPERVISORY AUTHORITY: new guidance on workplace privacy ITALIAN SUPERVISORY AUTHORITY: admonishes two banks; anti-money laundering: no to restricting right to access data if public information SUPERVISORY AUTHORITY OF LUXEMBOURG: EDPB LAUNCHES DATA PROTECTION GUIDE FOR SMALL BUSINESS CANADIAN SUPERVISORY AUTHORITY: OPC to investigate ChatGPT jointly with provincial privacy authorities BELGIAN SUPERVISORY AUTHORITY: GBA bans transfer of tax data of Belgian-American to the US IRISH SUPERVISORY AUTHORITY: Data Protection Commission announces conclusion of inquiry into Meta Ireland DANISH SUPERVISORY AUTHORITY: Complaint about Radius’ remote reading of electricity meters MALTESE SUPERVISORY AUTHORITY: EDPB adopts final version of Guidelines on facial recognition technology in the area of law enforcement WHO WE ARE CANADIAN SUPERVISORY AUTHORITY: Privacy Commissioner appeals Federal Court decision related to Facebook investigation POLISH SUPERVISORY AUTHORITY: DPA President does not agree with questioning of his independence by the Court POLISH SUPERVISORY AUTHORITY: Administrative fine for lack of personal data breach notification PORTUGUESE SUPERVISORY AUTHORITY: NEW GUIDELINES MALTESE SUPERVISORY AUTHORITY: IDPC launches Freedom of Information – Online complaints form CANADIAN SUPERVISORY AUTHORITY: Meaningful privacy obligations should apply to political parties GREEK SUPERVISORY AUTHORITY: Coordinated action on the role of Data Protection Officers NORWEGIAN SUPERVISORY AUTHORITY: Ban on processing of personal data for Statistics Norway SWISS SUPERVISORY AUTHORITY: Conclusion of the fact-finding procedure in relation to a database of private centres for COVID-19 testing MALTESE SUPERVISORY AUTHORITY: EDPB Launches Data Protection Guide for small business DANISH SUPERVISORY AUTHORITY: Serious criticism of the Danish National Police SLOVENIAN SUPERVISORY AUTHORITY: New guidelines on video surveillance under ZVOP-2 published LITHUANIAN SUPERVISORY AUTHORITY: Summary results of inspections of data protection officers CROATIAN SUPERVISORY AUTHORITY: EDPB: decision adopted in Meta IE case under Article 65 and Chat GPT working group established DUTCH SUPERVISORY AUTHORITY: Social Insurance Bank fined for inadequate identity checks CANADIAN SUPERVISORY AUTHORITY: OPC launches investigation into ChatGPT POLISH SUPERVISORY AUTHORITY: Long cooperation between controller and processor does not guarantee data security SUPERVISORY AUTHORITY OF LUXEMBOURG: RAISING YOUNG PEOPLE’S AWARENESS OF DIGITAL TECHNOLOGY CAREERS ISRAELI SUPERVISORY AUTHORITY: Israel and the EU collaborate NORWEGIAN SUPERVISORY AUTHORITY: Digital attacks and privacy BELGIAN SUPERVISORY AUTHORITY: AI and data breaches: the GBA gives a keynote and a webinar NORWEGIAN SUPERVISORY AUTHORITY: New sandbox project looks at facial recognition and police roBOTs POLISH SUPERVISORY AUTHORITY: Several infringements of the GDPR lead to administrative fine for housing community SUPERVISORY AUTHORITY OF LUXEMBOURG: CYBERSECURITY IN PRIMARY SCHOOLS SUPERVISORY AUTHORITY OF LUXEMBOURG: CNPD RAISES STUDENTS’ AWARENESS OF DATA PROTECTION SWISS SUPERVISORY AUTHORITY: concludes preliminary investigation into Mitto AG LITHUANIAN SUPERVISORY AUTHORITY: meeting of EU supervisory authorities on accreditation practices for certification bodies under the General Data Protection Regulation FINNISH SUPERVISORY AUTHORITY: investigation on the position of DPO in Finland – it is a part of a coordinated action by the EDPBoard MALTESE SUPERVISORY AUTHORITY: Launch of coordinated enforcement on role of Data Protection Officers AUSTRALIAN SUPERVISORY AUTHORITY: High Court clears way for OAIC case against Facebook to proceed PORTUGUESE SUPERVISORY AUTHORITY: SCHENGEN WITH NEW LEGAL FRAMEWORK CROATIAN SUPERVISORY AUTHORITY: Phishing attacks – how to recognize them and protect yourself POLISH SUPERVISORY AUTHORITY: Court dismissed P4’s complaint against the decision of DPA SUPERVISORY AUTHORITY OF LUXEMBOURG: EDPB WELCOMES IMPROVEMENTS UNDER THE EU-U.S. DATA PRIVACY FRAMEWORK, BUT CONCERNS REMAIN HOME AUSTRALIAN SUPERVISORY AUTHORITY: Cyber security incidents impact data breach risk CANADIAN SUPERVISORY AUTHORITY: OPC releases new Privacy Act Bulletin on virtual hiring MALTESE SUPERVISORY AUTHORITY: EDPB welcomes improvements under the EU-US Data Privacy Framework, but concerns remain. SUPERVISORY AUTHORITY OF LUXEMBOURG: EDPB PUBLISHES THREE GUIDELINES FOLLOWING PUBLIC CONSULTATION BELGIAN SUPERVISORY AUTHORITY: “Deceptive design patterns”: how to recognize and avoid them on social networks CANADIAN SUPERVISORY AUTHORITY: Commissioners launch joint investigation into TikTok DANISH SUPERVISORY AUTHORITY: Maturity audit in 2022 shows need for increased focus on e.g. deletion and impact assessment SUPERVISORY AUTHORITY OF LUXEMBOURG: UPDATING GOOGLE STREET VIEW IMAGES IN LUXEMBOURG ITALIAN SUPERVISORY AUTHORITY: Telemarketing: the user’s “no” must be registered immediately – Healthcare: greater guarantees are needed for cross-border prescriptions – Cloud in the PA: the EU Authorities ask for respect for privacy POLISH SUPERVISORY AUTHORITY: Technical and organisational measures should be complementary SUPERVISORY AUTHORITY OF LUXEMBOURG: RANSOMWARE: WHAT IS IT AND HOW TO REACT IN THE EVENT OF AN ATTACK? DANISH SUPERVISORY AUTHORITY: Use of cookie walls ISLE OF MAN SUPERVISORY AUTHORITY: FOI Decision Notice Issued 10 February 2023 – Department of Infrastructure AUSTRALIAN SUPERVISORY AUTHORITY: welcomes release of Privacy Act report CYPRIOT SUPERVISORY AUTHORITY: Presidential Elections 2023 – Audits and complaints of second round / repeat Voting SLOVENIAN SUPERVISORY AUTHORITY: Seminars for the public sector on the new Personal Data Protection Act (ZVOP-2) NORWEGIAN SUPERVISORY AUTHORITY: The supervisory activities in 2023 LIECHTENSTEIN SUPERVISORY AUTHORITY: State of the art SLOVENIAN SUPERVISORY AUTHORITY: Refreshing the Google Street View service GREEK SUPERVISORY AUTHORITY: Results of the first EDPS Coordinated Action on the use of cloud services in the public sector DANISH SUPERVISORY AUTHORITY: Clarification of rules for deleting personal data at the end of research projects NORWEGIAN SUPERVISORY AUTHORITY: Hearing response to the Norwegian Privacy Commission GREEK SUPERVISORY AUTHORITY: 17th Data Protection Day – Press Release of the Authority BELGIAN SUPERVISORY AUTHORITY: Cookie banners: The EDPB publishes examples of non-compliant practices NORWEGIAN SUPERVISORY AUTHORITY: Webinar: How should we keep the algorithms in mind? NORWEGIAN SUPERVISORY AUTHORITY: Six applied to the sandbox ROMANIAN SUPERVISORY AUTHORITY: A new sanction for breach of the GDPR NORWEGIAN SUPERVISORY AUTHORITY: violation fee at Sats SLOVENIAN SUPERVISORY AUTHORITY: What do event organizers need to know about personal data protection? ICELANDIC SUPERVISORY AUTHORITY: International Cybersecurity Day – an educational initiative by the Privacy and Media Commission FINNISH SUPERVISORY AUTHORITY: The GDPR2DSM project promoted the data protection expertise of SMEs – a data protection tool available as open source code CROATIAN SUPERVISORY AUTHORITY: Safer Internet Day is celebrated – let’s protect our virtual identity! FINNISH SUPERVISORY AUTHORITY: Pay attention to the data protection regulations in election campaigning – data protection legislation must also be followed when processing personal data collected via social media DANISH SUPERVISORY AUTHORITY: Use of spy pixels in connection with sending out the newsletter ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation ICELANDIC SUPERVISORY AUTHORITY: What does the protection of personal data achieve? ROMANIAN SUPERVISORY AUTHORITY: Penalty for GDPR violation LIECHTENSTEIN SUPERVISORY AUTHORITY: Encryption ISRAELI SUPERVISORY AUTHORITY: publishes a first of its kind document on privacy and data protection in the use of Deepfake technologies. DANISH SUPERVISORY AUTHORITY: New campaign focuses on the fact that GDPR is for citizens LITHUANIAN SUPERVISORY AUTHORITY: “SolPriPa 2 WORK” project closure and Data Protection Day 2023 conference ISLE OF MAN SUPERVISORY AUTHORITY: FOI Decision Notice Issued 17 January 2023 – Radio Manx Limited ICELANDIC SUPERVISORY AUTHORITY: World Privacy Day – 28 January SLOVENIAN SUPERVISORY AUTHORITY: Event on the occasion of the European Day of Personal Data Protection PORTUGUESE SUPERVISORY AUTHORITY: NATIONAL ‘PNR’ LAW MUST BE REVIEWED PORTUGUESE SUPERVISORY AUTHORITY: GUIDELINE ON SAFETY MEASURES PORTUGUESE SUPERVISORY AUTHORITY: DATA PROTECTION DAY IS CELEBRATED ON JANUARY 28TH SUPERVISORY AUTHORITY OF LUXEMBOURG: HOSTED A CONFERENCE ON THE METAVERSE ICELANDIC SUPERVISORY AUTHORITY: New rules for electronic monitoring LITHUANIAN SUPERVISORY AUTHORITY: congratulates on the occasion of Data Protection Day CROATIAN SUPERVISORY AUTHORITY: The European Day for the Protection of Personal Data was marked with the GDPR conference “Data Protection Officer – the job of the future” LIECHTENSTEIN SUPERVISORY AUTHORITY: Artificial intelligence: curse, blessing or both? CANADIAN SUPERVISORY AUTHORITY: Statement by the Privacy Commissioner of Canada following an investigation into Home Depot of Canada Inc.’s compliance with PIPEDA SLOVENIAN SUPERVISORY AUTHORITY: The new Personal Data Protection Act (ZVOP-2) enters into force today SLOVENIAN SUPERVISORY AUTHORITY: welcomes the ratification of the Council of Europe Convention on Access to Official Documents ISLE OF MAN SUPERVISORY AUTHORITY: Data Protection Day – 28 January SWEDISH SUPERVISORY AUTHORITY: Fine against Region Dalarna ITALIAN SUPERVISORY AUTHORITY: Healthcare: Guarantor sanctions three Friulian local health authorities for using the algorithm – Whistleblowing: yes from the Guarantor to the transposition of the EU directive – Transparency and work decree: the first indications from the Guarantor – OK from the Guarantor to the new Charter of culture BELGIAN SUPERVISORY AUTHORITY: Cloud services in government: report from the EDPB and comments from the GBA DANISH SUPERVISORY AUTHORITY: Storage of personal data for documentation purposes SLOVENIAN SUPERVISORY AUTHORITY: The MGRT must disclose the Investment Document for the investment Istrabenz turizem, dd, which was adopted by the Government IRISH SUPERVISORY AUTHORITY: Data Protection Commission announces conclusion of inquiry into WhatsApp FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board published recommendations on the use of public sector cloud computing DANISH SUPERVISORY AUTHORITY investigates hospital’s use of Instagram DANISH SUPERVISORY AUTHORITY: EDPB adopts report on the use of cloud after coordinated efforts CROATIAN SUPERVISORY AUTHORITY: Adopted public sector cloud usage reports and cookie banner design report ROMANIAN SUPERVISORY AUTHORITY: Fine for GDPR violation DANISH SUPERVISORY AUTHORITY: Supervision of governmental authorities’ supervision of data processors NORWEGIAN SUPERVISORY AUTHORITY: Hearing in the Storting on collection from open sources MALTESE SUPERVISORY AUTHORITY: issues Accreditation Requirements for Code of Conduct Monitoring Bodies LITHUANIAN SUPERVISORY AUTHORITY: Protection of personal data: what do Lithuanian residents think? FINNISH SUPERVISORY AUTHORITY: Deputy Data Protection Ombudsman issues reprimand for conveying library search information to US-based Google NORWEGIAN SUPERVISORY AUTHORITY: Reprimand to The Norwegian Church for processing children’s personal data ISLE OF MAN SUPERVISORY AUTHORITY: Revised Personal Data Breach Documents GREEK SUPERVISORY AUTHORITY: fine imposed on Intellexa AE for non-cooperation with the Authority SLOVAKIAN SUPERVISORY AUTHORITY: Facebook and Instagram fined for using personal data for behavioral advertising FINNISH SUPERVISORY AUTHORITY: EDPB published dispute resolution decisions regarding Facebook and Instagram – “significant impact on the use of personal data in behavioral advertising” DANISH SUPERVISORY AUTHORITY: New checklist for schools on the use of images and video CROATIAN SUPERVISORY AUTHORITY: “DPO – the job of the future” conference on the occasion of the European Day of Personal Data Protection DANISH SUPERVISORY AUTHORITY: The whistleblower scheme’s first year ROMANIAN SUPERVISORY AUTHORITY: Sanction for the GDPR infringement GREEK SUPERVISORY AUTHORITY: Invitation to data protection professionals to complete a questionnaire in the framework of the byDefault project LITHUANIAN SUPERVISORY AUTHORITY: The company managing sports clubs has been fined for processing biometric data and other violations of the GDPR SLOVENIAN SUPERVISORY AUTHORITY: The Information Commissioner welcomes the decision of the Constitutional Court, which stopped the use of IMSI catchers DANISH SUPERVISORY AUTHORITY: The Irish Data Protection Authority issues another fine to Meta of 390 million euros NORWEGIAN SUPERVISORY AUTHORITY: Infringement fines for Facebook and Instagram DANISH SUPERVISORY AUTHORITY: Disclosure and subsequent use of information by lawyers PROMANIAN SUPERVISORY AUTHORITY: enalty for GDPR violation IRISH SUPERVISORY AUTHORITY: Data Protection Commission announces conclusion of two inquiries into Meta Ireland ROMANIAN SUPERVISORY AUTHORITY: Fine for GDPR violation GERMAN SUPERVISORY AUTHORITY: EDPB calls for implementation of the judgment on the PNR Directive ITALIAN SUPERVISORY AUTHORITY: Italian SA fines US company offering diabetes app. Email accounts of about 2,000 Italian diabetic patients were processed unlawfully SPANISH SUPERVISORY AUTHORITY: Privacy in whistleblowing systems FINNISH SUPERVISORY AUTHORITY: The Supervisory Authority presented an initiative to the Finnish National Board of Education on the processing of personal data in educational applications FRENCH SUPERVISORY AUTHORITY: COVID-19 – formal notice to Francetest for insufficient security of health data SWEDISH SUPERVISORY AUTHORITY: IMY and AI Sweden are cooperating on the artificial intelligence and personal data protection AUSTRALIAN SUPERVISORY AUTHORITY: OAIC finds against 7-Eleven over facial recognition DANISH SUPERVISORY AUTHORITY: new decision – personal data protection breach at Dantherm EUROPEAN DATA PROTECTION BOARD: The Norwegian Data Protection Authority – Ferde AS fined DUTCH SUPERVISORY AUTHORITY: Dutch regulators strengthen supervision of digital activities through increased cooperation ITALIAN SUPERVISORY AUTHORITY: Work – the Italian Authority gives green light for new ways to verify the green pass NORWEGIAN SUPERVISORY AUTHORITY: The Norwegian Authority and the Norwegian Consumer Association are fight together in order to make cookies rules stricter DANISH SUPERVISORY AUTHORITY: What is happen to the EDPB in 2020? SWEDISH SUPERVISORY AUTHORITY: IMY starts the review of Ombudsman for Civic Discrimination LATVIAN SUPERVISORY AUTHORITY: #DVI explains – “explanation on processing of personal data in an educational institution in order to provide face-to-face learning during Covid-19” HONG KONG SUPERVISORY AUTHORITY: The Personal Data Ordinance 2021 Takes Effect Today to Criminalise Doxxing Acts NEW ZEALAND SUPERVISORY AUTHORITY: Biometric and privacy FRENCH SUPERVISORY AUTHORITY: CNIL publishes a new White Paper on payment data and means of payment SPANISH SUPERVISORY AUTHORITY: Anonymisation and pseudonymisation BULGARIAN SUPERVISORY AUTHORITY: The Personal Data Protection Commission has expressed an opinion on the personal data processing on the vaccination status DANISH SUPERVISORY AUTHORITY: data processing agreement – shall I use the Danish model or the European Standard Contractual Clauses? ITALIAN SUPERVISORY AUTHORITY: The Authority says yes to smart cities, but people’s data must be protected ITALIAN SUPERVISORY AUTHORITY: marketing – the Italian DPA says no to the usage of data of LinkedIn users ITALIAN SUPERVISORY AUTHORITY: video surveillance – it has been sanctioned a blind Institute NORWEGIAN SUPERVISORY AUTHORITY: Ultra-Technology AS has been sanctioned AUSTRALIAN SUPERVISORY AUTHORITY: GPEN Sweep finds significant involvement of data protection authorities in COVID-19 solutions DANISH SUPERVISORY AUTHORITY: New decision – supervision of Dating-dk NORWEGIAN SUPERVISORY AUTHORITY: Sanction for St. Olav Hospital FRENCH SUPERVISORY AUTHORITY: cyber month – the CNIL is compromised for the digital security NORWEGIAN SUPERVISORY AUTHORITY: Sanction to the Høylandet municipality SPANISH SUPERVISORY AUTHORITY: Teachers and their importance in the personal data protection and privacy POLISH SUPERVISORY AUTHORITY: The EDPB adopts opinion on draft South Korea Adequacy Decision NORWEGIAN SUPERVISORY AUTHORITY: consultation response on investigations at the Norges Bank FRENCH SUPERVISORY AUTHORITY: Automated Fingerprint Database – memo from the Interior Ministry ITALIAN SUPERVISORY AUTHORITY: smartphone – pay attention to the microphone always turned on DANISH SUPERVISORY AUTHORITY: The Danish Cancer Society has been sanctioned FINNISH SUPERVISORY AUTHORITY: The Data Protection Authority Office published its annual activity report 2020 FINNISH SUPERVISORY AUTHORITY: Personal data unlawful processing notice to the police for having used facial recognition software LIECHTENSTEIN SUPERVISORY AUTHORITY: technical and organizational measures (TOMs) BELGIAN SUPERVISORY AUTHORITY: APD is using the artificial intelligence in order to facilitate the access on its documents NORWEGIAN SUPERVISORY AUTHORITY: Ferde AS has been sanctioned DANISH SUPERVISORY AUTHORITY: news on the transfers of personal data in South Korea BULGARIAN SUPERVISORY AUTHORITY: CPDP publishes its internal rules on the conduct of its supervisory activities EUROPEAN DATA PROTECTION BOARD: EDPB establishes cookie banner taskforce SUPERVISORY AUTHORITY OF HONG KONG: A Former Clerical Assistant of the Immigration Department was Sentenced to Imprisonment for 45 Months for Doxxing EUROPEAN DATA PROTECTION BOARD: EDPB adopts opinion on draft South Korea Adequacy Decision URUGUAYAN SUPERVISORY AUTHORITY: open registration – personal data protection national event AUSTRALIAN SUPERVISORRY AUTHORITY: International Access to Information Day 2021 AUSTRALIAN SUPERVISORY AUTHORITY: Information access commissioners and ombudsmen make recommendations to support Open by Design Principles FRENCH SUPERVISORY AUTHORITY: The CNIL publishes temporary recommendations for the quality control of experimentations during the health crisis DANISH SUPERVISORY AUTHORITY: new guidelines for sanctions – assessment of fines to natural person EUROPEAN DATA PROTECTION SUPERVISOR: EDPS welcomes AML package but suggests improvements to protect individuals’ personal data SUPERVISORY AUTHORITY OF HONG-KONG: Privacy Commissioner Publishes an Article on “Guidance on the Ethical Development and Use of Artificial Intelligence” ITALIAN SUPERVISORY AUTHORITY: School – professors cannot ask information on the student’s vaccination status DANISH SUPERVISORY AUTHORITY: new decision – serious criticisms to the tax administration in case of notification FINNISH SUPERVISORY AUTHORITY: Supreme Administrative Court – termination of employment of the head of the Åland Data Protection Authority ICELANDIC SUPERVISORY AUTHORITY: Facebook View – Italian and Irish Data Protection Authority’s declarations DANISH SUPERVISORY AUTHORITY: new decision – monitoring of the compliance with the obligation of inform on rapid test of the primary school FRENCH SUPERVISORY AUTHORITY: AP-HP health data leak – what to do if you are affected? FRENCH SUPERVISORY AUTHORITY: CNIL launches a public consultation on a draft guide on recruitment SWEDISH SUPERVISORY AUTHORITY: IMY starts investigations of debt collection agencies CANADIAN SUPERVISORY AUTHORITY: G7 Data Protection and Privacy Authorities meet to discuss challenges of regulating in an increasingly digital world SLOVENIAN SUPERVISORY AUTHORITY: Guidelines on the PCT conditions assessment IRISH SUPERVISORY AUTHORITY: Data Protection Commission statement concerning Facebook View FRENCH SUPERVISORY AUTHORITY: the first personal data protection authorities G7 – an international debate on the cooperation into the digital regulation BRITISH SUPERVISORY AUTHORITY: We Buy Any Car, Sports Direct and Saga fined £495,000 after sending millions of ‘frustrating and intrusive’ nuisance messages. URUGUAYAN SUPERVISORY AUTHORITY: It has been introduced changes to the international transfers of data system in Uruguay DANISH SUPERVISORY AUTHORITY: Don’t forget to use the new Standard Contractual Clauses DANISH SUPERVISORY AUTHORITY: The Southern Denmark region has been sanctioned CANADIAN SUPERVISORY AUTHORITY: Back to school tips for playing it safe online DUTCH SUPERVISORY AUTHORITY: Guideline to the Municipal Debt Assistance Act NEW ZEALAND SUPERVISORY AUTHORITY: Privacy Commissioner warns against paper-based contact tracing registers IRISH SUPERVISORY AUTHORITY: Overview of the upcoming new breach notification web-forms SUPERVISORY AUTHORITYOF HONG KONG: PCPD Publishes A Set of FAQ on the European Commission’s New Standard Contractual Clauses FRENCH SUPERVISORY AUTHORITY: the Société nouvelle de l’annuaire français (SNAF) has been sanctioned with a fine of 3.000 euros BELGIAN SUPERVISORY AUTHORITY: the APD approves its first national code of conduct FRENCH SUPERVISORY AUTHORITY: Rejecting cookies should be as easy as accepting them: the results of the second notice campaign and future actions NEW ZEALAND SUPERVISORY AUTHORITY: Privacy Commissioner issues first compliance notice to Reserve Bank of New Zealand SPANISH SUPERVISORY AUTHORITY: Who is the data controller in an educational center? Why is it important using the Data Protection Officer? DUTCH SUPERVISORY AUTHORITY: CZ changes the procedure after the AP investigation FINNISH SUPERVISORY AUTHORITY: The Finnish Data Protection Authority has shared questions about cookie consent to Traficom – a new guideline on Traficom cookie policy IRISH SUPERVISORY AUTHORITY: DPC launches two inquiries into TikTok concerning compliance with GDPR requirements relating to the processing of childrens’ personal data and transfers of data to China SUPERVISORY AUTHORITY OF HONG-KONG: A Webinar on “the New Standard Contractual Clauses of the EU for Transfer of Personal Data from EU to Non-EU Regions” ITALIAN SUPERVISORY AUTHORITY: say no to the spreading on the website of the Region of personal data that can reveal an economical disease ITALIAN SUPERVISORY AUTHORITY: Roma Capitale, parking are not protected by drivers. The Italian DPA sanctions the Municipality and Atac ITALIAN SUPERVISORY AUTHORITY: Bodycam, the green light of the Italian DPA but without the facial recognition SUPERVISORY AUTHORITY OF HONG-KONG: Privacy Commissioner Delivered a Keynote Speech at an International Roundtable on Ethics of Artificial Intelligence 225 million euros sanction to WhatsApp, triggered by the mechanism of cooperation and consistency LITHUANIAN SUPERVISORY AUTHORITY: it has been revised the cooperation between the Baltic Data Protection Authorities FRENCH SUPERVISORY AUTHORITY: the CNIL offers a self-assessment in the data protection management SUPERVISORY AUTHORITY OF HONG-KONG: An Estate Agent Convicted for Violating Direct Marketing Restriction Privacy Commissioner Welcomes the Court’s Ruling CYPRIOT SUPERVISORY AUTHORITY: deficiencies into APOEL and OMONIA ticketing systems – DECISIONS POLISH SUPERVISORY AUTHORITY: EDPB requests that Irish SA amends WhatsApp decision 225-million-euro maxi sanction, WhatsApp has breached the European privacy legislation ITALIAN SUPERVISORY AUTHORITY: drone on the beach and into cities: the Italian Data Protection Authority starts three investigations IRISH SUPERVISORY AUTHORITY: Data Protection Commission announces decision in WhatsApp inquiry NORWEGIAN SUPERVISORY AUTHORITY: decision on orders upon the Norwegian prison service and parole DANISH SUPERVISORY AUTHORITY: What rules apply to body cameras? SUPERVISORY AUTHORITY OF LUXEMBOURG: Alain Herrmann has been appointed as Commissioner GERMAN SUPERVISORY AUTHORITY: BfDI on the vaccination and tests status employer’s check FRENCH SUPERVISORY AUTHORITY: the EDPB specifies the conditions for the storage of the credit card’s numbers by online retailers inside the European Union They were using the facial recognition in order to find out clients with pending procedures with the justice, it has been imposed a sanction of 2.5 million euros to the supermarket chain ITALIAN SUPERVISORY AUTHORITY: privacy authority: green light for news green pass monitoring arrangements in schools FINNISH SUPERVISORY AUTHORITY: recently responses on the coronavirus FAQ ESTONIAN SUPERVISORY AUTHORITY: on the usage of different computer in order to issue covid passports Privacy Principles: A correct and precise impact assessment is a suitable tool for compliance with the principles of privacy by design and by default SPANISH SUPERVISORY AUTHORITY : for a responsible sharenting, also in summer POLISH SUPERVISORY AUTHORITY: Media with personal data must be protected CZECH SUPERVISORY AUTHORITY: UOOU has contacted the Justice Ministry for the notification register NORWEGIAN SUPERVISORY AUTHORITY: sanction to Waxing Palace AS GREEK SUPERVISORY AUTHORITY: opinion on a draft law of the Finance Minister for the implementation of the (EU) Directive 2019/1153 Data: Another misstep by Sicily Region? Health services not paid to patients who do not give their data to the RIAP DANISH SUPERVISORY AUTHORITY: complaint for a photo posted on the Prime Minister Facebook page FRENCH SUPERVISORY AUTHORITY: Three-months breaches: messaging service attacks ITALIAN SUPERVISORY AUTHORITY: Green pass, the Authority replies to Piemonte Region Union agreement does not enough: worker needs to be properly informed about internet navigation control CYPRIOT SUPERVISORY AUTHORITY: Security lack in ticketing systems of APOEL and OMONOIA DANISH SUPERVISORY AUTHORITY: personal data protection and “connected cars” FINNISH SUPERVISORY AUTHORITY: personal data shall not be recollected from clients without their acknowledge AUSTRALIAN SUPERVISORY AUTHORITY: Investigation into Optus The “Sunset Clause”: transfers of data to abroad in the adequacy decision of the United Kingdom Amazon has been sanctioned with a record fine of 746 million euros for having breached the privacy POLISH SUPERVISORY AUTHORITY: the WSA has rejected the complaint of SGGW against the decision of the sanction of the UODO president. What does skimmin mean? FRENCH SUPERVISORY AUTHORITY: the Luxembourg Personal Data Protection Authority has infringed to Amazon Europe Core a sanction of 746 million euro It has been sanctioned a scholar institute: health data of an employee are published online DANISH SUPERVISORY AUTHORITY: it has been approved the code of conduct of the Ministry of the ecclesiastical affairs ITALIAN SUPERVISORY AUTHORITY: Whisteblowin, Authority, there is the need to provide better protections for the reporting ITALIAN SUPERVISORY AUTHORITY: Rider, the Privacy Authority sanctions Deliveroo Italy for 2.5 million euro ITALIAN SUPERVISORY AUTHORITY: Data retention, the Italian DPA asks for reform NEW ZEALAND SUPERVISORY AUTHORITY: Privacy Commissioner responds to RNZ reporting of personal information from Waikato DHB breach SUPERVISORY AUTHORITY OF HONG-KONG: PCPD Launches a Series of Publications and Activities to Promote Children Privacy SLOVENIAN SUPERVISORY AUTHORITY: the Information Commissioner (IP) is not familiar with any of the previous version of the proficiency testing questions NIJZ PCT POLISH SUPERVISORY AUTHORITY: The EDPB has adoptd a binding decision on WhatsApp Ireland LATVIA SUPERVISORY AUTHORITY: #DVI explain: “the legal basis for the personal data processing when the processing is necessary in order to fulfil a legal obligation” ROMANIAN SUPERVISORY AUTHORITY: sanction for having breached the GDPR NEW ZEALAND SUPERVISORY AUTHORITY: The COVID-19 vaccination and privacy rights FRENCH SUPERVISORY AUTHORITY: Cookies: sanction of 50.000 Eur against the company SOCIÉTÉ DU FIGARO FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board has taken a binding decision on WhatsApp in the dispute settlement procedure EUROPEAN DATA PROTECTION BOARD: EDPB adopts Art. 65 decision regarding WhatsApp Ireland EUROPEAN DATA PROTECTION SUPERVISOR: “Schengen evaluations”: individuals’ fundamental rights are a priority SLOVENIAN SUPERVISORY AUTHORITY: transfers towards the United Kingdom: the European Commission has issued the adequacy decisions. FRENCH SUPERVISORY AUTHORITY: lobbying file: sanction of 400.000 EUR against MONSANTO company LITHUANIAN SUPERVISORY AUTHORITY: regular employee testing and personal data protection ITALIAN SUPERVISORY AUTHORITY: simplify privacy policy by the method “Creative Commons”. Memorandum of understanding between Italian DPA and Creative Commons FAQ of the Italian Data Protection Authority and Accredia: the world of certification according to the GDPR POLISH SUPERVISORY AUTHORITY: codes of conduct like a safeguard in data transfers ROMANIAN SUPERVISORY AUTHORITY: decision n. 20 of the 24th of June 2021 ITALIAN SUPERVISORY AUTHORITY: Pegasus, the Italian Data Protection Authority asks some information to the company that is sharing the software POLISH SUPERVISORY AUTHORITY: the supervisor authority and data subject shall be informed on the accident DUTCH SUPERVISORY AUTHORITY: AP critics the public Transparency Register for Healthcare AUSTRALIAN SUPERVISORY AUTHORITY: Uber found to have interfered with privacy It has been signed the memorandum of understanding: Italian Data Protection Authority and Torino Wireless FRENCH SUPERVISORY AUTHORITY: Sanction of 1.75 million euros against AG2R LA MONDIALE DUTCH SUPERVISORY AUTHORITY: TikTok has been sanctioned for children’s privacy breach FRENCH SUPERVISORY AUTHORITY: warning by the CNIL on the extension of the health card FINNISH SUPERVISORY AUTHORITY: Guidelines of the European data Protection Board on a code of conduct like an instrument for the transmission of data, virtual voice assistances and definition of the data controller and processor Spyware Pegasus: a free instrument in order to verify if your smartphone has been hacked EUROPEAN COUNCIL: Convention 108+ for the personal data protection also in Latin America FRENCH SUPERVISORY AUTHORITY: closure of the order against AMAZON BRITISH SUPERVISORY AUTHORITY: New toolkit launched to help organisations using AI to process personal data understand the associated risks and ways of complying with data protection law ITALIAN SUPERVISORY AUTHORITY: the authority says yes to the Agid Guidelines on the interoperability of public data banks ITALIAN SUPERVISORY AUTHORITY: the authority says yes to higher protection of judicial data ITALIAN SUPERVISORY AUTHORITY: FSE: patients have the right to choose which data must be obscured CANADIAN SUPERVISORY AUTHORITY: OPC, NSIRA sign MOU to work collaboratively on privacy issues of mutual interest GREEK SUPERVISORY AUTHORITY: right of access of minor’s personal data of parents NORWEGIAN SUPERVISORY AUTHORITY: it closes the case IB FRENCH SUPERVISORY AUTHORITY: reject cookies shall be easily as accept them: the CNIL implement a second series of formal warnings POLISH SUPERVISORY AUTHORITY: is now available the polish version of the facial recognition guidelines BRITISH SUPERVISORY AUTHORITY: Blog: Reflecting on the past five years of fundraising and data protection regulation POLISH SUPERVISORY AUTHORITY: EDPB. The Irish Data Protection Authority will not implement definitive nature measures, but it will conduct a proceeding FRENCH SUPERVISORY AUTHORITY: code of conduct: the CNIL releases a first approval of a supervisory body EUROPEAN DATA PROTECTION BOARD: EDPB adopts urgent binding decision: Irish SA not to take final measures but to carry out statutory investigation FINNISH SUPERVISORY AUTHORITY: the European Data Protection Board adopts a decision in an urgent case against Facebook IE DANISH SUPERVISORY AUTHORITY: updated guideline on third country’s transfers SUPERVISORY AUTHORITY OF HONG-KONG: Gazetta of Personal Data Bill 2021 on 16 July BRITISH SUPERVISORY AUTHORITY: Statement on ICO investigation into Department of Health and Social Care CCTV footage DUTCH SUPERVISORY AUTHORITY: the AP clarifies the sharing of the blacklist with other sectors EUROPEAN DATA PROTECTION BOARD: Guidelines 04/2021 on codes of conduct as tools for transfers What does “formatting” mean? ITALIAN SUPERVISORY AUTHORITY: GDPR and the personal data processing certification, the FAQ with the first clarifications set up by the Italian Authority and Accredia POLISH SUPERVISORY AUTHORITY: EDPB: guidelines on concept of data controller and data processor have been adopted after the consultation FINNISH SUPERVISORY AUTHORITY: excessive data shall not be recollected or share for complaints of insurance companies ICELANDIC SUPERVISORY AUTHORITY: the electronic control in a small apartment house is considered illegal Consumers complain WhatsApp to the European Commission, users forced to accept non-transparent privacy conditions International data protection developments, the +108 convention POLISH SUPERVISORY AUTHORITY: EDPB on codes of conduct as an instrument for transfer of data towards third countries ITALIAN SUPERVISORY AUTHORITY: E-summer privacy LUXEMBOURG SUPERVISORY AUTHORITY: CONSEQUENCES OF THE BREXIT FOR INTERNATIONAL TRANSFERENCE OF DATA LATVIA SUPERVISORY AUTHORITY: proof of compliance of workers with criteria for the application of facilitation of epidemiological requirements CYPRIOT SUPERVISORY AUTHORITY: responses to FAQ on personal data protection, with regard to the implementation of the Decree of the 8th July 2017 FINNISH SUPERVISORY AUTHORITY: the Authority has taken the first decision as lead supervisory authority in a cross-border case: the access right has not been exercised in compliance with personal data protection legislation ITALIAN SUPERVISORY AUTHORITY: COOKIES: new guidelines in order to protect users DANISH SUPERVISORY AUTHORITY: Medicals Nordic I/AS has been sanctioned FRENCH SUPERVISORY AUTHORITY: Artificial intelligence: the opinion of the CNIL and its counterparts on the future European regulation POLISH SUPERVISORY AUTHORITY: Take care of your data – they don’t have a holiday PHILIPPINE SUPERVISORY AUTHORITY: NPC’s new initiative on ASEAN cross-border tools to boost PH digital competitiveness PHILIPPINE SUPERVISORY AUTHORITY: A Stronger Data Privacy Law Sought in Proposed Amendments They share them with Google and Facebook: Apps to help people get rid of drug addiction access personal data FINNISH SUPERVISORY AUTHORITY: the privacy protection of data subject shall be taken into account when it is implemented an electric lock system in a residential building DANISH SUPERVISORY AUTHORITY: the Authority is investigating on the data resellers DANISH SUPERVISORY AUTHORITY: private company is going to be sanctioned DUTCH SUPERVISORY AUTHORITY: UWV has been sanctioned for poor security while sending group messages BRITISH SUPERVISORY AUTHORITY: ICO publishes annual tracking research GREEK SUPERVISORY AUTHORITY: proportionality principle breach with a reference in a newspaper article to movable property seized FRENCH SUPERVISORY AUTHORITY: the CNIL remembers all the principles that need to be respected in order to distribute to doctors the list of no-vaccinated patients DANISH SUPERVISORY AUTHORITY: three tips, how to avoid being tracked DANISH SUPERVISORY AUTHORITY: registration of phone calls by the Danish Business Authority Key principle of the GDPR: Accountability, increasingly oriented to a logic of performance NORWEGIAN SUPERVISORY AUTHORITY: consultation response on proposals of new legislation for cross borders POLISH SUPERVISORY AUTHORITY: the Central Statistical Office will recollect less data of other water and sewage companies ITALIAN SUPERVISORY AUTHORITY: Rider: Italian Authority says no to discrimination based on algorithms. Original news Sanction of 2.6 million euros to a platform of the Glovo group FINNISH SUPERVISORY AUTHORITY: final version of the recommendations of the European Data Protection Board on guarantees in order to integrate transfers instruments CROATIAN SUPERVISORY AUTHORITY: issued the new administrative sanctions SPANISH SUPERVISORY AUTHORITY: Evaluates-Risk GDPR PORTUGUESE SUPERVISORY AUTHORITY: CNPD has accused the Lisboan Municipality MALTESE SUPERVISORY AUTHORITY: EDPB and EDPS joint opinion on the use of AI for automated recognition of human features in publicly accessible spaces BULGARIAN SUPERVISORY AUTHORITY: the European Commission adopts two decision on the adequacy level of personal data protection by the United Kingdom DANISH SUPERVISORY AUTHORITY: new practices for municipalities to publish personal information in web storage which are publicly available BRITISH SUPERVISORY AUTHORITY: Leeds firm fined £200,000 for illegal nuisance calls NORWEGIAN SUPERVISORY AUTHORITY: it is asking the declaration of Shinigami Eyes ITALIAN SUPERVISORY AUTHORITY: pay attention to the ransomware. The program which is taking as a hostage your device SWEDISH SUPERVISORY AUTHORITY: IMY revises the video surveillance of video cameras in the primary school FINNISH SUPERVISORY AUTHORITY: joint opinion of the European Data Protection Board and of the European Data Protection Supervisor on the usage of the IA for the automatic identification BULGARIAN SUPERVISORY AUTHORITY: an agreement on personal data protection of consumer has been signed by the CPPD and NAPA GERMAN SUPERVISORY AUTHORITY: adoption of adequacy decision of the United Kingdom FINNISH SUPERVISORY AUTHORITY: the European Commission has taken two adequacy decision on the personal data protection in the UK POLISH SUPERVISORY AUTHORITY: the property and mortgage registration number easily identifies the owner of the property NORWEGIAN SUPERVISORY AUTHORITY: the European commission with an adequacy decision for the United Kingdom FRENCH SUPERVISORY AUTHORITY: reject cookies shall be easy like accept them: compliance of all the non-compliant organization and future actions of the CNIL DANISH SUPERVISORY AUTHORITY: the United Kingdom has been recognized as safe third country PORTUGUESE SUPERVISORY AUTHORITY: legal notice on cookies of the CNPD FRENCH SUPERVISORY AUTHORITY: exercise of right by mandate: the CNIL publishes it recommendation DANISH SUPERVISORY AUTHORITY: new decision of the European Court of Justice on the “one-stop-shop” LITHUANIAN SUPERVISORY AUTHORITY: higher revision of the personal data protection in Lithuania in 2020 SWEDISH SUPERVISORY AUTHORITY: IMY is right on the facial recognition SLOVAKIAN SUPERVISORY AUTHORITY: Decision of the Court of Justice in Latvijas Republikas Saeima POLISH SUPERVISORY AUTHORITY: EDPB and EDPS on the law draft on artificial intelligence FRENCH SUPERVISORY AUTHORITY: the CNIL publishes temporally recommendation for the quality control of clinical experimentation during the health crisis EUROPEAN COMMISSION: EU Cybersecurity: Commission proposes a Joint Cyber Unit to step up response to large-scale security incidents CANADIAN SUPERVISORY AUTHORITY: Privacy Commissioner announces new funding recipients for independent research and awareness projects SWEDISH SUPERVISORY AUTHORITY: IMY starts investigations on Avanza e Länsförsäkringar BRITISH SUPERVISORY AUTHORITY: Nuisance calls land home improvements company with a £130,000 fine from the ICO ITALIAN SUPERVISORY AUTHORITY: Data protection authority says no to indiscriminate control of workers ITALIAN SUPERVISORY AUTHORITY: Authority to the Mayor: off from the social profile of video and images of disadvantages children ITALIAN SUPERVISORY AUTHORITY: the Authority sanctions Iren with a fine of 3.000.000 EUR NORWEGIAN SUPERVISORY AUTHORITY: sanction for the access to the email boxes of ex-employees and a failure of non-completion of the email box SWEDISH SUPERVISORY AUTHORITY: the human factor behind the majority of accidents SWEDISH SUPERVISORY AUTHORITY: bodycams of SL are against the law POLISH SUPERVISORY AUTHORITY: data transference to third countries in compliance with the GDPR DUTCH SUPERVISORY AUTHORITY: privacy regulators ask to prohibit the facial recognition NORWEGIAN SUPERVISORY AUTHORITY: update guideline on Schrems II by the EDPB LUXEMBOURG SUPERVISORY AUTHORITY: RECOMMENDATIONS OF THE EDPB ON THE ADDITIONAL MEASURES SUPERVISORY AUTHORITY OF HONG-KONG: The PCPD Reminds the Public to Safeguard Personal Data Privacy When They Participate in Lucky Draw Activities POLISH SUPERVISORY AUTHORITY: P4 with a sanction of 100.000 PLN LITHUANIAN SUPERVISORY AUTHORITY: a sport club has been sanctioned for having breached the General Data Protection Regulation by processing digital fingerprints of clients and staff LATVIA SUPERVISORY AUTHORITY: #DVI explains: “can we process personal data in a working relationship?” #2 enforcing the contract POLISH SUPERVISORY AUTHORITY: facilitate the personal data processing URUGUAY SUPERVISORY AUTHORITY: recommendations on the usage of messages apps SUPERVISORY AUTHORITY OF HONG-KONG: The Privacy Commissioner Reported on the Proposed Amendments to the PDPO to Combat Doxxing at the 55th Asia Pacific Privacy Authorities Forum SLOVENIAN SUPERVISORY AUTHORITY: it is not only the main supervisory authority which can exercise the control on companies that are processing personal data by borders FRENCH SUPERVISORY AUTHORITY: sanction of 500.000 EUR to the company BRICO PRIVE DANISH SUPERVISORY AUTHORITY: tips for the ransomware security National privacy authorities can sue Facebook even if it is not the leading authority, EU Court of Justice DANISH SUPERVISORY AUTHORITY: the municipality of Vejle has been sanctioned NEW ZEALAND SUPERVISORY AUTHORITY: OPC sends warnings to organisations to get it right next time SPANISH SUPERVISORY AUTHORITY: new form of notification for personal data gaps ROMANIAN SUPERVISORY AUTHORITY: sanction for GDPR breach POLISH SUPERVISORY AUTHORITY: Aspect of the Office for the Protection of Personal Data on the National Census 2021 in progress and Housing CANADIAN SUPERVISORY AUTHORITY: Canadians concerned about access to their online personal information: poll BRITISH SUPERVISORY AUTHORITY: ICO fines national takeaway pizza company for unlawfully sending marketing messages to its customers POLISH SUPERVISORY AUTHORITY: a breach of the GDPR by Funeda translates into a sanction GREEK SUPERVISORY AUTHORITY: sanction to a company for the illegal installation and operation of a video surveillance system ITALIAN SUPERVISORY AUTHORITY: App IO: the Authority implements the technical relation FRENCH SUPERVISORY AUTHORITY: the CNIL approves its first European code of conduct for cloud infrastructure service providers BELGIUM SUPERVISORY AUTHORITY: APD publishes its 2020 annual report A Step towards the right direction: New Standard Contractual Clauses for the transference of data towards third countries NORWEGIAN SUPERVISORY AUTHORITY: sanction to Brabank Asa CANADIAN SUPERVISORY AUTHORITY: RCMP’s use of Clearview AI’s facial recognition technology violated Privacy Act, investigation concludes FRENCH SUPERVISORY AUTHORITY: The CNIL publishes 8 recommendations to strengthen the protection of minors online DUTCH SUPERVISORY AUTHORITY: sanction to professional dental office for unsafe websites for patients ITALIAN SUPERVISORY AUTHORITY: Green certification: the green light of the Authority, but with specific guarantees. It has been disposed the block of IO app GERMAN SUPERVISORY AUTHORITY: BDSG celebrates its 45th anniversary FINNISH SUPERVISORY AUTHORITY: Administrative Court: the consultation procedure of the Data Protection Supervisor’s Office and the specified sanction fee were appropriate CANADIAN SUPERVISORY AUTHORITY: Release of the Privacy Commissioner’s Special Report to Parliament on Police Use of Facial Recognition Technology in Canada SWEDISH SUPERVISORY AUTHORITY: wrong video camera is monitoring firefighters 24 a day ROMANIAN SUPERVISORY AUTHORITY: sanction for a GDPR breach FRENCH SUPERVISORY AUTHORITY: departmental and regional elections, the CNIL remembers rules that need to be followed and publishes its action plan FRENCH SUPERVISORY AUTHORITY: COVID-19: the CNIL expresses its opinion on the conditions of implementation of the health passports FRENCH SUPERVISORY AUTHORITY: TousAntiCovid, reminder, QR Code, health pass: which guarantees for the personal data protection? EUROPEAN DATA PROTECTION BOARD: EDPB Annual Report 2020: Ensuring data protection rights in a changing world CZECH SUPERVISORY AUTHORITY: declaration of the Global Privacy Assembly (GPA) on the usage of health data for trips DUTCH SUPERVISORY AUTHORITY: new standard contract for the safe transference of personal data NORWEGIAN SUPERVISORY AUTHORITY: new standard agreements FINNISH SUPERVISORY AUTHORITY: the European Commission has adopted new contractual clauses CANADIAN SUPERVISORY AUTHORITY: Federal, Provincial and Territorial Information and Privacy Commissioners and Ombudsman Issue Joint Resolution About Privacy and Access to Information Rights During and After a Pandemic CZECH SUPERVISORY AUTHORITY: the government bill on Covid passports POLISH SUPERVISORY AUTHORITY: also a lack of response to convocation to the Supervisory Authority is a lack of cooperation FRENCH SUPERVISORY AUTHORITY: websites block: the CNIL publishes the 2020 activity report of the qualified person LITHUANIAN SUPERVISORY AUTHORITY: a safe and useful digital environment for children – the Organization for the Cooperation and the Economic Development publishes a recommendation LATVIA SUPERVISORY AUTHORITY: right to delete your personal data in the public environment FRENCH SUPERVISORY AUTHORITY: The CNIL publishes its third opinion addressed to Parliament on the conditions for implementing the measures accompanying the fight against COVID-19 DANISH SUPERVISORY AUTHORITY: new decision: unencrypted emails with personal data send to the Justice Ministry CYPRIOT SUPERVISORY AUTHORITY: Audit on the use of cookies It has not been resolved the node of the Ministries, the suggestions of the Data Protection Authority on the figure of the DPO in public scope The approach is crucial in the security of business data ITALIAN SUPERVISORY AUTHORITY: the Authority blocks the app Mitiga ICELANDIC SUPERVISORY AUTHORITY: planned revision of the Facebook profile of an employee LITHUANIAN SUPERVISORY AUTHORITY: the EDPB publishes it 2020 annual report NORWEGIAN SUPERVISORY AUTHORITY: responses to the consultation on the surveillance of passengers in planes SUPERVISORY AUTHORITY OF HONG-KONG: International networks of privacy and consumer protection regulators issued a joint media statement on the transparency measures recently announced by Google EUROPEAN DATA PROTECTION SUPERVISOR: What to expect when we inspect – Data protection audits explained FRENCH SUPERVISORY AUTHORITY: children protection: the CNIL has launched a consultation on a repository project ESTONIAN SUPERVISORY AUTHORITY: fight with a drone asks rules DANISH SUPERVISORY AUTHORITY: consultation: the authority is searching input on the new marketing guideline ITALIAN SUPERVISORY AUTHORITY: the M5S, Italian Auhtority: the Rousseau Association shall present data to the Movement CYPRIOT SUPERVISORY AUTHORITY: policy to borrowers/Authorities on the letter send by B2KAPITAL on the buying of foster care systems POLISH SUPERVISORY AUTHORITY: on the personal data protection during workshop for General Directors of the Civil Service SUPERVISORY AUTHORITY OF HONG-KONG: The PCPD Provides “Vaccination Leave” for Staff after COVID-19 Vaccination in Support of Government’s “Early Vaccination for All” Campaign SPANISH SUPERVISORY AUTHORITY: Internet of Things (IoT) (III) Home Automation, risks and recommendations CANADIAN SUPERVISORY AUTHORITY: Vaccine passports must meet highest level of privacy protection POLISH SUPERVISORY AUTHORITY: one in four Polish is afraid of a hacker attack SLOVENIAN SUPERVISORY AUTHORITY: fourth session of the initiative “Initiative 20i7” PORTUGUESE SUPERVISORY AUTHORITY: the app “Respondus” is breaching the GDPR ITALIAN SUPERVISORY AUTHORITY: signed the memorandum between the Italian Data Protection Authority and Fondazione Leonardo Why the Data Protection Officer shall be resilient and assertive? PORTUGUESE SUPERVISORY AUTHORITY: the EDPS investigates on the data transferences to USA THE SWEDISH SUPERVISORY AUTHORITY: the administrative court agrees with IMY DUTCH SUPERVISORY AUTHORITY: draft law on the exchange of e-data for the health assistance, risk of damages to the health professional secrecy GREEK SUPERVISORY AUTHORITY: the authority imposes an administrative sanction for a lack of the respect of the right to object to the sending of promotional messages GREEK SUPERVISORY AUTHORITY: administrative sanction imposed to a parliamentary candidate for an illicit processing of personal data for political communication purposes by sending e-messages GREEK SUPERVISORY AUTHORITY: complain about having sent an email by a political – it has been postponed to the plenary section. FRENCH SUPERVISORY AUTHORITY: the CNIL launches a new public consultation on the recommendation project related to registration measures DANISH SUPERVISORY AUTHORITY: focus on the personal data protection in the fight anti-money laundering NORWEGIAN SUPERVISORY AUTHORITY: sanction to Innovation Norway LIECHTENSTEIN SUPERVISORY AUTHORITY: GDPR cheat sheet for the practice/technique FINNISH SUPERVISORY AUTHORITY: opinions of the EDPB on the first transnational code of conduct and recommendations on the legal basis for the credit card’s data retention. ESTONIAN SUPERVISORY AUTHORITY: the European Data Protection Supervisor examines the activities of the European institutions FRENCH SUPERVISORY AUTHORITY: the CNIL asks changes on the usage of USA cooperation instruments for the higher education and the research ESTONIAN SUPERVISORY AUTHORITY: the web automatic translation brings personal data protection risks EUROPEAN DATA PROTECTION SUPERVISOR: The EDPS opens two investigations following the “Schrems II” Judgement ROMANIAN SUPERVISORY AUTHORITY: Sanction for having breached the GDPR ICELANDIC SUPERVISORY AUTHORITY: the Personal Data Protection Authority asks for information to courts on the publication of personal identification information in court sentences published in Internet FRENCH SUPERVISORY AUTHORITY: publication of the repository of the rental management BULGARIAN SUPERVISORY AUTHORITY: three years since the beginning of the General Data Protection Regulation ITALIAN SUPERVISORY AUTHORITY: Green pass: the authority says no to local initiatives which are breaching the privacy legislation – in particular it sends a formal notice to the Campania Region ITALIAN SUPERVISORY AUTHORITY: better protection for persons who have been deprived of their freedom – it has been signed the Memorandum of Understanding between the Italian Data Protection Authority and the National Authority of the Rights of Persons Deprived of Freedom Towards a future in the Privacy by Design and by Default sign? The uncertain future of cookies of third parties URUGUAYANS SUPERVISORY AUTHORITY: First Coffee Talk of the Year: Agreement Approval 108+ NEW ZEALAND SUPERVISORY AUTHORITY: Privacy Commissioner calls on DHBs to address IT vulnerabilities SUPERVISORY AUTHORITY OF HONG-KONG: Privacy Commissioner Welcomes WhatsApp’s Acceptance of Suggestions to Provide Alternatives to Users POLISH SUPERVISORY AUTHORITY: after three years with the GDPR SWEDISH SUPERVISORY AUTHORITY: a new guideline for the video surveillance with video cameras SPANISH SUPERVISORY AUTHORITY: the AEPD published a new version of its guideline for the personal data breaches notification PORTUGUESE SUPERVISORY AUTHORITY: third anniversary of the GDPR GREEK SUPERVISORY AUTHORITY: Action of the Authority on a document of the Hellenic Informatic Association GERMAN SUPERVISORY AUTHORITY: BfDI criticizes changes to the Federal Highway Distribution Act FRENCH SUPERVISORY AUTHORITY: the Unaf published a GDPR guideline for professionals of the social and social-health sector FINNISH SUPERVISORY AUTHORITY: the competences and the reliability of the Office of the Data Protection Authority (Ombudsman) is appreciated, but the customer focus is seen like an improvement area FRENCH SUPERVISORY AUTHORITY: refuse cookies shall be a simple thing like accept them: about twenty organization have been sanctioned BELGIAN SUPERVISORY AUTHORITY: the GDPR celebrates its third years old ROMANIAN SUPERVISORY AUTHORITY: ANSPDCP summarizing report – the first four months of 2021 GREEK SUPERVISORY AUTHORITY: press release on the third year since the entrance in force of the General Data Protection Regulation ITALIAN SUPERVISORY AUTHORITY: European Regulation: line of direction of the Italian Data Protection Authority for DPOs POLISH SUPERVISORY AUTHORITY: the EDPB pronounces itself on cross-border codes of conducts LATVIA SUPERVISORY AUTHORITY: #DVI explains: “proof of vaccination or exposition to COVID-19” When gossip online is a crime or an illicit? NORWEGIAN SUPERVISORY AUTHORITY: police forces have not the access to researches in polices registers FRENCH SUPERVISORY AUTHORITY: COVID-19: the CNIL follows AP-HP in an experimental concert in Paris CANADIAN SUPERVISORY AUTHORITY: Education software firm addresses security vulnerabilities CISPE code of conduct approved by the European Data Protection Board, Cloud Computing LATVIA SUPERVISORY AUTHORITY: the electronic control by the neighbors is considered forbidden BELGIAN SUPERVISORY AUTHORITY: the Personal Data Protection Authority approves its first European code of conduct DUTCH SUPERVISORY AUTHORITY: AP growth needed for a digitalized society and confidence in the government ITALIAN SUPERVISORY AUTHORITY: the Authority says yes to the scientific information, but pay attention to the patient’s privacy Axa announces the exclusion of the damages caused by ransomware of their insurance coverages and just after has been affected by a hacker attack ROMANIAN SUPERVISORY AUTHORITY: another sanction due to a GDPR breach ITALIAN SUPERVISORY AUTHORITY: Job, correct information to employees on the business systems in use ITALIAN SUPERVISORY AUTHORITY: Covid subsidies, the Authority, personal data of beneficiaries shall be protected – the Authority sanctions the municipality of Palermo ROMANIAN SUPERVISORY AUTHORITY: sanction for having breached the GDPR BRITISH SUPERVISORY AUTHORITY: ICO takes action against contact tracing QR code provider SPANISH SUPERVISORY AUTHORITY: the AEPD publishes a guideline on personal data protection and employment relations POLISH SUPERVISORY AUTHORITY: the too late identification of breaches endangers clients Health Company has been sentenced to the compensation: a Madame asks the refund of medical fees for the procedure of medically assisted procreation, her data appear on the web FRENCH SUPERVISORY AUTHORITY: Publication of documents of local and regional authorities related to the exercise of their decision-making power ITALIAN SUPERVISORY AUTHORITY: commercial information: it has been adopted the Code of Conduct ITALIAN SUPERVISORY AUTHORITY: vaccinations into the working place: all the instruction of the Italian Data Protection Authority – it is available also the document on the role of the relevant doctor LATVIA SUPERVISORY AUTHORITY: #DVI explains: Does the employer have the right to receive COVID-19 tests from the laboratory after the collective test? ROMANIAN SUPERVISORY AUTHORITY: sanction due to a GDPR breach ESTONIAN SUPERVISORY AUTHORITY: 2020 AKI yearbook ITALIAN SUPERVISORY AUTHORITY: Convention 108: published in the Official Journal the law ratifying the Protocol of Amendment in Italy More guarantees and rights for people to face the challenges of the digital age Personal data of million users of the food delivery app have been sold into the Dark Web, there are still holes into privacy of Glovo FRENCH SUPERVISORY AUTHORITY: the CNIL issues its opinion on the health card project for the access to large gatherings of people NEW ZEALAND SUPERVISORY AUTHORITY: Regional visits and helping respondents ROMANIAN SUPERVISORY AUTHORITY: a new sanction due to a GDPR breach POLISH SUPERVISORY AUTHORITY: it will be clarified disposals on the control of video in dumps FRENCH SUPERVISORY AUTHORITY: Bill on the prevention of terrorist acts and intelligence: the CNIL publishes its opinions ITALIAN SUPERVISORY AUTHORITY: by TikTok new measures in order to keep young people out of the platform. Meanwhile, more than 500.000 users of persons under 13 years old has been removed or blocked DANISH SUPERVISORY AUTHORITY: what is personal data protection? “Watch the pen”, report the conduct of a professional AUSTALIAN SUPERVISORY AUTHORITY: OAIC welcomes additional funding for data protection and FOI DUTCH SUPERVISORY AUTHORITY: sanction of 525.000 EUR to Locatefamily.com NORWEGIAN SUPERVISORY AUTHORITY: new guidelines of the European Data Protection Board for the consultation NORWEGIAN SUPERVISORY AUTHORITY: opinions on the covid passports NEW ZEALAND SUPERVISORY AUTHORITY: Reported privacy breaches double after new Privacy Act takes effect CANADIAN SUPERVISORY AUTHORITY: Commissioner shares views on Facial Recognition Technology with Parliament POLISH SUPERVISORY AUTHORITY: the legitimacy and the portability of the DPA audit can not be called into a question NORWEGIAN SUPERVISORY AUTHORITY: Oslo University Hospital shall modify the agreements FINNISH SUPERVISORY AUTHORITY: respect personal data protection disposals in electoral campaigns – also the personal data processing recollected by social media shall be in compliance with the personal data protection legislation. CZECH REPUBLIC SUPERVISORY AUTHORITY: the Office takes the position of the authority which defend the access to information also in cases of actions against decisions issued by other bodies before January 2020 NORWEGIAN SUPERVISORY AUTHORITY: notification of the sanction to Ferde SA LUXEMBOURG SUPERVISORY AUTHORITY: A NEW PUBLIC CONSULTATION ON CERTIFICATION CRITERIA “GDPR-CARPA” HAS BEEN STARTED SWISS SUPERVISORY AUTHORITY: The new FADP from the FDPIC’s perspective DUTCH SUPERVISORY AUTHORITY, AP: Why privacy is so important? FRENCH SUPERVISORY AUTHORITY: publication of the reference system relative to the designation of the drivers have committed an infringement of the street code ROMANIAN SUPERVISORY AUTHORITY: sanction after the GDPR breaches DANISH SUPERVISORY AUTHORITY: 2020 annual report of the Data Inspectorate DUTCH SUPERVISORY AUTHORITY: AP intensifies the municipality supervision EUROPEAN COUNCIL: Vaccine pass : yes, but with strict respect of Human rights Attack: what is a “homograph”? POLISH SUPERVISORY AUTHORITY: UODO declaration to Facebook Polish Authorities NORWEGIAN SUPERVISORY AUTHORITY: notice of infringement for Disqus Inc FRENCH SUPERVISORY AUTHORITY: smart meters LINKY, closure of the formal notice against ENGIE FRENCH SUPERVISORY AUTHORITY: political communication by email to the consular list of electors Assessing carried out along the way, Corona pass in Alto Adige FINNISH SUPERVISORY AUTHORITY: administrative right: the consent to the cookie usage by internet browsing settings does not comply the consent requirements established into the General Data Protection Regulation FINNISH SUPERVISORY AUTHORITY: the General Data Protection Regulation is well known, but its applications present some challenges DANISH SUPERVISORY AUTHORITY: the guideline on the consent has been updated European States shall intensify their challenges in order to protect privacy of minors in the digital environment, European Council BRITISH SUPERVISORY AUTHORITY: Digital Regulatory Cooperation Forum’s response to DCMS on the future of the digital regulatory landscape ICELANDIC SUPERVISORY AUTHORITY: security breach for InfoMentor ehf. CANADIAN SUPERVISORY AUTHORITY: Privacy Awareness Week provides opportunity for businesses to strengthen privacy practices FRENCH SUPERVISORY AUTHORITY: closure of the injunction against GOOGLE ICELANDIC SUPERVISORY AUTHORITY: standard terms into operating licenses for financial information agencies LIETCHTENSTEIN SUPERVISORY AUTHORITY: to what you can pay attention when you are using cloud services ITALIAN SUPERVISORY AUTHORITY: Italian authority, deontological rules on the statistic ambit – rules shall be predisposed by Istat and other Sistan subject shall be approved by the Authority CZECH SUPERVISORY AUTHORITY: the response of the Office to the final formulation of the extraordinary procedure for the registration of clients into establishments SLOVENIAN SUPERVISORY AUTHORITY: the European Council asks to reinforce the privacy protection of children in the digital environment POLISH SUPERVISORY AUTHORITY: polish over 45 years old are more inclined to extort personal data GERMAN SUPERVISORY AUTHORITY: uses the options of Corona Warn app FRENCH SUPERVISORY AUTHORITY: COVID-19, questions and responses of the CNIL on screening tests of student’s saliva in schools FRENCH SUPERVISORY AUTHORITY: protect your development environment SLOVENIAN SUPERVISORY AUTHORITY: the NIJZ has deleted the identified irregularities, so the inspection procedure IP will be interrupted CZECH SUPERVISORY AUTHORITY: to store record of clients by some service’s providers and to demonstrate test of SARS-CoV-2 by clients DANISH SUPERVISORY AUTHORITY: critical conditions into the COVID-19 shaping draft of the Statens Serum Institute EUROPEAN DATA PROTECTION SUPERVISOR: EDPS audit on newsletter subscriptions: transparency is key DUTCH SUPERVISORY AUTHORITY: the Municipality of Enschede has sanctioned the Wi-Fi tracking SWEDISH SUPERVISORY AUTHORITY: children rights have been reinforced DUTCH SUPERVISORY AUTHORITY: AP publishes the privacy brochure of the works council for privacy protection on the working place NEW ZEALAND SUPERVISORY AUTHORITY: That was close! How to respond when you narrowly avoid a serious privacy breach PORTUGUESE SUPERVISORY AUTHORITY: 2021 CENSUS, CNPD SUSPENDS USA FLOWS EUROPEAN DATA PROTECTION SUPERVISOR: AEPD-EDPS joint paper on 10 misunderstandings related to anonymisation POLISH SUPERVISORY AUTHORITY: official data breach ITALIAN SUPERVISORY AUTHORITY: news, authority, a lot of details cause the prejudice, especially to minors. ITALIAN SUPERVISORY AUTHORITY: oblivion, says no to deletion of an article by the online store of a newspaper ITALIAN SUPERVISORY AUTHORITY: direct marketing, the Authority, the right to object of users shall be respected ITALIAN SUPERVISORY AUTHORITY: wild telemarketing, the Italian Data Protection Authority sanctions three call center – the first measures of the Authority after those one on the phone companies CROATIAN SUPERVISORY AUTHORITY: processing of personal data for the purpose of request to be made vaccinated by the portal Vaccines Because they are breaching the GDPR: Covid-19 and Green certificates FINNISH SUPERVISORY AUTHORITY: Cell phone position FAQs BELGIAN SUPERVISORY AUTHORITY: personal data processing for marketing purposes CYPRIOT SUPERVISORY AUTHORITY: Proof of Covid-19 receipts/certificates/certificates ITALIAN SUPERVISORY AUTHORITY: warning appeal on processing carried out on the green certification for Covid-19 required by the Decree-Law of the 22nd of April 2021 n. 52 – 23rd April 2021. ITALIAN SUPERVISORY AUTHORITY: “Re-openings Decree”, serious deficiencies for “vaccinations pass”. The Italian Data Protection Authority send a formal warning to the Government. FRENCH SUPERVISORY AUTHORITY: many ransomware attacks, how to limit the risks? EUROPEAN DATA PROTECTION SUPERVISOR: Artificial Intelligence Act: a welcomed initiative, but ban on remote biometric identification in public space is necessary URUGUAYAN SUPERVISORY AUTHORITY: updated principles on privacy and personal data protection LATVIA SUPERVISORY AUTHORITY: #DVI explains “Which personal data can be processed in a working relationship? FRENCH SUPERVISORY AUTHORITY: the CNIL specifies guarantees that the function TousAntiCovid dossier shall respect FINNISH SUPERVISORY AUTHORITY: opinions of the European Data Protection Board on decisions projects on the adequacy of the British personal data protection and orientation projects which clarify the proceeding of the controversial resolution BY THE MALTESE DATA PROTECTION AUTHORITY: Information and Data Protection Appeals Tribunal Roundtable with Pizzetti and the most important Italian DPO, Privacy and Digital Economy EUROPEAN DATA PROTECTION BOARD: Big Data and Digital Clearing House EUROPEAN DATA PROTECTION SUPERVISOR: Big Data & Digital Clearinghouse FRENCH SUPERVISORY AUTHORITY: CNIL publishes interim recommendations for quality control of clinical trials during the health crisis ITALIAN SUPERVISORY AUTHORITY: it has signed the memorandum among Privacy Authority and the State Labor Inspectorate Hackers blackmailing Apple by asking 50 million dollars, stolen industrial projects of new MacBook. DUTCH SUPERVISORY AUTHORITY: guidelines on the GDPR on targeting of social media and EDPB controversial SLOVAKIAN SUPERVISORY AUTHORITY: guidelines for the targeting of social media users Object of sale of data of 1.3 million users of Clubhouse? FRENCH SUPERVISORY AUTHORITY: notebook ari2020, what does it change in the working environment? EUROPEAN COMMISSION: GDPR – the fabric of a success story SPANISH SUPERVISORY AUTHORITY: HTTPS, web cryptography LATVIA SUPERVISORY AUTHORITY: #DVI explains “Do have I the right to ask the deletion of data (“forgotten”) if I have revoke by consent? NORWEGIAN SUPERVISORY AUTHORITY: sanction to Basaren Drift AS DUTCH SUPERVISORY AUTHORITY: your privacy (for youth) Without individual agreement under the privacy risk and business data security, simply activation mood of smart working ESTONIAN SUPERVISORY AUTHORITY: automated decisions and profiles analysis ICELANDIC SUPERVISORY AUTHORITY: registration of guests in restaurants due to COVID-19 CANADIAN SUPERVISORY AUTHORITY: Summary of privacy laws in Canada EUROPEAN COMMISSION: Conference on the Future of Europe: launch of the multilingual digital platform EUROPEAN DATA PROTECTION SUPERVISOR: EDPS Annual Report 2020: data protection during COVID-19 CROATIAN SUPERVISORY AUTHORITY: useful advices ITALIAN SUPERVISORY AUTHORITY: opinion of Sari Real Time system ITALIAN SUPERVISORY AUTHORITY: facial recognition: Sari Real Time is not in compliance with the privacy legislation. ROMANIAN SUPERVISORY AUTHORITY: sanction for having breached the GDPR DATA PROTECTION AUTHORITY OF LATVIA: “Do I have the right to request the deletion of data (” forgotten”) if personal data are no longer needed?” ICELANDIC DATA PROTECTION AUTHORITY: Advice from the Data Protection Authority to the Office of the Medical Director of Health regarding the Bluetooth update of the infection control program POLISH SUPERVISORY AUTHORITY: EDPB, on adequacy decision projects in United Kingdom DUTCH SUPERVISORY AUTHORITY: EDPB, we must plan the data transfer in United Kingdom, but also there are some worries NEW ZEALAND SUPERVISORY AUTHORITY: tribunal strikes out man’s case against NZ Transport Agency SWEDISH SUPERVISORY AUTHORITY: IMY starts the revision of found consultants ICELANDIC SUPERVISORY AUTHORITY: personal data of students disclosed to a consulting society by the compulsory school More than half billion euros is the ransom asked by hackers, it occurs an informatic attack to servers of the Territorial Agency for the House of Turin ROMANIAN SUPERVISORY AUTHORITY: sanction for a GDPR breach SPANISH SUPERVISORY AUTHORITY: “you stop it or you pass it” a new initiative promoted by the Agency for the usage of the priority channel in order to report the spreading out of sexual or violent contents CROATIAN SUPERVISORY AUTHORITY: recommendations from the personal data processing because of the administrative elections of 2021 ITALIAN SUPERVISORY AUTHORITY: “A clearer privacy policy thanks to icons? It is possible” the Italian Authority launches a contest by calling the collective creativity. SLOVAKIAN SUPERVISORY AUTHORITY: public consultation of the EDPB on guidelines for the certification criteria assessment CZECH SUPERVISORY AUTHORITY: privacy regulation project and e-communications DANISH SUPERVISORY AUTHORITY: insufficient cryptography into the self-service solution by the police SWITZERLAND SUPERVISORY AUTHORITY: FDPIC takes on advisory role in the FOPH project for a data protection compliant COVID-19 vaccination certificate IRISH SUPERVISORY AUTHORITY: DPC launches inquiry into Facebook in relation to a collated dataset of Facebook user personal data made available on the internet SLOVENIAN SUPERVISORY AUTHORITY: the police system Face Track is based on the biometrical process of personal data, but it does not permit the identification DANISH SUPERVISORY AUTHROITY: which level of cryptography is sufficient? BRAZILIAN SUPERVISORY AUTHORITY: ANPD and Senacon have signed an agreement of technical cooperation BRASILIAN SUPERVISORY AUTHORITY: it warns on the send of false emails on the behalf of ANPD with phishing scam GREEK SUPERVISORY AUTHORITY: exams of a complainant for having sent a communication policy that was not required GREEK SUPERVISORY AUTHORITY: it has been imposed a sanction for a wrong response to a deletion right GREEK SUPERVISORY AUTHORITY: it has been imposed a sanction for the video surveillance of an employee by a video camera DANISH SUPERVISORY AUTHORITY: municipal consultants’ supervision for personal data protection SUPERVISORY AUTHORITY OF HONG-KONG: Facebook Provides Users with an Online Form for Enquiry of the Reports on Suspected Data Breach CANADIAN SUPERVISORY AUTHORITY: Privacy Tech-Know blog: Privacy Enhancing Technologies for Businesses POLISH SUPERVISORY AUTHORITY: social media and data security FRENCH SUPERVISORY AUTHORITY: Digital Life Scenes, the CNIL published its 8 session of Innovation & Prospective. LITHUANIAN SUPERVISORY AUTHORITY: security accidents of personal data on social networks Facebook and LinkedIn CROATIAN SUPERVISORY AUTHORITY: AZOP representants into the working group for the development of the covid-pass SUPERVISORY AUTHORITY OF HONG-KONG: Privacy Commissioner Follows Up on the Suspected Data Breach Relating to Clubhouse Users MALTESE SUPERVISORY AUTHORITY: Facebook data leak DANISH SUPERVISORY AUTHORITY: Coronavirus certificates in Denmark and all over the European Union CROATIAN SUPERVISORY AUTHORITY: personal data of Facebook’s users compromised and notification to LinkedIn CYPRIOT SUPERVISORY AUTHORITY: data published which seems to refer to Facebook’s users ITALIAN SUPERVISORY AUTHORITY: the Italian Data Protection Authority and the National Authority for the rights of persons deprived of liberty: it is necessary a more confidentiality in prisoner’s talks Amazon Ring case and deficiencies of “smart houses”: privacy in smart houses 4.0 EUROPEAN DATA PROTECTION BOARD: Dutch DPA fines Booking.com for delay in reporting data breach CZECH SUPERVISORY AUTHORITY: UOOU on the vaccination passports NORWEGIAN SUPERVISORY AUTHORITY: sanction to the Asker Municipality NORWEGIAN SUPERVISORY AUTHORITY: Miljø- og Kvalitetsledelse AS has been sanctioned LUXEMBOURG SUPERVISORY AUTHORITY: LINKDIN USER DATA SCRAPING LATVIA SUPERVISORY AUTHORITY: Shall I stop taking photos in a public place if anyone asks me to “delete the photo”? ITALIAN SUPERVISORY AUTHORITY: LinkedIn, after the theft of data the Italian Data Protection Authority opens an investigation on the social network and warns that the use of data from the breach is illegal. Users invited to pay particular attention to possible anomalies on their mobile phones or accounts SUPERVISORY AUTHORITY OF HONG-KONG: Privacy Commissioner Follows Up on the Alleged Scraping and Selling of Data of LinkedIn Users NEW ZEALAND SUPERVISORY AUTHORITY: Man complains about neighbour’s security camera NORWEGIAN SUPERVISORY AUTHORITY: The European Data Protection Board with a declaration on the coronavirus certificate IP: what is an IP address? EUROPEAN DATA PROTECTION SUPERVISOR: EU data protection authorities adopt joint opinion on the Digital Green Certificate Proposals POLISH SUPERVISORY AUTHORITY: join opinion of the EDPB and the SEPD on the digital green certificate A lot of Italian schools in chaos, a ransomware attack at the electronic register Personal data of profiles which are on sale in a hacker forum: privacy alarm and risk of scams for 500 million users of LinkedIn BELGIAN SUPERVISORY AUTHORITY: Facebook data breach: DPA intervenes and encourages citizens to assert their rights FRENCH SUPERVISORY AUTHORITY: COVID-19: the EDPB and the EDPS (European Data Protection Supervisor) express an opinion on the proposal of the digital green certificate NEW ZEALAND SUPERVISORY AUTHORITY: Offender requests psychological reports from Corrections SPANISH SUPERVISORY AUTHORITY: The Spanish Data Protection Agency published its 2020 annual report SLOVENIAN SUPERVISORY AUTHORITY: The digital green certificate for moving into the European Union shall not bring to discriminations compared to people, its use shall be clearly defined by the legislation and proportionated and shall stop after the end of the pandemic. POLISH SUPERVISORY AUTHORITY: digital security of children and youths and responsibility GREEK SUPERVISORY AUTHORITY: personal data processing insured by an insurance company ITALIAN SUPERVISORY AUTHORITY: Facebook data breach: the Italian DPA asks this social network to adopt measures in order to limit risks and warns that the use of data which came from the breach is illicit. Users are invited to pay attention to eventual anomalies in their phones. IRISH SUPERVISORY AUTHORITY: Dataset appearing online GERMAN SUPERVISORY AUTHORITY: BfDI publishes a position paper on the police founds DANISH SUPERVISORY AUTHORITY: the 2020 annual report of the Data Inspectorate FINNISH SUPERVISORY AUTHORITY: the personal information stolen by Facebook have been published, this are the advices for those one who are victims of this data breach SUPERVISORY AUTHORITY OF HONG-KONG: PCPD Issues Guidance on Protecting Personal Data Privacy in the Use of Social Media and Instant Messaging Apps It has been shared 21 million user’s personal data: an online platform of food delivery it has been affected by a hacker attack Hackers ask for a ransom of 1,3 million euros: the informatic system of the Brescia Municipality is paralyzed by a ransomware ITALIAN SUPERVISORY AUTHORITY: aggressive telemarketing, the Italian DPA has sanctioned Fastweb for 4 and half million euros FRENCH SUPERVISORY AUTHORITY: new rules for cookies and other tracking methods, the assessment of the support provided by the CNIL and future actions LIECHTENSTEIN SUPERVISORY AUTHORITY: What is the Darknet? BULGARIAN SUPERVISORY AUTHORITY: the Data Protection Commission has presented to the National Assembly the 2020 Activity Report SINGAPOREAN SUPERVISORY AUTHORITY: Broad Comparison of the PDPA’s Consent and Exceptions to Consent Provisions with EU GDPR’s Six Legal Bases for Processing Personal Data SLOVENIAN SUPERVISORY AUTHORITY: declaration of the Word Privacy Assembly on the use of health data for trip purposes NORWEGIAN SUPERVISORY AUTHORITY: the Data Inspectorate ask to change the keyboard The point of view: ever more cybersecurity is an essential component of a digitised single market ITALIAN SUPERVISORY AUTHORITY: it has been signed the memorandum of understanding between the Data Protection Authority and the Italian Financial Police. LIECHTENSTEIN SUPERVISORY AUTHORITY: particular categories of personal data (Article 9 GDPR) and personal data on criminal convictions and crimes (Article 10 GDPR). GERMAN SUPERVISORY AUTHORITY: BfDI presents its 29 activity report CANADIAN SUPERVISORY AUTHORITY: Pandemic highlights need for strong privacy laws AUSTRALIAN SUPERVISORY AUTHORITY: Privacy Act reform crucial to building public trust EUROPEAN DATA PROTECTION BOARD: Bavarian DPA (BayLDA) calls for German company to cease the use of ‘Mailchimp’ tool DUTCH SUPERVISORY AUTHORITY: Booking.com has been sanctioned for having reported a data breach too late SLOVENIAN SUPERVISORY AUTHORITY: general comment of the United Nation Committee on children’s rights: children rights into the digital environment BULGARIAN SUPERVISORY AUTHORITY: The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have adopted a joined opinion on a proposal of the European Parliament and the Council for a Regulation on the European framework for data management ITALIAN SUPERVISORY AUTHORITY: cars which are connected and voice assistants: the guidelines of the European Data Protection Authorities Forgot a vault, containing the practices of the Bank’s customers, which leaves the rented premises What is an identity theft? ESTOIAN SUPERVISORY AUTHORITY: it was ordered to the school the removal of video cameras from classes and to put up sign DANISH SUPERVISORY AUTHORITY: Additional accreditation requirements for certification bodies ROMANIAN SUPERVISORY AUTHORITY: sanction for having breached the GDPR POLISH SUPERVISORY AUTHORITY: the Office of the Personal Data Protection (UODO) has send an assistance request at the Lithuanian Supervisory Authority about Vinted IRISH SUPERVISORY AUTHORITY: DPC launches inquiry into processing of personal data by the Department of Health FRENCH SUPERVISORY AUTHORITY: the end of the investigation of the Interior Ministry ITALIAN SUPERVISORY AUTHORITY: the Italian DPA to the media, effective protection for persons filmed in cuffs ITALIAN SUPERVISORY AUTHORITY: ZTL permissions, data accessible to anyone, sanction of the Authority in Rome Capital ICELANDIC SUPERVISORY AUTHORITY: the processing of information at the Lögheimtun and the registration of information on the challenged debt by Creditinfo Lánstraust into the register of fulfilments is considered forbidden. CZECH SUPREVISORY AUTHORITY: For the processing of personal data of persons who have been quarantined by the Police of the Czech Republic CIPRYOT SUPERVISORY AUTHORITY: the issue of “the green digital certificate” and the usage/storage of sensitive personal data by airlines CANADIAN SUPERVISORY AUTHORITY: Commissioner encouraged by proposals to modernize the public sector Privacy Act AUSTRALIAN SUPERVISORY AUTHORITY: Independent review of the Credit Reporting Code BRITISH SUPERVISORY AUTHORITY: Blog: Data Protection law can help create public trust and confidence around COVID-status certification schemes NORWEGIAN SUPERVISORY AUTHORITY: Dragefossen AS receives a sanction. LATVIA SUPERVISORY AUTHORITY: Does the State Inspectorate have a “database “containing information on the processing of personal data by other persons? ESTONIAN SUPERVISORY AUTHORITY: THE PERSONAL DATA PROTECTION IS NOT ROCKETRY! Antivirus: which are their functions? BELGIUM SUPERVISORY AUTHORITY: publicity rights ICELANDIC SUPERVISORY AUTHORITY: processing of the hospital of Akureyri during the distribution of medical records FRENCH SUPERVISORY AUTHORITY: publication of guidelines for the medical and social care of the elderly, disabled or in difficulty. NORWEGIAN SUPERVISORY AUTHORITY: effects on privacy of an extension of the debt information program DANISH SUPERVISORY AUTHORITY: new decisions: supervision of the disclosure by test providers HUNGARIAN SUPERVISORY AUTHORITY: teleconference, the era of internet platforms – social impacts and legislative challenges CROATIAN SUPERVISORY AUTHORITY: It was held the training of data protection officers in the public sector NORWEGIAN SUPERVISORY AUTHORITY: Response on the public consultation on changes in the consumer protection legislation. The decalogue for GDPR compliance: Chat and messaging in the workplace Be careful to the downside, WhatsApp is used for sharing private business data FINNISH SUPERVISORY AUTHORITY: the security breach of personal information due to the vulnerability of the Exchange Microsoft Software shall be reported to the authorities and registered to the Office of the EDPS ROMANIAN SUPERVISORY AUTHORITY: sanction for having breached the GDPR Losses of over $4 billion: FBI Annual Report, +69% Cyber Crime Reports EUROPEAN COMMISSION: Digital Day 2021: Europe to reinforce internet connectivity with global partners PORTUGESE SUPERVISORY AUTHORITY: EUROPEAN DATA PROTECTION BOARD CRITICIZES THE CURRENT TEXT DEL EPRIVACY REGULATION DANISH SUPERVISORY AUTHORITY: publication of picture of parties of children and youths ROMANIAN SUPERVISORY AUTHORITY: Sanction for a GDPR breaches BRITISH SUPERVISORY AUTHORITY: Building on the data sharing code – our plans for updating our anonymisation guidance PORTUGUESE SUPERVISORY AUTHORITY: E-VOTING, CNPD DEFENDS A STRICT SCRUTINY DUTCH SUPERVISORY AUTHORITY: AP receives 75 data breach reports after losses on Microsoft Exchange servers LITHUANIAN SUPERVISORY AUTHORITY: the legislation which rules the certification mechanisms required by the GDPR is submitted to a public consultation FRENCH SUPERVISORY AUTHORITY: fire at OVG, it is better to warn the CNIL? DANISH SUPERVISORY AUTHORITY: notifications of personal data security breaches NEW ZEALAND SUPERVISORY AUTHORITY: Office of the Privacy Commissioner kicks off rental sector engagement NEW ZEALAND SUPERVISORY AUTHORITY: Employer carries out belated criminal background check on employee NEW ZEALAND SUPERVISORY AUTHORITY: Police disclosed man’s history of violence to current partner SLOVENIAN SUPERVISORY AUTHORITY: excessive posting of personal data on the eGovernment national portal – an appeal to the Authorities and Public Administration Ministry. BRITISH SUPERVISORY AUTHORITY: Secretary of State for the Department for Digital, Culture Media & Sport and the Information Commissioner sign Memorandum of Understanding on data adequacy FINNISH SUPERVISORY AUTHORITY: The office of the EDPS invites to make comments on the new guidelines on data protection impact assessment URUGUAYAN SUPERVISORY AUTHORITY: The URCDP guides the usage of images which have been taken into the vaccination centres SUPERVISORY AUTHORITY OF HONG-KONG: Privacy Commissioner Conducts Compliance Check as Regards the Unauthorised Access to the Email System of Nikkei ROMANIAN SUPERVISORY AUTHORITY: sanction for a GDPR breach Dark Pattern: The Californian State prohibits those one who induce users to give up your own personal data ISO/IEC 27701: What it is? EUROPEAN DATA PROTECTION SUPERVISORY: EDPS Formal Comments on the proposed European Health Union package SLOVENIAN SUPERVISORY AUTHORITY: the inspection procedure of the Information Commissioner has underlined that the police forces (at the moment) are not using the automated plate reading system. (ANPR). NORWEGIAN SUPERVISORY AUTHORITY: the State Data Inspectorate has received comments on the case Grindr ICELANDIC SUPERVISORY AUTHORITY: The “Children’s Fundamentals” – A guide to protecting children’s personal data ITALIAN SUPERVISORY AUTHORITY: deadly challenges on TikTok and the law has hands bound. ICELANDIC SUPERVISORY AUTHORITY: personal data processing carried out by the police by using equipment of audio-video registration in police cars. DUTCH SUPERVISORY AUTHORITY: EDPB guidelines for connected vehicles and voice assistants HONG-KONG SUPERVISORY AUTHORITY: Privacy Commissioner’s Submission in response to the Consultation Paper on Real-name Registration for SIM Cards POLISH SUPERVISORY AUTHORITY: EDPB & EDPS adopt joint opinion on the Data Governance Act FRENCH SUPERVISORY AUTHORITY: CNIL starts an investigation on the Clubhouse question. LATVIAN SUPERVISORY AUTHORITY: confirmation of the Covid-19 vaccination status Which is the difference between a security accident and a data breach? LITHUANIAN SUPERVISORY AUTHORITY: Information of the State Data Protection Inspectorate on the accident at the Vilnius College about personal data of students. SLOVENIAN SUPERVISORY AUTHORITY: people’s confidence in the vaccination depends on clear and unequivocal information on the progress of the vaccination requests and by the legitimate data recollection. SLOVENIAN SUPERVISORY AUTHORITY: guidelines on personal data processing in vehicles connected. LITHUANIAN SUPERVISORY AUTHORITY: the state registers and information systems have been controlled for the volume of personal data processed ITALIAN SUPERVISORY AUTHORITY: “privacy policies clearer thanks to icons? It is possible.” The Italian Data Protection Authority launches a contest by appealing to collective creativity. SPANISH SUPERVISORY AUTHORITY: if we lost the connection we have lost everything. Digital Pact for personal data protection. Share sensitive data and critical company information: Over 70% of employees use Whatsapp LATVIALAN SUPERVISORY AUTHORITY: information positioning which identity the person in charge of the store NEW ZEALAND SUPERVISORY AUTHORITY: Office of the Privacy Commissioner kicks off rental sector engagement EUROPEAN DATA PROTECTION SUPERVISOR: EDPS welcomes EU Cybersecurity update POLISH SUPERVISORY AUTHORITY: the EDPB has adopted, among other things, the working program for the period 2021-2022 FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board asks to take into account the consent and controls on cookies in ePrivacy negotiations ITALIAN SUPERVISORY AUTHORITY: Dead Girl in Cisliano: the Authority to media, no photos and non-essential details. Also reported verbatim thoughts and comments from the mother’s Facebook profile DUTCH SUPERVISORY AUTHORITY: the number of complaints on privacy stays high in an alarming way. CROATIAN SUPERVISORY AUTHORITY: international success of AZOP HONG-KONG SUPERVISORY AUTHORITY: Privacy Commissioner Calls for Greater Vigilance Beware of Phishing Emails or Messages Issued by Bogus Government Departments or Banks FRENCH SUPERVISORY AUTHORITY: the CNIL publishes its first opinion on the use of smart videos in order to measure the usage of masks in transports. The Italian Data Protection Authority fines the Lazio Region: it has been omitted the designation of the DPO. Green light to the functions of the new Immuni App which allows a Covid-19 positive person to aller his/her strict contacts. The Privacy Authority fines the Ministry of Economic Development, the DPO appointment has been delayed and it has been shared 5.000 personal data of managers. EUROPEAN DATA PROTECTION BOARD: European Data Protection Board – 46th Plenary session ESTONIAN SUPERVISORY AUTHORITY: Rights and freedoms of all us shall not be forget during the fight against Covid-19 EUROPEAN DATA PROTECTION BOARD: EDPB & EDPS adopt joint opinion on the Data Governance Act (DGA) POLISH SUPERVISORY AUTHORITY: How to take care of personal data during e-lessons? LITHUANIAN SUPERVISORY AUTHORITY: it is important to respect the General Data Protection Regulation during the publication, reuse or the processing of personal data into the context of open data SWEDISH SUPERVISORY AUTHORITY: complaints in the foregrounds for the next two review years BRITISH SUPERVISORY AUTHORITY: Digital Regulation Cooperation Forum publishes its first annual plan of work CROATIAN SUPERVISORY AUTHORITY: Democracy, human rights and personal data protection during the pandemic Covid-19 BRITISH SUPERVISORY AUTHORITY: Blog: Supporting UK democracy through data protection with new political campaigning guidance ITALIAN SUPERVISORY AUTHORITY: the case “Covid bonus”, the Italian Data Protection Authority has sanctioned INPS for 300.000 euros – OK to the controls but with a privacy-proof mood. LATVIALAN SUPERVISORY AUTHORITY: #DVI explains “survey among employees on the availability to be vaccinated against Covid-19”. CYPRIOT SUPERVISORY AUTHORITY: Personal Data Protection Commissioner notice – Second rectification of the GDPR 2016/679. Which is the difference between a security accident and a data breach? BRITISH SUPERVISORY AUTHORITY: ICO fines firms for sending more than 2.7 million spam text messages during the pandemic The Italian Data Protection Authority has created an emergency channel for all the revenge porn victims. AUSTRALIAN SUPERVISORY AUTHORITY: Damages awarded after Community Law Centre breaches woman’s privacy HONG-KONG SUPERVISORY AUTHORITY: 100 Organisations Received the Inaugural Privacy-Friendly Awards NORWEGIAN SUPERVISORY AUTHORITY: These four projects must be the main steps in the KI respectful of privacy. Insufficient safety measures on patients’ medical records, penalty from 400 thousand euros to a hospital NORWEGIAN SUPERVISORY AUTHORITY: camera and digital learning into the coronavirus situation. ITALIAN SUPERVISORY AUTHORITY: against the revenge porn – an emergency channel for all the potential victims. Cooperation between the Italian DPA and Facebook in order to help people that suffer from the diffusion without their consent of their private photos and videos. HONG-KONG SUPERVISORY AUTHORITY: 100 Organisations Received the Inaugural Privacy-Friendly Awards ROMANIAN SUPERVISORY AUTHORITY: sanction, for having breached the GDPR, has been applied to a natural person FRENCH SUPERVISORY AUTHORITY: health data breach, the Parish Court asks for a website lock NORWEGIAN SUPERVISORY AUTHORITY: NAV and arbeidplassen.no POLISH SUPERVISORY AUTHORITY: A data breach must be notified to the supervisory authority DANISH SUPERVISORY AUTHORITY: the website Orienteringsret.dk used by parents AUSTRALIAN SUPERVISORY AUTHORITY: Market and social research privacy code updated NORWEGIAN SUPERVISORY AUTHORITY: it receives a commission for the illegal forwarding of an email. SPANISH SUPERVISORY AUTHORITY: the AEPD updates its video tutorial in order to help users to set their privacy options into working systems, browsers, social networks and the most used apps. BRITISH SUPERVISORY AUTHORITY: How businesses can benefit from ICO support when implementing the Age Appropriate Design Code NORWEGIAN SUPERVISORY AUTHORITY: Infringement fee to the State Pension Fund BRITISH SUPERVISORY AUTHORITY: FAQs for the digital news industry NEW ZEALAND SUPERVISORY AUTHORITY: Doctor’s disclosure of patient’s mother’s HDC complaint breaches privacy BRITISH SUPERVISORY AUTHORITY: FAQs – the basics BRITISH SUPERVISORY AUTHORITY: Age appropriate design: a code of practice for online services Iban: Cassation, communication may constitute a violation of privacy. BRITISH SUPERVISORY AUTHORITY: Code standard and Child Code Hub BRITISH SUPERVISORY AUTHORITY: ICO urges businesses to act now as Children’s Code comes into force in six months POLISH SUPERVISORY AUTHORITY: Decisions of the EC which will permit data transfer to Great Britain are in progress. FRENCH SUPERVISORY AUTHORITY: Cybersecurity, health data, cookies, the main themes of control in 2021. FINNISH SUPERVISORY AUTHORITY: Demonstrate your compliance with data protection regulations ESTONIAN SUPERVISORY AUTHORITY: Legal basis for the processing ITALIAN SUPERVISORY AUTHORITY: Covid, the Italian Data Protection Authority says no to “vaccine pass” in order to have the access to premises or benefit from services without a national legislation. DUTCH SUPERVISORY AUTHORITY: AP sends an alarm: a raise of hack and data breaches. ESTONIAN SUPERVISORY AUTHORITY: Five “instruments” that you can use for control of your personal information. LITHUANIAN SUPERVISORY AUTHORITY: sanction imposed for General Data Protection Regulation breaches into the app Quarantine. ICELANDIC SUPERVISORY AUTHORITY: First Judgement of the Court EFTA on the interpretation of the Privacy Regulation. ESTONIAN SUPERVISORY AUTHORITY: Why does video surveillance has rules? LATVIALAN SUPERVISORY AUTHORITY: DSI: on the interaction between legislation on information society services and the General Data Protection Regulation. GREEK SUPERVISORY AUTHORITY: recommendations of the Authority about the publication of a memorandum of apologies on websites. CZECH SUPERVISORY AUTHORITY: declarations of the Office on the personal data disclosure of participants of judicial proceedings. POLISH SUPERVISORY AUTHORITY: the WSA has rejected the ClickQuickNow claim against the UODO decision POLISH SUPERVISORY AUTHORITY: lack of cooperation with the Authority, it has been imposed a sanction of 4653,10 Euros. PORTUGUESE SUPERVISORY AUTHORITY: THE EUROPEAN BOARD APPROVES THE 2021-2023 STRATEGY. IRISH SUPERVISORY AUTHORITY: Data Protection Commission publishes 2020 Annual Report LATVIALAN SUPERVISORY AUTHORITY: DSI on the processing and the protection of personal data in a remote learning process. FRENCH SUPERVISORY AUTHORITY: health data breach: the CNIL calls the obligations of organisations after a data breach announced by the media. EUROPEAN DATA PROTECTION BOARD: Spanish Data Protection Authority (AEPD) imposes fine of 6.000.000 EUR on CAIXABANK, S.A. EUROPEAN DATA PROTECTION BOARD: Norwegian DPA issues fine to Aquateknikk AS CANADIAN SUPERVISORY AUTHORITY: Commissioner submits views to Access to Information Act review Between health and individuals: vaccines, the sensitive imbalance. POLISH SUPERVISORY AUTHORITY: the provincial administrative court confirms that the GGK has made it impossible carrying out the inspection. EUROPEAN DATA PROTECTION SUPERVISOR: Data protection is non-negotiable in international trade agreements POLISH SUPERVISORY AUTHORITY: positive opinion of the President of the Personal Data Protection Office on two drafts of codes of conducts for the GDPR in the health sector. Three health structures have been sanctioned by the Italian Data Protection Authority: they have communicated health information to the wrong persons. FINNISH SUPERVISORY AUTHORITY: we are mapping the challenges and the exigencies of the data protection inside SME: Join the survey! POLISH SUPERVISORY AUTHORITY: the provincial administrative court rejected the complaint of the human rights ombudsman against the decision of the Office for Personal Data Protection on the statements of judges and public ministries. Hackers post documents of prominent clients on the Dark Web, the law firm Jones Day hit by ransomware ITALIAN SUPERVISORY AUTHORITY: By the Council of Europe the guidelines on facial recognition ITALIAN SUPERVISORY AUTHORITY: the Italian DPA says no to the use of employee’s fingerprint if there is any legislative basis. ITALIAN SUPERVISORY AUTHORITY: health data breaches, the Italian Data Protection Authority has sanctioned three structures. SWEDISH SUPERVISORY AUTHORITY: 150 million of sanctions in 2020. CROATIAN SUPERVISORY AUTHORITY: Brexit and personal data protection transfers from the European Union to the United Kingdom. NORWEGIAN SUPERVISORY AUTHORITY: registration of information into the Health Book. DUTCH SUPERVISORY AUTHORITY: Privacy Blog of Aleid Wolfsen, Grief Money. FRENCH SUPERVISORY AUTHORITY: The CNIL gives its opinion on the evolution of the TousAntiCovid application FRENCH SUPERVISORY AUTHORITY: Certification of data protection training providers: the CNIL publishes a reference set of criteria. SINGAPOREAN SUPERVISORY AUTHORITY: Undertaking by StarMed Specialist Centre Pte Ltd POLISH SUPERVISORY AUTHORITY: In each case, it shall be presented a claim FAQ of the Italian Data Protection Supervisor: Anti-Covid vaccination of employees FRENCH SUPERVISORY AUTHORITY: COVID-19 vaccination, which personal data processing is it possible for the local communities? FRENCH SUPERVISORY AUTHORITY: facial recognition and commercial prohibition of the stadium: the CNIL issues a warning to a sport association. FINNISH SUPERVISORY AUTHORITY: Adding school pictures of children to miniature invoices was not in line with the general data protection regulation LITHUANIAN SUPERVISORY AUTHORITY : the answers of the State Data Protection Inspectorate to the FAQ about the CityBee case. Searching for transparency: web is full of privacy pitfalls. POLISH SUPERVISORY AUTHORITY: KSSIP with a sanction for having violated the provisions of the GDPR. US and EU: the executive order 1398: another distancing on privacy question? EUROPEAN DATA PROTECTION BOARD: Guidelines 10/2020 on restrictions under Article 23 GDPR GERMAN SUPERVISORY AUTHORITY: BfDI criticises 1000 days without adopting TKG and TMG. BRITISH SUPERVISORY AUTHORITY: ICO launches data analytics toolkit ESTONIAN SUPERVISORY AUTHORITY: the main cause of data breaches is the negligence by the employees. POLISH SUPERVISORY AUTHORITY: a warning for a personal data protection breach due to outdated software. ITALIAN SUPERVISORY AUTHORITY: Employees vaccinations, the FAQ of the Italian Data Protection Authority – general principles on health workers. NORWEGIAN SUPERVISORY AUTHORITY: Gveil AS receives a sanction. FRENCH SUPERVISORY AUTHORITY: a GDPR “sandbox” in order to support the innovative projects in the field of digital health DANISH SUPERVISORY AUTHORITY: a new practical guideline for the cookie’s use. NORWEGIAN SUPERVISORY AUTHORITY: it asks for a declaration by Jehovah’s Witnesses. FINNISH SUPERVISORY AUTHORITY: the optician may process personal data of the customer on a basis other than the customer’s consent. E-Privacy Regulation, the green light to negotiations, European Council. Personal data: the ethical dimension of privacy to guide companie’s choices on their use. On the iPhone, the FBI can read Signal conversations. DUTCH SUPERVISORY AUTHORITY: AP publishes the Handbook for Election Campaigns on Privacy. LITHUANIAN SUPERVISORY AUTHORITY: TIPS if your account has been breached. DANISH SUPERVISORY AUTHORITY: complaint on the publication of the social security number of the municipality website. CYPRIOT SUPERVISORY AUTHORITY: screaming personal data into center where are carried out covid rapid test. BULGARIAN SUPERVISORY AUTHORITY: The CEC and the CPDP have adopted joint guidelines on the processing and about personal data protection into the election process. FRENCH SUPERVISORY AUTHORITY: LINKY smart meters, conclusion of the injunction against EDF. LUXEMBOURG SUPERVISORY AUTHORITY: CORONAVIRUS (COVID-19): RECOMMENDATIONS BY THE CNPD ON THE PROCESSING OF PERSONAL DATA IN THE CONTEXT OF A HEALTH CRISIS DUTCH SUPERVISORY AUTHORITY: Health services providers and the GDPR. DUTCH SUPERVISORY AUTHORITY: The OLVG hospital has been sanctioned for insufficient security measures of clinical records BY THE GERMAN DATA PROTECTION AUTHORITY: the EDPB agrees on the GDPR assessment BY THE SWEDISH DATA PROTECTION AUTHORITY: A ‘second wave’ in the GDPR effort Italian DPA sanctions a university: Whistleblowing: names of ‘anonymous’ whistleblowers were indexed on Google Door-to-door preachers, Jehovah’s Witnesses privacy-proofed EU study, Italian citizens among the least aware of GDPR Italian DPA: data transfer in case of ‘hard Brexit’ European Data Protection Board adopts guidelines on codes of conduct Online defamation, the surname alone may not be “individualising”, but the damaging effect increases Cambridge Analytica: it has been concluded the investigation, the Italian Data Protection Authority sets up the sanctions. Labour consultants: when they are data processors FRENCH SUPERVISORY AUTHORITY: The CNIL publishes the professional support charter NORWEGIAN SUPERVISORY AUTHORITY: military forces will have the access to police’s registers LUXEMBOUG SUPERVISORY AUTHORITY: MAIN PRINCIPLES DANISH SUPERVISORY AUTHORITY: telephone call registered by the regional healthcare wards. ROMANIAN SUPERVISORY AUTHORITY: sanction for a GDPR breach. IRISH SUPERVISORY AUTHORITY: CCTV, Discovery and Access Requests SPANISH SUPERVISORY AUTHORITY: AEPD launches a Digital Deal with the support of leading business organisations, foundations, media associations and audiovisual groups. SWISS SUPERVISORY AUTHORITY: Data protection requirements for the collection of health data by private actors in the fight against the pandemic A huge attack on more than 3 billion credentials for sale online. FINNISH SUPERVISORY AUTHORITY: the office of the EDPS has published the accreditation criteria for the code of conduct’s supervisors Data protection: facial recognition and the most problematic aspects. LITHUANIAN SUPERVISORY AUTHORITY: The Stata Data Inspectorate has planned inspections for the 2021. FINNISH SUPERVISORY AUTHORITY: European Data Protection Board recommendations on the Data Protection Directive in criminal matters and draft provisions of the additional protocol to the convention on cybercrime. BRITISH SUPERVISORY AUTHORITY: Blog: Supporting Novartis to improve patient care during the pandemic LATVIALAN SUPERVISORY AUTHORITY: personal data breaches. FRENCH SUPERVISORY AUTHORITY: “TousAntiCovid”, the CNIL examines the “StopCovid” app evolution. FRENCH SUPERVISORY AUTHORITY: Online publication and reuse of open data. There are about 20 possible cases of breaches, DPO in a minefield. LITHUANIAN SUPERVISORY AUTHORITY: the 25th of May we celebrate the second year of the General Data Protection Regulation (GDPR). POLISH SUPERVISORY AUTHORITY: email and the fight against unwanted advertising. SLOVENIAN SUPERVISORY AUTHORITY: the Information Commissioner (IP) confirms the unadjusted legal base for the COVID app working: the impact assessment can not correct to the deficiencies of the current legislation, that the IP has actively underlines before the law adoption. ITALIAN SUPERVISORY AUTHORITY: Tik Tok to comply with the requests by the Italian Garante The Italian SA will monitor effectiveness of the measures put in place DANISH SUPERVISORY AUTHORITY: use of the oversight program at the University for the online exams. SLOVENIAN SUPERVISORY AUTHORITY: The European Court of Justice repeals the privacy shield, standard contractual clauses reiman in force. FRENCH SUPERVISORY AUTHORITY: Cookies : the CNIL encourages the private and public organizations to control their website and mobile applications. Hacker attack to a website of premium escort, more than 470.000 users put at the online risks and sexual blackmail. NORWEGIAN SUPERVISORY AUTHORITY: Cyberbook has been sanctioned. ICELANDIC SUPERVISORY AUTHORITY: TikTok has been banned in Italy. GERMAN SUPERVISORY AUTHORITY: data processing for the provision of FFP2 facemasks. NORWEGIAN SUPERVISORY AUTHORITY: Digital infection control, the first big test of privacy legislation. EUROPEAN DATA PROTECTION BOARD: Belgian DPA imposes €50,000 Fine on Family Service EUROPEAN DATA PROTECTION BOARD: Children and Social Networks: Italian DPA Requests Information on Processing from Facebook and Instagram NEW ZEALAND SUPERVISORY AUTHORITY: Emojis reveal true story in exemplary response to privacy breach POLISH SUPERVISORY AUTHORITY: Codes of conduct must meet certain requirements LITHUANIAN SUPERVISORY AUTHORITY: on the initiative of the Lithuanian Union of Poles “public census of the Vilnius region”. BRITISH SUPERVISORY AUTHORITY: Blog: Information Commissioner looks ahead to 2021 SWEDEN SUPERVISORY AUTHORITY: IMY approves the binding corporate rules. AUSTRALIAN SUPERVISORY AUTHORITY: Recommendations following investigation into FOI processing by Home Affairs POLISH SUPERVISORY AUTHORITY: another sanction for the lack of cooperation with the Personal Data Protection Office. GERMAN SUPERVISORY AUTHORITY: BfDI criticizes 1.000 days without implement the JI directive. DANISH SUPERVISORY AUTHORITY: the new guidelines shall offer a higher transparency on sanctions required by the GDPR FRENCH SUPERVISORY AUTHORITY: local authorities: the CNIL and Déclic association mix together their forces. NORWEGIAN SUPERVISORY AUTHORITY: response to the public consultation about law changes on e-communications. ITALIAN SUPERVISORY AUTHORITY: Roma Capital: sanction by the Data Protection Authority for “Tu passi”. Citizens and employees unaware of how their data were used. ITALIAN SUPERVISORY AUTHORITY: Telemarketing: public registration of oppositions, regulation applies only to operator calls. Hacker: dating website breached, user’s sensitive data has been shared and published online. GERMAN SUPERVISORY AUTHORITY: BfDI criticizes 1.000 days without implement the JI directive. NORWEGIAN SUPERVISORY AUTHORITY: Penalty notice for infringement AUSTRALIAN SUPERVISORY AUTHORITY: Human factor dominates latest data breach statistics SWEDISH SUPERVISORY AUTHORITY: IMY sends the report on the privacy protection to the government. SPANISH SUPERVISORY AUTHRITY: The AEPD presents the campaign “One Click can ruin your life” in order to warn on the risks of sexual or violence contents spreading. FRENCH SUPRVISORY AUTHORITY: “Credential stuffing”: the CNIL sanctions a data controller and his data processors. POLISH SUPERVISORY AUTHORITY: WSA, the UODO decision which impose a sanction in cross-border proceedings. DUTCH SUPERVISORY AUTHORITY: AP asks for GGD clarifications. ITALIAN SUPERVISORY AUTHORITY: minors on social networks: the Italian Data Protection opens a dossier on Facebook and Instagram. Other social networks will be under investigations. AUSTRALIAN SUPERVISORY AUTHORITY: Information Commissioner orders compensation payable by Home Affairs for breaching detainees’ privacy BRITISH SUPERVISORY AUTHORITY: Fines totalling £480,000 issued to companies making nuisance calls DUTCH SUPERVISORY AUTHORITY: AP telephonically hard to reach due to questions about data theft GGD. LATVIAN SUPERVISORY AUTHORITY: Data have value, you must protect them! ESTONIAN SUPERVISORY AUTHORITY: What is the effect of the security video camera on the job stress? DANISH SUPERVISORY AUTHORITY: When is it necessary share personal information with the police? SocialArks case: Data Scraping FINNISH SUPERVISORY AUTHORITY: joint opinions of the European Data Protection Board and the European Data Protection Supervisor on the new standard clauses of the Commission. BRITISH SUPERVISORY AUTHORITY: Blog: Information Commissioner looks ahead to 2021 BURGARIAN SUPERVISORY AUTHORITY: the 28th of January, the European Data Protection Commission celebrates the personal data protection Day. SINGAPOREAN SUPERVISORY AUTHORITY: ASEAN Data Management Framework and Model Contractual Clauses on Cross Border Data Flows EUROPEAN DATA PROTECTION SUPERVISOR: Data for the public good: Building a healthier digital future DANISH SUPERVISORY AUTHORITY: the management of test results is under investigation at the Danish Data Protection Agency. ITALIAN SUPERVISORY AUTHORITY: Data breach: the instructions of the European Privacy Authority in order to manage data breaches. ITALIAN SUPERVISORY AUTHORITY: TikTok: after the case of the little girl in Palermo, the Data Protection Authority authorises the social network freezing order. POLISH SUPERVISORY AUTHORITY: the guidelines on examples of data breaches report consultation is under way. POLISH SUPERVISORY AUTHORITY: day 15 of personal data protection in schools. FINNISH SUPERVISORY AUTHORITY: Guidelines project of the European Data Protection Board on examples of personal data breach notification for a public consultation. BRITISH SUPERVISORY AUTHORITY: Adtech investigation resumes FRENCH SUPERVISORY AUTHORITY: the CNIL publishes its second opinion on the Parliament about the conditions for the implementation of SI-DEP, Contact Covid, Vaccin COVID and TousAntiCovid. DANISH SUPERVISORY AUTHORITY: The Personal Data Protection Agency is delivering the lawsuit “TikTok” to Ireland. DUTCH SUPERVISORY AUTHORITY: AP attracts attention to supermarkets and their rules of facial recognitions. CZECH SUPERVISORY AUTHORITY: Store retention times shall be individually imposed for each body. Identity theft and consequent illicit activities: The dark web EUROPEAN DATA PROTECTION BOARD: Guidelines 01/2021 on Examples regarding Data Breach Notification POLISH SUPERVISORY AUTHORITY: Is available the polish version of the Children Data Protection Guidelines in the educational environment. Sanctions for 11 million euros in a few weeks: banks targeted by the Spanish Data Protection Authority. HONG-KONG SUPERVISORY AUTHORITY: Instant Messaging App Extends Deadline for Accepting New Terms of Service and Privacy Policy Privacy Commissioner Welcomes the Arrangement and Calls for Further Explanation to Users SPANISH SUPERVISORY AUTHORITY: AEPD has already fulfilled the 65% of tasks in its 2019-2024 Social Responsibility Action Framework. DANISH SUPERVISORY AUTHORITY: 14 studies completed about the security SINGAPOREAN SUPERVISORY AUTHORITY: new decisions of the Commission of the 14th of Januray 2021 NORWEGIAN SUPERVISORY AUTHORITY: decision on the breach tax to Coop Finnmark. BY THE LITHUANIAN DATA PROTECTION AUTHORITY: Results of the contest, What do lithuanian think about personal data protection? POLISH SUPERVISORY AUTHORITY: Do not hesitate to check potential system vulnerabilities. Italian DPA: green light for the Call Center Immuni. Whatsapp, the new privacy policy offered to users is not clear. POLISH SUPERVISORY AUTHORITY: The personal data protection office investigates the data breach on the telemedicine platform. BRITISH SUPERVISORY AUTHORITY: ICO and National Privacy Commission, Philippines, sign Memorandum of Understanding IRISH SUPERVISORY AUTHORITY: Domestic CCTV 10 million of euros sanction for the company, indiscriminate video surveillance on employees in work environments. POLISH SUPERVISORY AUTHORITY: lack of report for a persona data breach without undue delay as a reason for imposing a sanction. SLOVENIAN SUPERVISORY AUTHORITY: new rules about the use of drones. CZECH SUPERVISORY AUTHORITY: the Office has imposed sanctions for spam. ROMANIAN SUPERVISORY AUTHORITY: a new sanction for a GDPR breach. SWEDISH SUPERVISORY AUTHORITY: The swedish Data Inspectorate is becoming the privacy data protection authority (IMY). FRENCH SUPERVISORY AUTHORITY: trade promotion: public sanction against the society PERFORMECLIC. ITALIAN SUPERVISORY AUTHORITY: electronic health record, no expiring date for the data input. MEXICAN SUPERVISORY AUTHORITY: Sanctions imposed in 2020 for federal legislation breaches on the personal data protection for an amount of 39 million of pesos. MEXICAN SUPERVISORY AUTHORITY: INAI will implement the Registry of Best Practice Schemes regarding the protection of personal data in the public sector. HONG-KONG SUPERVISORY AUTHORITY: Instant Messaging App Changes its Terms of Service and Privacy Policy Privacy Commissioner Appeals to Users to Carefully Consider the New Terms NORWEGIAN SUPERVISORY AUTHORITY: Algorithms, trust and sandboxes NORWEGIAN SUPERVISORY AUTHORITY: Lindstrand Trading AS receives commission for infringement NORWEGIAN SUPERVISORY AUTHORITY: Notification of the sanction to Innovation Norway POLISH SUPERVISORY AUTHORITY, UODO: bring an action against Fortum FRENCH SUPERVISORY AUTHORITY: Suspension of the drone use for the control of the isolation in Paris from the State Council, CNIL. NETHERLAND SUPERVISORY AUTHORITY: medical record, health service providers and GDPR. GDPR breach: an employee of the bank used Whatsapp for documents’s send. CZECH SUPERVISORY AUTHORITY, ÚOOÚ: for providing information on salary of directors of Czech radio. LITHUANIAN SUPERVISORY AUTHORITY: Information on E-services Provided by the State Data Protection Inspectorate Coronavirus: Whatsapp rumors list about roma ethnic group infected SLOVENIAN SUPERVISORY AUTHORITY: the introduction of e-toll for cars SPANISH SPERVISORY AUTHORITY: ‘For everything behind’ campaign receives award for best institutional online advertising campaign at the Internet Awards ESTONIAN SUPERVISORY AUTHORITY: How to ask for consent? ROMANIAN SUPERVISORY AUTHORITY: an online drawing competition for children up to 14 years NORWEGIAN SUPERVISORY AUTHORITY: Ask for more information about Smittestopp FRENCH SUPERVISORY AUTHORITY, CNIL: personal data anonymization ESTONIAN SUPERVISORY AUTHORITY: a legitimate interest guide is now ready AUSTRALIAN SUPERVISORY AUTHORITY, OAIC: COVID-19 NORWEGIAN SUPERVISORY AUTHORITY: personal information for students in school can be misleading FINNISH SUPERVISORY AUTHORITY: the GEPD commissioned the society to modify the way the consent is required for the cookie’s use. NEW ZEALAND SUPERVISORY AUTHORITY: The app race to contact trace ICELANDIC SUPERVISORY AUTHORITY: A new notification security breach portal has been created. FRENCH SUPERVISORY AUTHORITY, CLIN: Remote payment with credit card POLISH SUPERVISORY AUTHORITY, UODO: How to use correctly the video conference system? BELGIAN SUPERVISORY AUTHORITY: Who is the controller? DANISH SUPERVISORY AUTHORITY: JobTeam set at the end ITALIAN SUPERVISORY AUTHORITY, GPDP: Covid-19, serological tests in the workplace: clarifications of the Italian Data Protection Authority – Employer cannot directly carry out diagnostic tests on employees. AUSTRALIAN SUPERVISORY AUTHORITY: OAIC expands oversight role as privacy safeguards for COVIDSafe app made law Australian Information Commissioner and Privacy NORWEGIAN SUPERVISORY AUTHORITY: The Data Inspectorate opens an investigation on MyHeritage IRISH SUPERVISORY AUTHORITY: A Practical Guide to Personal Data Breach Notifications under the GDPR SWEDISH SUEPRVISORY AUTHORITY: Data inspectorate launches review of camera surveillance in buildings and flats NORWEGIAN SUPERVISORY AUTHORITY: Data inspectorate requires Disqus declaration CZECH SUPERVISORY AUTHORITY: Measurement of workplace temperature during a coronavirus pandemic FRENCH SUPERVISORY AUTHORITY: the CNIL publishes its GDPR registry SPANISH SUPERVISORY AUTHORITY: The AEPD publiches privacy recommendations on 5G technology. POLISH SUPERVISORY AUTHORITY, UODO: EROD, the application of the GDPR is part of the National Supervisory Authority. FRENCH SUPERVISORY AUTHORITY: Lifting of lockdown: the CNIL’s opinion on the draft decree governing the information systems implemented to monitor COVID-19 contaminated persons BY THE GERMAN DATA PROTECTION AUTHORITY, BFDI: FAQ about SWIFT SLOVENIAN SUEPRVISORY AUTHORITY: EDPB updates guidelines SWEDISH SUPERVISORY AUTHORITY: the wrong online post about sensitive personal data in Örebro DANISH SUPERVISORY AUTHORITY: Third transfer: transfer to countries or international bodies extra-UE NORWEGIAN SUPERVISORY AUTHORITY: The Data Inspector closely examines the location tracking. AUSTRIAN SUPERVISORY AUTHORITY: The Europol is the EU law enforcement agency AUSTRIAN SUPERVISORY AUTHORITY: EU fingerprint digital system for asylum seekers. HONG-KONG SUPERVISORY AUTHORITY: Matters relating to Video-recording of Reporters’ Identity Cards, etc POLISH SUPERVISORY AUTHORITY, UODO: The registration of the working time using biometric data does not comply with GDPR. EUROPEAN DATA PROTECTION AUTHORITY: TechDispatch #1/2020: Contact Tracing with Mobile Applications POLISH SUPERVISORY AUTHORITY: students contest’s resolution in schools. HONG-KONG SUPERVISORY AUTHORITY: Privacy Commissioner Condemns Doxxing Legislative Council Security Personnel SPANISH SUPERVISORY AUTHORITY: The AEPD publishes a report about the facial recognition during exams. FRENCH SUPERVISORY AUTHORITY: The GDPR is applicable also to the health system. FINNISH SUPERVISORY AUTHORITY: Frequent questions about association activities. GUERNSEY SUPERVISORY AUTHORITY: Full ‘Exit from Lockdown’ Framework published ICELANDIC SUPERVISORY AUTHORITY: What is the right to be forgotten? Where does it come from? ICELANDIC SUPERVISORY AUTHORITY: What are the general conditions for deleting a person’s personal information? DUTCH SUPERVISORY AUTHORITY: AP starts research on TikTok Privacy education in the digital culture dissemination. GERMAN SUPERVISORY AUTHORITY: data protection for police measures. HONG-KONG SUPERVISORY AUTHORITY: Legal Issues relating to Personal Data involved in Government’s distribution of Reusable Masks AUSTRALIAN SUPERVISORY AUTHORITY, OAIC: Consumer Data Right Compliance and Enforcement Policy released POLISH SUPERVISORY AUTHORITY UODO: Unauthorized access to data from the Warsaw University of Technology BRITISH SUPERVISORY AUTHORITY: ICO statement on Adtech work DANISH SUPERVISORY AUTHORITY: the standard agreement on data processing by the data protection authority that can be used both in Norway and in Sweden. SWISS SUPERVISORY AUTHORITY: update proximity tracing app SPANISH SUPERVISORY AUTHORITY: The AEPD publics a study about new technologies used to fight against coronavirus and its privacy risks POLISH SUPERVISORY AUTHORITY, UODO: proving medical records during a pandemic. FRENCH SUPERVISORY AUTHORITY, CNIL: the re-use of online data affordable by the public for the purpose of a direct market. BRITISH SUPERVISORY AUTHORITY: Blog: Information Commissioner sets out new priorities for UK data protection during COVID-19 and beyond AUSTRALIAN SUPERVISORY AUTHORITY, OAIC: Common declaration on COVID-19 and the obligation to document. CANADIAN SUPERVISORY AUTHORITY: Videoconferencing – Maintain your physical distance, but keep your personal information close DANISH SUPERVISORY AUTHORITY; SECURITY BREACH: news about the digital trial guard SPANISH SUPERVISORY AUTHORITY: the notification of safety failures is tripled in 2019, consolidating the obligation established by the Regulation. FRENCH SUPERVISORY AUTHORITY: The CNIL considers it possible to use the housing tax file for the distribution of masks by local authorities In the days of Covid-19, the pitfalls of the network POLISH SUPERVISORY AUTHORITY UODO: papel trail containing personal data and work at distance. ESTONIAN SUPERVISORY AUTHORITY: An administrative fine is coming to the Estonian legal system POLISH SUPERVISORY AUTHORITY: Panek Sa and the violation of personal data. ROMANIAN SUPERVISORY AUTHORITY: Sanctions for the violation of GDPR ITALIAN SUPERVISORY AUTHORITY: Coronavirus FAQs of the European Data Protection Supervisor about school, work, healthcare, research and local authorities. Clarifications and indications for public administrations and private companies POLISH SUPERVISORY AUTHORITY: temperature check to prevent the spread of COVID-19 POLISH SUPERVISORY AUTHORITY, UODO: Communication related to the procedure of the advertising candidate support list in the national court register DANISH SUPERVISORY AUTHORITY: health Personal data breach of 9 millions of clients: the airline company Easyjet hit by a hacker attack. NORWEGIAN SUPERVISORY AUTHORITY: notification of the breach tax in Bergen municipality DUTCH SUPERVISORY AUTHORITY: AP evaluates the telecommunication data sharing proposal DANISH SUPERVISORY AUTHORITY: new decision: management of the request for information by the penitentiary and prison service FRENCH SUPERVISORY AUTHORITY, CNIL: online exams tracking, reminder and tips of CNIL ONTARIO SUPERVISORY AUTHORITY, IPC: Joint Statement by Federal, Provincial and Territorial Privacy Commissioners POLISH SUPERVISORY AUTHORITY: EROD will soon provide a list of decisions that have been created under the Global Cooperation Mechanism The personal data of 250 thousand customers of a cosmetics company, found on an unprotected server CZECH SUPERVISORY AUTHORITY: New COVID-19 guidelines ITALIAN SUPERVISORY AUTHORITY, GPGD: Digital document storage, the Privacy Supervisor asks for more safeguards VICTORIA SUPERVISORY AUTHORITY, OVIC: Privacy for youth ITALIAN SUPERVISORY AUTHORITY, GDGP: administrative electronic process – the green light from the Privacy Supervisor FRENCH SUPERVISORY AUTHORITY: Online publication and reuse of open data. ITALIAN SUPERVISORY AUTHORITY, GPGD: the Trento cancer registry: reference from the Supervisor. SLOVENIAN SUPERVISORY AUTHORITY: attention during thermal imagers distribution and body temperature measurement. SWISS SUPERVISORY AUTHORITY: Coronavirus, protection plans ITALIAN SUPERVISORY AUTHORITY, GPGD: clarifications by the Privacy Supervisor, the Oversight Bodies roles after the GDPR NEWS FROM BRAZIL: CONTACT TRACING AND PRIVACY IN TIMES OF PANDEMIC They are actually spying on you, beware of apps that promise to protect your privacy The city council publishes online the judgement with sensitive data, it wins the lawsuit against an ex employee. FINNISH SUPERVISORY AUTHORITY: The data protection commissioner office provides three fines for data breaches. POLISH SUPERVISORY AUTHORITY, UODO: Health insurance and no information’s duties on the report of families or employees. SWEDISH SUPERVISORY AUTHORITY: Every accident is an IT attack HONG-KONG SUPERVISORY AUTHORITY: Telecommunications Company Pleaded Guilty to Violating FINNISH SUPERVISORY AUTHORITY: annual report on the activities of the European Data Protection Board in 2019: achievements in the European Data Protection Legislation. LITHUANIAN SUPERVISORY AUTHORITY: We have been ordered to temporarily to suspend quarantine application due to possible improper processing of personal data FINNISH SUPERVISORY AUTHORITY: the GDPR is at the beginning FRENCH SUPERVISORY AUTHORITY: Publication of CNIL’s opinion on the French “contact tracing” application known as “StopCovid” NORWEGIAN SUPERVISORY AUTHORITY: New consequences on intelligence services and protection of digital borders that should be studied more. NORWEGIAN SUPERVISORY AUTHORITY: a regulatory sandbox for the responsible artificial intelligence development. HONK-KONG SUPERVISORY AUTHORITY: PCPD Named “Manpower Developer” Again BRITISH SUPERVISORY AUTHORITY, ICO: testing in workplace – guideline for employers NORWEGIAN SUPERVISORY AUTHORITY: The Norwegian and British data protection authority cooperate with each other on a tracking case. POLISH SUPERVISORY AUTHORITY, UODO: video monitoring in a foster family apartment. NEW ZEALAND SUPERVISORY AUTHORITY: Assessing contact tracing solutions URUGUAYAN SUPERVISORY AUTHORITY: The Ibero-American Data Protection Network (RIPD) online 2019 activities report DANISH SUPERVISORY AUTHORITY: new decision on the failure to comply with information obligation. DANISH SUPERVISORY AUTHORITY: the 2019 annual report by the Danish Data Protection Authority NORWEGIAN SUPERVISORY AUTHORITY: reproach notice against Telenor Norge AS NORWEGIAN SUPERVISORY AUTHORITY: Consultation response on power readiness regulatory changes FRENCH SUPERVISORY AUTHORITY, CNIL: Control of site administrative block: the qualified personality presents his fifth activity report POLISH SUPERVISORY AUTHORITY, UODO: Procedures towards the Technology University in Warsaw The DPO: rotational DPO assignment in the PA, the well prepared professional does not need to pay the bribe. Increasing the health security, not rare cases about undue consultations Fse’, el Privacy Supervisor. NORWEGIAN SUPERVISORY AUTHORITY: correction order in Sbanken SPANISH SUPERVISORY AUTHORITY: THE AEPD’s report analyses the facial recognition use from the private security companies By the European Commission: Recommendations for a coordinated response to the coronavirus pandemic First the ATS Milano scared citizens with an SMS then apologized, “You’re at risk of Covid-19 contagion”. SPANISH SUPERVISORY AUTHORITY, AEPD: e-signature DUTCH SUPERVISORY AUTHORITY, AP: Why privacy is so important? GUERNSEY SUPERVISORY AUTHORITY: COVID-19 sees states adapt quickly to provide vital services remotely FINNISH SUPERVISORY AUTHORITY: The College of Penalties of the Office of the European Data Protection Supervisor (EDPS) imposed an administrative penalty for a number of deficiencies in the processing of personal data FINNISH SUPERVISORY AUTHORITY: the personal identification number (PIN) should not be used in invoices DUTCH SUPERVISORY AUTHORITY: AP evaluates the temporary telecommunications data law on privacy protection POLISH SUPERVISORY AUTHORITY, UODO: Parents’ access to data from monitoring recordings in kindergarten POLISH SUPERVISORY AUTHORITY, UODO: toys with internet connection security DANISH SUPERVISORY AUTHORITY: The municipality of Lejre is fined Video cameras and recorders into the car, taxi breached clients privacy Recruitment Company – it deleted data for not giving the feedback and it stopped the GDPR rights exercise. DANISH SUPERVISORY AUTHORITY: new decision: Carlsberg A/S NORWEGIAN SUPERVISORY AUTHORITY: Explanation requirement for ME DATA and World Citizen Report. SPANISH SUPERVISORY AUTHORITY: The AEPD analyzes for the first time the compliance with data protection in social and health assistance. ITALIAN SUPERVISORY AUTHORITY GPDP: “immuni” app: the green light of the Italian Data Protection Authority ESTONIAN SUPERVISORY AUTHORITY: The data protection inspectorate has completed a legal analysis of the activities of the economic information portals. POLISH SUPERVISORY AUTHORITY, UODO: “Golden Pen” of the UODO President for the best educational initiative distributed. FRENCH SUPERVISORY AUTHORITY, CNIL: Algorithms and Discrimination: defender of rights, with CNIL, calls for collective mobilization The Italian DPA for privacy has sanctioned “le Iene”, a prohibition to artefacts and pressions. ITALIAN SUPERVISORY AUTHORITY: Tik tok, privacy at-risk: the Data Protection Authority starts the procedure against the social network. HONG-KONG SUPERVISORY AUTHORITY: Interim Joint Statement on Global Privacy Expectations of Video Teleconferencing Companies ROMANIAN SUPERVISORY AUTHORITY: A new sanction imposed to a public authority SPANISH SUPERVISORY AUTHORITY, AEPD: security breach: email and productivity online platform. Workplace during emergency period, the personal data management. Emails received from municipal employers with the object “Coronavirus Informations” but it is ransomware. FRENCH SUPERVISORY AUTHORITY, CNIL: SI-DEP, Contact Covid and StopCovid, the CNIL starts its inspection campaign LIECHTENSTEIN SUPERVISORY AUTHORITY: Legitimate interest article 6 paragraph 1 letter f of the GDPR. DUTCH SUPERVISORY AUTHORITY: UWV improves security into employer’s portal after a AP investigation. Privacy breach: Google, 5 million $ class action. 5 million $ class action against Google. FRENCH SUPERVISORY AUTHORITY, CNIL: FAQ on StopCovid app. LATVIAN SUPERVISORY AUTHORITY: StopCovid does not keep track of people. LIECHTENSTEIN SUPERVISORY AUTHORITY: The data protection commissioner publishes the 2019 activity report. POLISH SUPERVISORY AUTHORITY, UODO: EROD: the data protection must be respected. SPANISH SUPERVISORY AUTHORITY: The AEPD subscribes to the “Telework and innovation declaration” women in a legal world as a part of their sustainability plan. HONG-KONG SUPERVISORY AUTHORITY: Privacy Issues relating to Government’s Cash Payout Scheme The digital assistance errors which threaten our privacy, what is behind? BRITISH SUPERVISORY AUTHORITY: ICO calls on UK businesses to prepare to keep data flowing at the end of the transition period DANISH SUPERVISORY AUTHORITY: new page about the protection of data addressed to children and youth. DANISH SUPERVISORY AUTHORITY: new decision: processing the request for detailed and personal information. POLISH SUPERVISORY AUTHORITY, UODO: the GDPR in a school desk – what school need to understand on data breach CANADIAN SUPERVISORY AUTHORITY: OPC publishes survey of Canadian businesses on privacy-related issues CHEZ SUPERVISORY AUTHORITY: From January, UOOU managed more than hundred of personal data security breaches. DANISH SUPERVISORY AUTHORITY: read the Danish data protection Agency 2019 annual report. POLISH SUPERVISORY AUTHORITY: public consultation on the guidelines on the restrictions according to article 23 of the GDPR. NORWEGIAN SUPERVISORY AUTHORITY: launched a new inflection block. LUXEMBOURG SUPERVISORY AUTHORITY: CORONAVIRUS (COVID-19): RECOMMENDATIONS BY THE CNPD ON THE PROCESSING OF PERSONAL DATA IN THE CONTEXT OF A HEALTH CRISIS POLISH SUPERVISORY AUTHORITY, UODO: School uses an e-diary. The parents consent for data processing is not needed. SWEDISH SUPERVISORY AUTHORITY: Completed revision by the police forces. ICELANDIC SUPERVISORY AUTHORITY: foster kid image publication on social media. DANISH SUPERVISORY AUTHORITY: new decision: non-cancellation complain. SWEDISH SUPERVISORY AUTHORITY: investigates about the accident in the custom administration. POLISH SUPERVISORY AUTHORITY: the EDPB on data transfers on Brexit. HONG-KONG SUPERVISORY AUTHORITY: The Second Anniversary of the GDPR Implementation The UE replies with a task force against Tik Tok after the Italian Data Protection Authority letter. BULGARIAN SUPERVISORY AUTHORITY: The National Assembly adopted the Annual Report of the Commission for Personal Data Protection for 2019. It did not have a DPO an home delivery app with millions users around the world. NORWEGIAN SUPERVISORY AUTHORITY: press pause in the app “Stop Infections” The Data Protection Authority has notified the Norwegian Institute of Public Health (FHI) that we will impose a temporary ban on the processing of personal data associated with the app. FHI is now temporarily suspending the use of the infectious disease. POLISH SUPERVISORY AUTHORITY, UODO: Commission Members Data publication in open competition to present proposal for the tasks performance IRISH SUEPRVISORY AUTHORITY: Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing POLISH SUPERVISORY AUTHORITY, UODO: More than 1200 Awareness-raising activities have been implemented in the tenth edition of “Your Data – Your Concern”. ROMANIAN SUPERVISORY AUTHORITY: A new sanction for GDPR breaches HONG-KONG SUPERVISORY AUTHORITY: The Second Anniversary of the GDPR Implementation The Privacy Commissioner Revised the Booklet “European Union General Data Protection Regulation 2016” DANISH SUPERVISORY AUTHORITY: new decision: old document about a club were published SWEDISH SUPERVISORY AUTHORITY: Co-operative housing association banned from using video surveillance in entrance and stairwell FRENCH SUPERVISORY AUTHORITY: The CNIL asks for supervision on the use of “smart” cameras and thermal cameras. NEW ZEALAND SUPERVISORY AUTHORITY: Logging into the 53rd APPA Forum FRENCH SUPERVISORY AUTHORITY: health data breaches, the CNIL sanctions two doctors. Anti-Covid-19 Tracking app – The Norwegian stop caused by privacy problems. During the Covid-19 restrictions on privacy obligations and rights must be circumstantial Goodbye privacy for a hundred of “particular bad habits” users in a dating app. DANISH SUPERVISORY AUTHORITY: personal data security breach into the Randers Municipality CZECH SUPERVISORY AUTHORITY: The European Data Protection Board (EDPB) draws the attention on illegal practices in order to ask consent during the cookie use. DANISH SUPERVISORY AUTHORITY: Live streaming out of school? FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board establishes a team work in order to coordinate the TikTok activities and presents its position on the facial recognition technology use into the police forces. FINNISH SUPERVISORY AUTHORITY: Prescription service 2020 request: Social and health care and pharmacies must have policies to detect safety breaches FRENCH SUPERVISORY AUTHORITY, CNIL: the so called “smart” video cameras and thermal cameras: supervisory point of CNIL and rules that must be observed DUTCH SUPERVISORY AUTHORITY, AP: EDPB, borders re-open during the coronavirus? Pay attention to privacy! SLOVENIAN SUPERVISORY AUTHORITY: Excessive publication of personal data in the service of the public notice also in other bodies – social welfare centres and the police The cloud provider cannot be a processor: when and why. ROMANIAN SUPERVISORY AUTHORITY: sanction for GDPR breach. POLISH SUPERVISORY AUTHORITY: You can discover results of recruitment into a nursery, for example by an email. BRITISH SUPERVISORY AUTHORITY: ICO releases findings on the use of mobile phone extraction by police forces HONG-KONG SUPERVISORY AUTHORITY, PCPD: Data Breach Incident of the University of Hong Kong DANISH SUPERVISORY AUTHORITY: Insufficient security in debts collection letters delivery. SPANISH SUPERVISORY AUTHORITY: AEPD declaration on keeping COVID-19 antibodies for job offer and research. URUGUAYAN SUPERVISORY AUTHORITY: contact tracing into mobile app: recommendation in order to protect personal data. POLISH SUPERVISORY AUTHORITY, UODO: EROD on questions in order to establish infective contacts. SWISS SUPERVISORY AUTHORITY: IFPDT recommendations in the openness principle. ITALIAN SUPERVISORY AUTHORITY, GPDP: The Italian DPA (Garante) tasks. Chrome was watching users without their knowledge, 70 browser extensions were discovered. URUGUAYAN SUPERVISORY AUTHORITY: Body temperature control before Covid-19: How to protect personal data? GERMAN SUPERVISORY AUTHORITY: BFDI presents activities reports. By reusing papers already printed on the back with other clients’ personal data, a lawyer sends a letter of invitation. DANISH SUPERVISORY AUTHORITY: The Data Inspectorate is studying the consent solutions of The Blue Newspaper. LIECHTENSTEIN SUPERVISORY AUTHORITY: Description of the data protection review process LITHUANIAN SUPERVISORY AUTHORITY: updated guidelines on security measures of personal data and risks assessment. POLISH SUPERVISORY AUTHORITY, UODO: prior consultation, who and when can use it? French data protection Authority sanction, Google loses the appeal and now needs to pay 50 million of euros. DANISH SUPERVISORY AUTHORITY: new report on data transfer SSI. SWEDISH SUPERVISORY AUTHORITY: Data Inspectorate completed review of police criminal record. SINGAPOREAN SUPERVISORY AUTHORITY, PDPC: Advisory on Impersonation of PDPC Officers BRITISH SUPERVISORY AUTHORITY: ICO to recover £250,000 fine from Manchester claims management firm NORWEGIAN SUPERVISORY AUTHORITY: The Data Protection Commission designed by the Council of Minister. DANISH SUPERVISORY AUTHORITY: personal data processing in private contexts. SPANISH SUPERVISORY AUTHORITY: The AEPD publishes the most common errors list of the biometric use and the way they influence the data protection. DANISH SUPERVISORY AUTHORITY: new decision, insufficient security measure into the Southern Region of Denmark. FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board (EDPB) takes a position on the interoperability of the tracing contact questions and on the personal data protection right ahead of the reopening of the borders. IRISH SUPERVISORY AUTHORITY: DPC Ireland 2018-2020 Regulatory Activity Under GDPR NORWEGIAN SUPERVISORY AUTHORITY: tax notification to Aquateknikk AS POLISH SUPERVISORY AUTHORITY, UODO: Selfie with a school certificate? Yes, but without any personal data visible. SWEDISH SUPERVISORY AUTHORITY: starts an ABB audit DUTCH SUPERVISORY AUTHORITY: the formal warning of AP on the facial recognition at the supermarket. SWEDISH SUPERVISORY AUTHORITY: The Data Inspectorate starts the exam of European investigations system LITHUANIAN SUPERVISORY AUTHORITY: The State Data Protection Authority has developed guidelines on the personalized and standardized data protection. LITHUANIAN SUPERVISORY AUTHORITY: the State Data Protection Inspectorate has prepared “the guidelines for the assessments of supply of personal data”. ICELANDIC SUPERVISORY AUTHORITY: the processing of Skeljungs hf. on the email account of an employee at the time of retirement. IRISH SUPERVISORY AUTHORITY: Data Protection Commission announces decision in Twitter inquiry ITALIAN SUPERVISORY AUTHORITY, GPDP: 2019 activities report JAPANESE SUPERVISORY AUTHORITY, PPC: Personal Information Protection Commission’s view on effective use of contact tracing App to help deal with Coronavirus disease (COVID-19) INDIAN SUPERVISORY AUTHORITY: Why Facebook’s opt-out of political ads is a short-sighted solution FRENCH SUPERVISORY AUTHORITY: medical investigation about COVID-19, the CNIL has mobilized next to the Institut Pasteur. ICELANDIC SUPERVISORY AUTHORITY: because of press release of the Consumer Association and ASI on creditinfo terms HONG-KONG SUPERVISORY AUTHORITY: Privacy Commissioner Organises Online Workshop “Privacy Awareness Week 2020: From Principles to Practice – Personal Data Protection for Enterprises” Updating Businesses on Developments of Global Privacy Regulations Practicing Compliance and Data Ethics NEW ZEALAND SUPERVISORY AUTHORITY: Man awarded $50,000 for destruction of file FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board (EPBD) publishes an assessment on the GDPR: the new legislation has improved the citizen rights. GERMAN SUPERVISORY AUTHORITY: BfDI is pleased to welcome the BGH decision on Facebook. BULGARIAN SUPERVISORY AUTHORITY: The European Commission published a report reviewing and evaluating the General Data Protection Regulation CZECH SUPERVISORY AUTHORITY: privacy during Coronavirus and the project Smart Quarantine. Defamation must be followed by delineation from search engine: Milan court The appointments of the new Collegio of the Italian Data Protection Authority, Chamber of Deputies and Senate, were convened on 14 July. SLOVENIAN SUPERVISORY AUTHORITY: tracking contact app. DANISH SUPERVISORY AUTHORITY: new register for the decision into the European Union. SLOVENIAN SUPERVISORY AUTHORITY: The member states need to provide the Supervisor Data Protection Authorities of adequate fundings, human resources and technicals. CANADIAN SUPERVISORY AUTHORITY: Combination of weaknesses led to massive data breach at Desjardins SWEDISH SUPERVISORY AUTHORITY: 300.000 SEK of sactions against the property companies. A more than 1 million dollar ransomware, The Californian University. HONG-KONG SUPERVISORY AUTHORITY: cyber security risks increase into the epidemic situation. The Privacy Commissioner provides security advices. ITALIAN SUPERVISORY AUTHORITY, GDDP: Data breach, a Bank sanctioned by the Italian Data Protection Authority (Garante). ITALIAN SUPERVISORY AUTHORITY, GPDP (garante): Covid-19 and Judicial Officer protection from the infection. ITALIAN SUPERVISORY AUTHORITY, GPDP: two years of GDPR, the report of the European Commission. CROATIAN SUPERVISORY AUTHORITY: National Professional Conference: new legislation on private protection POLISH SUPERVISORY AUTHORITY, UODO: free app. Are they really free? POLISH SUPERVISORY AUTHORITY: An incident safety review is not a regular test of technical measures. NORWEGIAN SUPERVISORY AUTHORITY: advisory response about the changes of the public administration legislation. SLOVENIAN SUPERVISORY AUTHORITY: the tracking contract app should be voluntary and the legal bases especially defined. Association fined because it sent marketing messages to ex-donor of fundraising. DANISH SUPERVISORY AUTHORITY: new decision, unauthorized access to video surveillance. JAPANESE SUPERVISORY AUTHORITY: Promulgation of the Amendment Act of the Act on the Protection of Personal Information, etc. (12th June, 2020) SPANISH SUPERVISORY AUTHORITY, AEPD: The AEPD announces the 2020 Data Protection Awards in order to differentiate the best practices in different areas. EUROPEAN DATA PROTECTION BOARD (EDPB): Belgian DPA imposed a fine of 1,000 EUR on an association that sent direct marketing messages to (former) donors for fundraising SINGAPOREAN SUPERVISORY AUTHORITY: Privacy Awareness Week 2020 FINNISH SUPERVISORY AUTHORITY: The Assistant Supervisor ordered the company to delete address information from car parking tickets GERMAN SUPERVISORY AUTHORITY: The anonymization consultation process was successful. CANADIAN SUPERVISORY AUTHORITY, OPC: Privacy Commissioners launch joint investigation into Tim Hortons mobile app BELGIAN SUPERVISORY AUTHORITY: sensible data CIPRIAN SUPERVISORY AUTHORITY: ANNOUNCING THE FEATURES OF THE PRODUCTION PROTECTION COMMITTEE. Access by other health professionals into the medical records of GESY patients MALTESE SUPERVISORY AUTHORITY: Unsolicited Direct Marketing SPANISH SUPERVISORY AUTHORITY, AEPD: Cryptography and privacy III: Homomorphic cryptography GERMAN SUPERVISORY AUTHORITY: BfDI is pleased to welcome the decision on the data mining. The problems related to privacy protection are still unresolved, Internet of Things. ITALIAN SUPERVISORY AUTHORITY: cookies and privacy: on the user’s side. BRITISH SUPERVISORY AUTHORITY: ICO and Global Cyber Alliance sign Memorandum of Understanding ITALIAN SUPERVISORY AUTHORITY: policy and consent for the cookie use. ITALIAN SUPERVISORY AUTHORITY: Cookie, the Italian Data Protection Authority starts a public consultation on rules for their use. DANISH SUPERVISORY AUTHORITY: The Danish Data Protection Agency investigates TikTok SLOVENIAN SUPERVISORY AUTHORITY: However, the government also wants to collect information about our locations NORWEGIAN SUPERVISORY AUTHORITY: blame notice for an improper use of Google’s solutions in school. SINGAPOREAN SUPERVISORY AUTHORITY: A Guide to Job Redesign in the Age of AI Now Available FRENCH SUPERVISORY AUTHORITY: Cookies: financial penalty of 35 million euros imposed on the company AMAZON EUROPE CORE What is steganography? URUGUAYAN SUPERVISORY AUTHORITY: we move forward the annual training plan of the URCDP. BRITISH SUPERVISORY AUTHORITY: ICO warns public to be vigilant against pensions cold callers ESTONIAN SUPERVISORY AUTHORITY: The availability of medical products based on digital prescriptions from a e-pharmacy shall be guaranteed quickly. ICELANDIC SUPERVISORY AUTHORITY: The EDPB takes the first decision based on the article 65. DANISH SUPERVISORY AUTHORITY: sanctions to the municipality Access to the full documentation: it is not a privacy question: heir vs third beneficiary. EUROPEAN DATA PROTECTION BOARD: Deficiencies in how healthcare providers control staff access to patient journal data EUROPEAN DATA PROTECTION BOARD: The Estonian Data Protection Inspectorate obliged e-pharmacies to immediately terminate access to another person’s prescription information DUTCH SUPERVISORY AUTHORITY: more intelligent of the online profile. Privacy blog of Aleid Wolfsen. DANISH SUPERVISORY AUTHORITY: It has done investigations about security notifications of personal data security breach. In European countries: 66% increase in data breaches FRENCH SUPERVISORY AUTHORITY: CNIL-Inria Prize launch launched ICELANDIC SUPERVISORY AUTHORITY: Arion Bank of photographs of the joints of the children’s football tournament on the bank’s Facebook page BRITISH SUPERVISORY AUTHORITY ICO: UK regulators join forces to ensure online services work well for consumers and businesses POLISH SUPERVISORY AUTHORITY UODO:GDPR strengthens citizens’ position and adapts to the needs of the digital age NORWEGIAN SUPERVISORY AUTHORITY: Østfold HF Hospital tax notification LITHUANIAN SUPERVISORY AUTHORITY: coronavirus SMS are legally sent to abroad returnees DUTCH SUPERVISORY AUTHORITY AP: 2019 annual report: more attention in the law enforcing. POLISH DATA PROTECTION AUTHORITY UODO: explanations by Germina Apss. BRITISH SUPERVISORY AUTHORITY: ICO statement on the Competition and Markets Authority’s market study We are lowering our guard to Data Breach? SLOVENIAN SUPERVISORY AUTHORITY: The Information Commissioner proposes to the National Assembly that it does not endorse the provisions regarding the monitoring of citizens ‘ location and the mandatory application for tracking contacts NORWEGIAN SUPERVISORY AUTHORITY: Notifications fee to Odin Flissenter AS ICELANDIC SUPERVISORY AUTHORITY: Consideration of the Privacy Commissioner’s recommendations to those who come to work with children for the use of community members to disclose personal information about children, including pictures. FRENCH SUPERVISORY AUTHORITY, CNIL: The national task force for the fight against fraud and scams is mobilized. POLISH SUPERVISORY AUTHORITY UODO: Drone and privacy 1.24 million dollars fine, an insurance company sent advertising offers without the consent. The first sanction in the Isle of Man that is not part of the EU but has aligned with the GDPR DUTCH SUPERVISORY AUTHORITY AP: Fine for BKR due to costs of accessing personal data. ESTONIAN SUPERVISORY AUTHORITY: In the first half of the year, the Estonian Data Inspectorate has examined the documents registers. CANADIAN SUPERVISORY AUTHORITY: Clearview Al stops to offer its own facial recognitions technology in Canada. NEW ZEALAND SUPERVISORY AUTHORITY: no compensation for privacy breach. Dark web: caused by a data breach more than millions of personal data of car owners has been sold. NORWEGIAN SUPERVISORY AUTHORITY: Adopt a temporary ban for infectious diseases. DUTCH SUPERVISORY AUTHORITY: employee’s file. BRITISH SUPERVISORY AUTHORITY, ICO: What are PERC? BRITISH SUPERVISORY AUTHORITY, ICO: Data protection fee non-payment trends report Non-payment of the data protection fee trends report, Q3 2019-20 We have to work more: Blockchain and Privacy Found wise guys with the help of software is not a legal obligation for the INPS: Medical Check-ups and “Data Mining” POLISH SUPERVISORY AUTHORITY, UODO: WSA confirmed the DPA decision issued to GGK. RUSSIAN SUPERVISORY AUTHORITY: Students of Moscow and of the Region have been invited to test their acknowledgement into a safe Internet use. FINNISH SUPERVISORY AUTHORITY: the update guide on data protection in working like has been published. FRENCH SUPERVISORY AUTHORITY: Going on holidays, mistakes to avoid on web. ROMANIAN SUPERVISORY AUTHORITY: Data protection as a pillar of citizen empowerment and the EU’s approach to digital transition – two years of application of the General Data Protection Regulation (GDPR) ICELANDIC SUPERVISORY AUTHORITY: Because of the TikTok press coverage. BRITISH SUPERVISORY AUTHORITY: The Office of the Australian Information Commissioner and the UK’s Information Commissioner’s Office open joint investigation into Clearview AI Inc. SPANISH SUPERVISORY AUTHORITY, AEPD: The Agency analyses the personal data protection during Covid-19 into the Menendez Pelayo University courses. ITALIAN SUPERVISORY AUTHORITY, GPDP: President of the Italian Data Protection Authority’s audition (Garante), Antonello Sor. Following the cognitive investigation on different violence’s forms among children and teenagers. NORWEGIAN SUPERVISORY AUTHORITY: Presentation requirement to the Oslo University Hospital POLISH SUPERVISORY AUTHORITY, UODO: Necessary arrangement for personal data process registered on lost device. SPANISH SUPERVISORY AUTHORITY: ten reasons for a responsible sharing campaign to raise awareness on minors images use on the net. ROMANIAN SUPERVISORY AUTHORITY: Fines for GDPR breaches. NORWEGIAN SUPERVISORY AUTHORITY: Debate on student’s privacy. FINNISH SUPERVISORY AUTHORITY: The European Commission has published an impact assessment on the EU legislation on the single data space. ITALIAN SUPERVISORY AUTHORITY: Codes of conduct, requirements for OdM accreditation have been approved by the Italian Data Protection Authority. NORWEGIAN SUPERVISORY AUTHORITY: payable final decision to the Raelingen Municipality. POLISH SUPERVISORY AUTHORITY, UODO: the UODO president imposes a sanction into the cross-borders process. URUGUAYAN SUPERVISORY AUTHORITY: personal data protection during COVID-19 An Yahoo ex-employee peers into youth mails users, he has been sentenced to 5 years of house arrest. No shopping at the supermarket and goodbye to privacy for who has criminal records with the use of the facial recognition. The European Commission report, two years after the GDPR. CIPRIAN SUPERVISORY AUTHORITY: carry out compliance checks with the GDPR. (General Data Protection Regulation). DANISH SUPERVISORY AUTHORITY: new decision, supervision of the personal information process of travellers from Fybnus l/S BRITISH SUPERVISORY AUTHORITY, ICO: Commissioner comment on Lord’s Committee digital technology report LITHUANIAN SUPERVISORY AUTHORITY: The State Data Protection Inspectorate has signed a cooperation agreement with the Kazimieras Simonavičius University. CANADIAN SUPERVISORY AUTHORITY: Statement: Supreme Court of Canada ruling bolsters the privacy rights of Canadians Canadians ITALIAN SUPERVISORY AUTHORITY, GPGD: COVID-19, Privacy Italian DPA FAQ on national contact tracing apps and regional apps HONG-KONG SUPERVISORY AUTHORITY: Privacy concerns about personal data with regard to the program “Referral Democratic 35+” (Primary elections) POLISH SUPERVISORY AUTHORITY: ABC recruitment EUROPEAN DATA PROTECTION SUPERVISOR, EDPS: Reinventing the trainee conference in times of COVID-19 BRITISH SUPERVISORY AUTHORITY: Collecting customer and visitor details for contact tracing DUTCH SUPERVISORY AUTHORITY: Fines and other sanctions DUTCH SUPERVISORY AUTHORITY: Personal data on Net. NORWEGIAN SUPERVISORY AUTHORITY: decision on the infringement tax to the Municipal of Indre Østfold. LIECHTENSTEIN SUPERVISORY AUTHORITY: additional measures in order to guarantee an equal level of personal data protection. FRENCH SUPERVISORY AUTHORITY: Informatique et Libertés: review of the creation of the CNIL during the term of the Valéry Giscard d’Estaing President. DANISH SUPERVISORY AUTHORITY: Security breaches in a zoo. SPANISH SUPERVISORY AUTHORITY: introduction to 5g technologies and its privacy risks. SPANISH SUPERVISORY AUTHORITY: Administrative consequences, disciplinary, civil and criminal of the sensitive content dissemination. NORWEGIAN SUPERVISORY AUTHORITY: an brief overview on privacy principles. MEXICAN SUPERVISORY AUTHORITY, INAI: the pandemic period has underlined weaknesses into the health system patient data process. FINNISH SUPERVISORY AUTHORITY: The European Commission is getting ready to guarantee data protection into personal data transfers after the Brexit transition period. BELGIAN SUPERVISORY AUTHORITY: sanction for 600.000 euros: the APS sanctioned Google Belgium for the non-observance to the right to be forgotten ITALIAN SUPERVISORY AUTHORITY, GPDP: Telephone operators: is still going on the activity control of the Italian DPA (Garante), sanction to Wind for about 17 million euros and Iliad for 800.000 euros. POLISH SUPERVISORY AUTHORITY, UODO: The employer likes a controller of personal data into the employee’s documentations. SLOVAKIAN SUPERVISORY AUTHORITY: guidelines on the right to be forgotten into search engines. BRITISH SUPERVISORY AUTHORITY: ICO statement on the judgement of the European Court of Justice in the Schrems II case CZECH SUPERVISORY AUTHORITY: The court has rejected the privacy Shield UE-USA and did not question the validity of standard contract terms. POLISH SUPERVISORY AUTHORITY: lack of cooperation with the Authority. SLOVENIAN SUPERVISORY AUTHORITY: Commissioner’s procedure for informations – insights on politician personal data. Four members that will guide the Italian DPA for the next 7 years: new new summits of the Italian DPA. Stopping personal data transfer into the USA, the European Court of Justice invalids the Privacy Shield. HONG-KONG SUPERVISORY AUTHORITY: Acting in accordance with the Law and according to Particular Circumstances of Each Case. No double standards Hacker: They were looking for holes and threatened to report them to the Italian DPA (Garante). FRENCH SUPERVISORY AUTHORITY: Privacy Shield invalidation, the CNIL and its counterparties are analyzing the consequences. BRITISH SUPERVISORY AUTHORITY, ICO: ICO launches self-assessment Freedom of Information toolkit Privacy Shield: has gone up in smoke, and today millions of companies and operators are in a dead end. FRENCH SUPERVISORY AUTHORITY: App StopCovid, the CNIL draws the consequences of its controls. BRITISH SUPERVISORY AUTHORITY: Information Commissioner’s Office publishes 2019-20 annual report AUSTRALIAN SUPERVISORY AUTHORITY: Statement regarding reported health data breach in Western Australia NEW ZEALAND SUPERVISORY AUTHORITY: Controversial AI software raises privacy concerns NEW ZEALAND SUPERVISORY AUTHORITY: The other side of the CovidCard NORWEGIAN SUPERVISORY AUTHORITY: The Data Protection Inspectorate asks for giving an account of the assessment to IB. What is Data Wiping? POLISH SUPERVISORY AUTHORITY: The UODO president and the Patient Right Ombudsman have reinforced their cooperation. CANADIAN SUPERVISORY AUTHORITY: Open letter: Global privacy expectations of video teleconference providers HONG-KONG SUPERVISORY AUTHORITY: Data Protection Authorities Issue Co-signatory Letter to Voice Out Global Privacy Expectations of Video Teleconference Providers Data access to the bank account of users: discovered a BlackRock, a new malware that steals personal information. FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board (EDPB) has adopted the first part of guideline on the right to be forgotten into research engine results. Six privacy authorities write a letter, like an ultimatum, to video conference platforms. POLISH SUPERVISORY AUTHORITY, UODO: The employer has the right to ask to the employee to confirm his own legal residence in Poland In order to recruit a foreign, the employer has the right to ask the presentation of documents which authorized him to remain in the region of the Republic of Poland. SWEDISH SUPERVISORY AUTHORITY: deficiencies in the way in which health workers control the access of the staff to clinical records. DUTCH SUPERVISORY AUTHORITY: Guidelines GDPR on the guidelines PSD2 opened for the consultation. GERMAN SUPERVISORY AUTHORITY: The EDPB resolvs the FAQ about Schrems II LETTONIAN SUPERVISORY AUTHORITY: A study of the European Union Agency for Fundamental Rights on People’s Attitudes to Security Threats POLISH SUPERVISORY AUTHORITY: Stefano Rodotà 2021 award DANISH SUPERVISORY AUTHORITY: ITALIAN SUPERVISORY AUTHORITY: algorithms and artificial intelligence. “Men make mistakes but this is what makes them higher than the machines” – a speech of Ginevra Cerrina Feroni. What is Cracking? Sanction for more than 3 million euros: Carrefour falls down on privacy DANISH SUPERVISORY AUTHORITY: new strategy for data and work based on the risks of the Danish DPA. FINNISH SUPERVISORY AUTHORITY: Project of Standard Contractual Clauses of the European Commision and opinion on the e-Privacy regulation pending before the European Data Protection Board (EDPB). FRENCH SUPERVISORY AUTHORITY: Code of conduct: publication of the accreditation requirements for monitoring bodies HONG-KONG SUPERVISORY AUTHORITY: Privacy Commissioner Stephen Kai-yi WONG examines his five-year work. ICELANDIC SUPERVISORY AUTHORITY: Letter of the Data Protection Authority to the Social Security Administration with the instruction about the use of information on IP address in surveillance. LITHUANIAN SUPERVISORY AUTHORITY: Caused by the accident into the State Enterprise Center of Register. Privacy authority: free public wifi, asks AGID for more protections for users The Privacy DPA says yes to the right to be forgotten for who is resulted extraneous to the judicial proceedings. POLISH SUPERVISORY AUTHORITY: EDPB has published some FAQ about the sentence of CGUE C-311/18 (Schrems II). DANISH SUPERVISORY AUTHORITY: Notification of the data subject in case of personal data security breach. FINNISH SUPERVISORY AUTHORITY: European Data Protection Board’s communication of binding legislation for companies with the brexit approach. EDPS: Data Protection requirements must go hand in hand with the prevention of money laundering and terrorism financing ROMANIAN SUPERVISORY AUTHORITY: sanction for the GDPR breach. The bulwark charter of ‘collective memory’, journalistic archiving prevails over the right to be forgotten. BRITISH SUPERVISORY AUTHORITY: Updated ICO statement on the judgment of the European Court of Justice in the Schrems II case. FRENCH SUPERVISORY AUTHORITY, CNIL: Personal Data anonymization. POLISH SUPERVISORY AUTHORITY: EDPB on the Binding Corporate Rules Mk with Brexit Access data to users’ bank accounts: a BlackRock has been discovered, a new malware that steals personal information. Green light of the Italian DPA: Mobility coupon. The Italian DPA asks for more security for patiences data: Healthcare, warned an ASL and a polyclinic. Sanction for some Municipalities of a Region for illicit personal data sharing, Local Authorities. DANISH SUPERVISORY AUTHORITY: The Arp-Hansen Hotel Group A/S has been sanctioned. DANISH SUPERVISORY AUTHORITY: spread of test answers. POLISH SUPERVISORY AUTHORITY, UODO: “Control, read, ask!” campaign. ESTONIAN SUPERVISORY AUTHORITY: the Data Inspectorate has obliged the e-pharmacies to stop the access to information about the requirements of another person. DANISH SUPERVISORY AUTHORITY: the guideline on personal data protection and the work conditions has been revised. ITALIAN SUPERVISORY AUTHORITY: basic income, the green light of the privacy Authority at the corner of data controls by INPS. HONG-KONG SUPERVISORY AUTHORITY: PCPD Issues Three Practical Guidance Notes Relating to Work-from-Home Arrangements for Organisations, Employees and Users of Video Conferencing Software to Enhance Data Security and Protection of Personal Data Privacy SPANISH SUPERVISORY AUTHORITY: The AEPD updates its guidelines on the cookie’s use in order to adapt it to the new guidelines of the European Data Protection Board. HONG-KONG SUPERVISORY AUTHORITY: Privacy Commissioner to host “Up-to-date Data Ecosystem and Legal Framework Exercise Course” FRENCH SUPERVISORY AUTHORITY: the CNIL has published three benchmarks for the health sector. EUROPEAN DATA PROTECTION BOARD: Telephone Operators: Italian SA Fines Wind Eur 17 Million and Iliad Eur 0.8 Million EUROPEAN DATA PROTECTION BOARD: Baden-Wuerttemberg State Commissioner imposes fine on AOK Baden-Wuerttemberg BRITISH SUPERVISORY AUTHORITY, ICO: Guidance on AI and data protection BRITISH SUPERVISORY AUTHORITY, ICO: Blog: ICO launches guidance on AI and data protection SLOVENIAN SUPERVISORY AUTHORITY: new infographic – GDPR briefly. POLISH SUPERVISORY AUTHORITY: the employee of the month becomes… RUMANIAN SUPERVISORY AUTHORITY: Sanction for GDPR breach. AUSTRALIAN SUPERVISORY AUTHORITY: Rapid detection, assessment and notification critical in data breaches DANISH SUPERVISORY AUTHORITY: Personal data security breach into the southern region of Denmark SWEDISH SUPERVISORY AUTHORITY: When you can collect personal data? ICELANDIC SUPERVISORY AUTHORITY: Opinion on the disclosure of personal information on health workers to the office of the health director by different authorities. The first decision under Article 65 of the GDPR is taken by the European Data Protection Board. FRENCH SUPERVISORY AUTHORITY: facial recognition: for a debate living up to the challenges DUTCH SUPERVISORY AUTHORITY: Ap examine the temperature detection during the coronavirus. ESTONIAN SUPERVISORY AUTHORITY: Suggestions for the employer. CANADIAN SUPERVISORY AUTHORITY: Companies involved in the mobile app industry must avoid practices that could harm consumers AUSTRALIAN SUPERVISORY AUTHORITY: Shopping up a storm? Be aware of what you share DUTCH SUPERVISORY AUTHORITY: EDPB declaration on the e-privacy regulation. LUXEMBOURG SUPERVISORY AUTHORITY: 2019 ACTIVITY REPORT PUBLICATION CROATIAN SUPERVISORY AUTHORITY: USER’S ACCOUNT COMPROMISED DURING THE INTERNET USE – PERSONAL DATA PROTECTION MEASURES. The Italian DPA Privacy vademecum: online publication of photos and videos BRITISH SUPERVISORY AUTHORITY: Marketing boss banned after thousands of nuisance calls NORWEGIAN SUPERVISORY AUTHORITY: The Arendal Municipality can still use Spekter. FRENCH SUPERVISORY AUTHORITY: sanctions start from 2.250.000 euros to 800.000 euros to the societies CARREFOUR FRANCE and CARREFOUR BANQUE. DANISH SUPERVISORY AUTHORITY: New guideline about the phone calls registrations. Before and after the transitional period, personal data and “Brexit”. Whatsapp: puts aside 77.5 million euros for potential sanctions on GDPR breaches in Iceland. “Privacypedia” about the GDPR, the poster for the drafting. HONG-KONG SUPERVISORY AUTHORITY: The Office of the Privacy Commissioner for Personal Data, Hong Kong 2019-20 Annual Report SWEDISH SUPERVISORY AUTHORITY: sanction for an illegal surveillance of video cameras into the sleeping quarters. POLISH SUPERVISORY AUTHORITY: EDPB includes next standard contractual clause’s draft. VISHING THE NEW PHISHING FRONTIER, PHONE SCAMS TO ENTREPRENEUR. POLISH SUPERVISORY AUTHORITY: a reproach for having revealed a list of people who are in quarantine POLISH SUPERVISORY AUTHORITY: Data breach at the University of Warsaw SWEDISH SUPERVISORY AUTHORITY: serious shortcomings in the school platform to Stockholm Additional measures for data transfers abroad: the European Data Protection Board adopts the recommendations POLISH SUPERVISORY AUTHORITY: EDPB has adopted recommendations on the additional measures Mk. since Schrems II. ITALIAN SUPERVISORY AUTHORITY: Aggressive telemarketing. The Italian DPA has sanctioned Vodafone for 12 million and 250 thousand euros. SLOVENIAN SUPERVISORY AUTHORITY: Final judgments previously available to the public are no longer available in practice after the Supreme Court ruling – response to the press release of the Supreme Court of the Republic of Slovenia on public access to court rulings DANISH SUPERVISORY AUTHORITY: the security breach should have been reported to the Danish Data Protection Agency FINNISH SUPERVISORY AUTHORITY: Data transfers to third countries: recommendations on safeguards to complement the transfer instruments and draw up new standard clauses for the Commission FRENCH SUPERVISORY AUTHORITY: Rent management, CNIL launches a public consultation on its draft standard HONG-KONG SUPERVISORY AUTHORITY: Privacy Commissioner Calls for Greater Vigilance When Teenagers Go Online Beware of Swindlers of Personal Data AUSTRALIAN SUPERVISORY AUTHORITY: OAIC issues first 6-month COVIDSafe privacy report POLISH SUPERVISORY AUTHORITY: Consultations on the EDPB recommendations with the Schrems II Judgement. ROMANIAN SUPERVISORY AUTHORITY: Sanction for GDPR breach. AUSTRALIAN SUPERVISORY AUTHORITY: Privacy safeguards examined in COVIDSafe Assessment Program NEW ZEALAND SUPERVISORY AUTHORITY: International knowledge bolsters OPC DUTCH SUPERVISORY AUTHORITY: necessary AP growth to protect citizens in digitising Netherlands DUTCH SUPERVISORY AUTHORITY: Statement from the Privacy Commissioner of Canada following the tabling of Bill C-11 EUROPEAN DATA PROTECTION BOARD: European Data Protection Board – 42nd Plenary session: Presentation of two new sets of SCCs & EDPB adopts statement on ePrivacy Regulation NEW ZEALAND SUPERVISORY AUTHORITY: Model contract clauses for sending personal information overseas EUROPEAN DATA PROTECTION BOARD: Aggressive telemarketing practices: Vodafone fined over 12 million Euro by Italian DPA ICELANDIC SUPERVISORY AUTHORITY: annual report of the Personal Data Protection Authority NORWEGIAN SUPERVISORY AUTHORITY: Tax for infringement to the customer chamber. SLOVAKIAN SUPERVISORY AUTHORITY: Recommendations on Essential European Guarantees for surveillance measures The box left in the contract for the collection of the identity card does not prove the privacy consent of the data subject, European Court of Justice. DANISH SUPERVISORY AUTHORITY: SECURITY BREACH. NORWEGIAN SUPERVISORY AUTHORITY: protection of the exposed digital borders. MALTESE SUPERVISORY AUTHORITY: Recomendations 02/2020 on the European Essential Guarantees for the surveillance measures. DANISH SUPERVISORY AUTHORITY: conditions for the accredited inspection bodies for codes of conducts. BRITISH SUPERVISORY AUTHORTITY: UK political parties must improve data protection practices DUTCH SUPERVISORY AUTHORITY: EDPB recommendations on the personal data transfer after the Schrems II Judgement. NORWEGIAN SUPERVISORY AUTHORITY: the critical about changes in the legislation on health workers. LITHUANIAN SUPERVISORY AUTHORITY: The State Data Protection Inspector has prepared the “Guidelines for the assessment of requests for the provision of personal data. GERMAN SUPERVISORY AUTHORITY: BfDI about the Judgement on the proceeding against 1&1 DANISH SUPERVISORY AUTHORITY: Recommendations after the Judgement Schrems II. CANADIAN SUPERVISORY AUTHORITY: Commissioner issues proposals on regulating artificial intelligence BRITISH SUPERVISORY AUTHORITY: UK political parties must improve data protection practices CROATIAN SUPERVISORY AUTHORITY: AZOP AND HGK HAVE SIGNED A COOPERATION AGREEMENT. Now the giants of the web are shaking, Twitter, the judgement is coming from EU DPA. POLISH SUPERVISORY AUTHORITY: EDPB adopts the first decision according to the article 65. ITALIAN SUPERVISORY AUTHORITY: The Lead Supervisory Authority and the cooperation provided by the One Stop Shop into the Regulation 2016/679 NEW ZEALAND SUPERVISORY AUTHORITY: CCTV, surveillance cameras and our office EUROPEAN COURT OF JUSTICE: Sentence by the European Court of Justice in the lawsuit Orange Romanian LATVIALAN SUPERVISORY AUTHORITY: Public awareness of the boundary between freedom of expression and privacy is still missing, the Data State Inspectorate explains the most common mistakes DANISH SUPERVISORY AUTHORITY: New decision, wrong processing base. It was a 17 years old boy, the hacker who has infiltrated into the informatic system of Twitter Flash News. A massive failure for our privacy, OkCupid and dating app. HONG-KONG SUPERVISORY AUTHORITY: Privacy Commissioner for Personal Data, Hong Kong, China and United Kingdom Information Commissioner Sign MOU NEW ZEALAND SUPERVISORY AUTHORITY: High Court decision in Taylor v Corrections POLISH SUPERVISORY AUTHORITY: Control in the company SINGAPOREAN SUPERVISORY AUTHORITY: New Commission’s Decisions on 3 August 2020 An hotel chain has been sanctioned: client personal data stored for more that was permitted. FRENCH SUPERVISORY AUTHORITY: SPARTOO, 250.000 euros of sanction and the injunction under penalty for fulfilling the GDPR. CANADIAN SUPERVISORY AUTHORITY: OPC releases results of investigation into complaint about outsourcing of bank’s fraud claim processing DANISH SUPERVISORY AUTHORITY: The Danish DPA has fixed a sanction for PrivatBo. EUROPEAN DATA PROTECTION SUPERVISOR, EDPS: Report from the IPEN workshops on encryption – what is encryption and who needs it for what? POLISH SUPERVISORY AUTHORITY: a reproach for students data processing. NEW ZEALAND SUPERVISORY AUTHORITY: International data transfers: The Schrems II decision International data transfers: The Schrems II decisionJoanna Hayward 6 August 2020 at 09:49 laptop with european union logo It can not be paid or not have a price list, respect for privacy rights. POLISH SUPERVISORY AUTHORITY: personal data protection in schools and educational institutes – a guideline. ESTONIAN SUPERVISORY AUTHORITY: The Data Protection Inspectorate has started a control on the loss of data into the advertising environment. DUTCH SUPERVISORY AUTHORITY: Update the research AP into the smart cities. Giant sanction of 80 million dollars for Capital One Bank for a data breach. NORWEGIAN SUPERVISORY AUTHORITY: announces the decision that IB marks must be correct. HONG-KONG SUPERVISORY AUTHORITY: Disclosure of personal data of Hong Kong SAR officials and others by the US Government DANISH SUPERVISORY AUTHORITY: The instructions on listing have been updated. By the list of countries considered “appropriate”: the pandemic period will slow down the expansion. POLISH SUPERVISORY AUTHORITY: identity check of Big Family Card owners. NORWEGIAN SUPERVISORY AUTHORITY: New guidelines on the Privacy Regulation and PSD2. FRENCH SUPERVISORY AUTHORITY, CNIL: Geolocation of employee’s vehicles. MALTESE SUPERVISORY AUTHORITY: Guidelines on Street Photography CHECZ SUPERVISORY AUTHORITY: The most common misunderstanding in biometric data processing. DUTCH SUPERVISORY AUTHORITY: FAQ on facial recognition. URUGUAYAN SUPERVISORY AUTHORITY: Personal data protection during teleworking. Poliedric technique also in privacy risks: Video Surveillance. FINNISH SUPERVISORY AUTHORITY: DPO assistance: information on the list of shareholders can not be shared by the telephone service. ITALIAN SUPERVISORY AUTHORITY: Garante Privacy on the contract tracing app profilication. DANISH SUPERVISORY AUTHORITY: Greenland legislation. DANISH SUPERVISORY AUTHORITY: Which are your rights? ITALIAN SUPERVISORY AUTHORITY: Italian Data Protection Authority (DPA) privacy about the Covid-bonus NORWEGIAN SUPERVISORY AUTHORITY: Korona School: whole new on the front of home school – Dag Mostuen Grytli. LITUANIAN SUPERVISORY AUTHORITY: Guidelines on the assessment of requests for personal data provision for the public consultation has been provided. DPO field experience: system admin during the GDPR’s ages. FRENCH SUPERVISORY AUTHORITY: “Listen to you”: the CNIL publishes its white paper on voice assistance. ICELAND SUPERVISORY AUTHORITY: Rules for Electronic Direct Marketing Below is an overview of the rules concerning electronic direct marketing. For more detailed guidance on direct marketing and consent, the DPC has produced an FAQ on Consent for Electronic Direct Marketing. FINNISH SUPERIVSORY AUTHORITY: The electric lock use into the housing association was not in compliance with the data protection regulation. POLISH SUPERVISORY AUTHORITY: employer: you want to really control your employee’s email? You should inform him. DANISH SUPERVISORY AUTHORITY: new decision, inventories supervision. POLISH SUPERVISORY AUTHORITY: Install cameras at work. Check what to remember FINNISH SUPERVISORY AUTHORITY: History of Tellu and Sohvu – data protection in the multi professional cooperation problem solving. CANADIAN SUPERIVSORY AUTHORITY: OPC publishes new Privacy Guide for Businesses HONG-KONG SUPERVISORY AUTHORITY: New Privacy Commissioner for Personal Data appointed BRITISH SUPERVISORY AUTHORITY: ICO statement on the Court of Appeal judgment in R (Bridges) -v- Chief Constable of South Wales Police & Ors BRITISH SUPERVISORY AUTHORITY: Statement in response to trial of NHS Test and Trace app BRITISH SUPERVISORY AUTHORITY: Accessing information about my exam results and teacher assessments DANISH SUPERVISORY AUTHORITY: notification to data subject. DANISH SUPERVISORY AUTHORITY: The Danish Data Protection Authority is investigated on informatic errors at the Ministry of Immigration and Integration NEW ZEALAND SUPERVISORY AUTHORITY: Privacy, Covid-19 and the ‘Serious Threat to Public Health’ exception DANISH SUPERVISORY AUTHORITY: New decision, a claim for a lack of comprehension. NORWEGIAN SUPERVISORY AUTHORITY: The privacy blog by Andreas Jensen Gjellesvik. FRENCH SUPERVISORY AUTHORITY: Automated registration of license plates (LAPI): CNIL warns of bad practices FRENCH SUPERVISORY AUTHORITY: Photo Badgers: Several employers’ warnings for excessive data collection BRITISH SUPERVISORY AUTHORITY: 2020 Annual Track survey results GERMAN SUPERVISORY AUTHORITY: DSK calls for constitutionally compliant register modernization POLISH SUPERVISORY AUTHORITY, UODO: 100.000 PLN sanction for GGK. Timely self-reporting does not exempt the controller from his responsibilities, data breach. They do not respect privacy: badge readers that take pictures of the employee. SPANISH SUPERVISORY AUTHORITY: Communication on the personal data recollection by public bodies. SWEDISH SUPERVISORY AUTHORITY: The Data Inspectorate approves the binding company regulations according to GDPR. ITALIAN SUPERVISORY AUTHORITY: Minors on holidays, the Italian DPA (Garante) to media: avoid harmful exposures. URUGUAYAN SUPERVISORY AUTHORITY: Web form, good practice into personal data protection. FINNISH SUPERVISORY AUTHORITY: Anu Talus named personal data protection officer. Accountability leaves us with wax in hand, but privacy is still an open construction site FRENCH SUPERVISORY AUTHORITY: Control CNIL, a charter in order to understand all. BRITISH SUPERVIORY AUTHORITY: Contact tracing – protecting customer and visitor details ROMANIAN SUPERVISORY AUTHORITY: Sanction for a GDPR breach. GERMAN SUPERIVSORY AUTHORITY: The EDPB defines the task force for claims against Google and Facebook’s Service use. DANISH SUPERVISORY AUTHORITY: processing of a dismissed employee’s information. BRITISH SUPERVISORY AUTHORITY: ICO’s Children’s Code will help protect children online A statutory code requiring organisations to provide better online privacy protections for children comes into force today, triggering the start of a 12 month transition period. SLOVAKIAN SUPERVISORY AUTHORITY: European Data Protection Board’s documents on the temperature measurement. AUSTRALIAN SUPERVISORY AUTHORITY: Statement on reported data breach involving NSW driver licences HONG-KONG SUPERVISORY AUTHORITY: Ms Ada CHUNG Takes Office Today as the Privacy Commissioner for Personal Data, Hong Kong POLISH SUPERVISORY AUTHORITY: on the sanction inflicted on GGK. Accreditation of certification bodies of compliance with the GDPR: The Garante Privacy establishes the additional requirements The guidelines offered by the European Data Protection Authority: Temperature Detection into European institutions Pay attention to privacy aspects! Cloud computing. DANISH SUPERVISORY AUTHORITY: six tips, recording of restaurant guest information. NORWEGIAN SUPERVISORY AUTHORITY: final decisión on the tax to the Bergen Municipalities. BRITISH SUPERVISORY AUTHORITY: ICO fines company £130,000 for unauthorised pensions cold calls. DANISH SUPERVISORY AUTHORITY: New decision, personal data security breach into the Danish Data Protection Agency. POLISH SUPERVISORY AUTHORITY: WULS-SGGW with a sanction for personal data protection breach. SLOVENIAN SUPERVISORY AUTHORITY: AKOS decides on the legality of sending messages SMS for the app promotion #StayHealth from the operators. A system which is self-powered, social, phishing and data breach. The publisher was sanctioned: are published into the list of the most rich but they claim their privacy. ICELANDIC SUPERVISORY AUTHORITY: Decisión on the use of Húsasmiðjan ehf. of fingerprint scanner during the login and logout of employees from the company payroll service’s system. NORWEGIAN SUPERVISORY AUTHORITY: New report on the solutions for the digital infectious disease monitoring. FINNISH SUPERVISORY AUTHORITY: Tenant contact information can be offered to anyone who is thinking about buying an apartment without the consent of the tenant. Data security implications and the development of robotics ESTONIAN SUPERVISORY AUTHORITY: Like a privacy threat. Internet felt the ignorance of who make something with data. NORWEGIAN SUPERVISORY AUTHORITY: The Norwegian DPA is investigating on the SMS notification based on the position. CZECH SUPERVISORY AUTHORITY: Respect for democracy, the rule of law and human rights during the pandemic COVID-19 period. SPANISH SUPERVISORY AUTHORITY: The AEPD publics its first report on social responsibility. ESTONIAN SUPERVISORY AUTHORITY: The legal assessment of the processing of economic information portal data is public. FRENCH SUPERVISORY AUTHORITY: The CNIL publishes its quarter opinion addressed to the Parliament on the condition for the implementation of the process of SI-DEP, Contact Covid and StopCovid. FRENCH SUPERVISORY AUTHORITY: The Business Ombudsman and the CNIL mix together their forces in order to solve the controversy into the contractual relationship. IRISH SUPERVISORY AUTHORITY: Processing Customer Data for COVID-19 Contact Tracing SPANISH SUPERVISORY AUTHORITY: The AEPD publishes recommendations in order to minimize the privacy risks during the Internet browsing. ITALIAN SUPERVISORY AUTHORITY: Digital innovation and personal data protection: Between technology, society and law. Trajectories for a seven-year period The hospital was fined: health data have been dumped in a public recycling center. IRISH SUPERVISORY AUTHORITY: Data Protection Commission Fine on Tusla Child and Family Agency Confirmed in Court CZECH SUPERVISORY AUTHORITY: UOOU President declaration on the planned change about the legislation on the information free access. NORWEGIAN SUPERVISORY AUTHORITY: Our brain needs its rights? ICELANDIC SUPERVISORY AUTHORITY: Confirmation for the comments from prison administration. DUTCH SUPERVISORY AUTHORITY: Free privacy blog Aleid Wolfsen POLISH SUPERVISORY AUTHORITY: The consultation on the guidelines for the social media users targeting is under way. FRENCH SUPERVISORY AUTHORITY: local authorities, the CNIL publishes a guide for the GDPR sensibilization. Like everyday life, it needs the privacy culture, digital education. BRITISH SUPERVISORY AUTHORITY: Data protection guidance for collecting customer information NORWEGIAN SUPERVISORY AUTHORITY: Visitors registration and infections monitoring. FRENCH SUPERVISORY AUTHORITY: Personal identity data graduates, the CNIL calls the Normandy rectory and the MEP Sonia KRIMI. Recently launched the guidelines on users profiling: clarify roles and responsibilities, social media. NORWEGIAN SUPERVISORY AUTHORITY: Employee images on internet or intranet. LUXEMBOURG SUPERVISORY AUTHORITY: Electronic and biometric passport. FINNISH SUPERVISORY AUTHORITY: The Data Protection opens doors to the Europe for the SME FINNISH SUPERVISORY AUTHORITY: Toward a new cooperation. LITHUANIAN SUPERVISORY AUTHORITY: People registration for the implementation of control and prevention measures against COVID-19. The computer system replaces the name of the adoptive parent with that of the biological parent. SPANISH SUPERVISORY AUTHORITY: The AEPD approves the first code of conduct in accordance with the GDPR. EUROPEAN DATA PROTECTION BOARD: Role of the EDPB ESTONIAN SUPERVISORY AUTHORITY: The High Court has ordered to a member of the flat’s associations to remove the security camera unauthorized installed HONG-KONG SUPERVISORY AUTHORITY: First Doxxing Case Sentenced for Contravention of PDPO Privacy Commissioner Urges the Public Not to Flout the Law SWEDEN SUPERVISORY AUTHORITY: The Data Inspector starts a series of data subject rights that should be revised. ¿Company owner, do you know the heritage made up by your information? Personal data into the USA: The European Data Protection Authority encourages to avoid transfers, Privacy Shield invalidation. POLISH SUPERVISORY AUTHORITY: The UODO President reacts to the publication of private addresses of politicians and judges on Twitter. CANADIAN SUPERVISORY AUTHORITY: Cadillac Fairview collected 5 million shoppers’ images AUSTRALIAN SUPERVISORY AUTHORITY: OAIC welcomes Privacy Act review BRITISH SUPERVISORY AUTHORITY: ICO fines Marriott International Inc £18.4million for failing to keep customers’ personal data secure SPANISH SUPERVISORY AUTHORITY: You know your rights. HONG-KONG SUPERVISORY AUTHORITY: Schools to Resume Classes in Phases PCPD Reminds Schools to Protect Personal Data Privacy of Teachers, Staff and Students FRENCH SUPERVISORY AUTHORITY: Coronavirus (covid19), CNIL reminder on the personal data recollection from employers. AUSTRALIAN SUPERVISORY AUTHORITY: Australians want more control over privacy, survey shows DANISH SUPERVISORY AUTHORITY: focus on more specific guidelines into the new strategy base of the Danish Data Protection Authority. BRITISH SUPERVISORY AUTHORITY: Statement from Information Commissioner Elizabeth Denham on the NHS COVID-19 app HONG-KONG SUPERVISORY AUTHORITY: Safeguard Your Personal Data Privacy When Participating in Large-scale Lucky Draw Activities BRITISH SUPERVISORY AUTHORITY: ICO fines company flouting the law in order to profiteer from the coronavirus pandemic SINGAPOREAN SUPERVISORY AUTHORITY: Building Data Management Capabilities in the Social Services Sector NORWEGIAN SUPERVISORY AUTHORITY: The Dark Numbers Survey 2020 BRITISH SUPERVISORY AUTHORITY: Open letter from UK Information Commissioner Elizabeth Denham to UK organisations CZECH SUPERVISORY AUTHORITY: UOOU imposes the highest sanction all over the history for spam. AUSTRALIAN SUPERVISORY AUTHORITY: Joint statement on International Access to Information Day 2020 CANADIAN SUPERVISORY AUTHORITY: Appearance before the Committee on Institutions of the National Assembly of Quebec regarding Bill 64, An Act to modernize legislative provisions as regards the protection of personal information Protection of the data subject and particular entered data. The insider threat phenomenon worries the companies, Shopify fires employees accused for data steal. ROMANIAN SUPERVISORY AUTHORITY: 2019 Annual report GERMAN SUPERVISORY AUTHORITY: BfDI on the Right to know journey 2020. LITUANIAN SUPERVISORY AUTHORITY: it has been inflicted a sanction according to the General Data Protection Regulation for an illicit process of personal data of an adopted child’s parents. LITHUANIAN SUPERVISORY AUTHORITY: Review of personal data protection supervision in Lithuania 2019. NORWEGIAN SUPERVISORY AUTHORITY: FHI will buy a new app for the infection controls. ESTONIAN SUPERVISORY AUTHORITY: The control has revealed the best municipality website. SLOVENIAN SUPERVISORY AUTHORITY: The universal temperature detection is not neither necessary nor logical. FRENCH SUPERVISORY AUTHORITY: The Superior Council of the Order of Chartered DANISH SUPERVISORY AUTHORITY: New decisions, lack of standard test. NEW ZEALAND SUPERVISORY AUTHORITY: Tribunal awards $20,000 against law firm NORWEGIAN SUPERVISORY AUTHORITY: New project manager for the regulatory sandbox. The privacy right coexists with the mass surveillance in Rwanda. FRENCH SUPERVISORY AUTHORITY: Cookies and other tracking, the CNIL guidelines on changes and recommendations. LITHUANIAN SUPERVISORY AUTHORITY: Brexit policy on personal data process has been updated. BRITISH SUPERVISORY AUTHORITY: ICO launches consultation on draft Statutory guidance SWEDEN SUPERVISORY AUTHORITY: The Data Inspectorate will be the personal Data Protection Authority, IMY. CANADIAN SUPERVISORY AUTHORITY: National Seniors Day: 5 tips to help seniors stay safe online DUTCH SUPERVISORY AUTHORITY: Privacy Recommendation in the digital home schooling. DUTCH SUPERVISORY AUTHORITY: AP, pay attention with videocamaras with facial recognition. ROMANIAN SUPERVISORY AUTHORITY: Statistical data related on the control activity of ANSPDCP Data after the pandemic period, how to approach with the security. An epochal but necessarily conscious turning point, 5G Websites at the time of GDPR, privacy compliance. BRITISH SUPERVISORY AUTHORITY: Greater Manchester claims management company fined £250,000 for making millions of nuisance calls ICELANDIC AND HAMBURG SUPERVISORY AUTHORITY: H&M has breached data protection. SWEDISH SUPERVISORY AUTHORITY: This is the war in which employers can manage personal data. HONG-KONG SUPERVISORY AUTHORITY: PCPD Invites Participation in the Inaugural Privacy-Friendly Awards to Showcase Achievements in Privacy Protection ICELANDIC SUPERVISORY AUTHORITY: Electronic control by the Chinese embassy. ICELANDIC SUPERVISORY AUTHORITY: Opinion – Privacy and freedom of expression of media. FRENCH SUPERVISORY AUTHORITY: “Digital world, which rights? The Defender of Rights, in cooperation with CNIL and Hadopi, published an 11 chapter for Educadroit. Drivers are suing Uber: Fired by an algorithm and without the possibility to fight back. Important issues about GDPR that have to be examined, the Commission communication ex Article 97. FRENCH SUPERVISORY AUTHORITY: The breach of the quarter: recovery of credit card’s numbers by SQL injection in e-commerce website. Child’s privacy legislation breach: Google removes three well known apps. FINNISH SUPERVISORY AUTHORITY: Still today, the ID number can not be used for the identification, anyway it is necessary to keep in mind the strengthening. LATVIAN SUPERVISORY AUTHORITY: The Council of Ministers approves the Regulation the qualification regulation for the data protection specialist. BRITISH SUPERVISORY AUTHORITY:Statement on the outcome of the ICO’s compulsory audit of the Department for Education CZECH SUPERVISORY AUTHORITY: I want an independent office which is a partner both for the public sector that for the private one. ITALIAN SUPERVISORY AUTHORITY: Data Retention, the Data Protection Authority on a decision of the European Court of Justice. FRENCH SUPERVISORY AUTHORITY: COVID-19 and reminder notebook, CNIL recommendations NEW ZEALAND SUPERVISORY AUTHORITY: Revisiting the Commissioner’s messages on protecting children GERMAN SUPERVISORY AUTHORITY: BfDI criticize the steps for the data retention. ISLE OF MAN SUPERVISORY AUTHORITY: CCTV on domestic property Updated guidelines on cookies and other technologies of tracking, privacy online, published by CNIL. CANADIAN SUPERVISORY AUTHORITY: Remarks by Privacy Commissioner of Canada regarding his 2019-2020 Annual Report to Parliament NEW ZEALAND SUPERVISORY AUTHORITY: Human Rights Review Tribunal expects timeliness and due process BRITISH SUPERVISORY AUTHORITY: ICO takes action against company for sending spam emails selling face masks during pandemic CANADIAN SUPERVISORY AUTHORITY: Commissioner’s annual report: Pandemic raises privacy concerns highlighting urgency of law reform ICELANDIC UPERVISORY AUTHORITY: Draft terms of the operating licences to the Financial Information Office for comment LUXEMBOURG SUPERVISORY AUTHORITY: APDL INTERVENTION ON THE IMPACT OF THE SCHREMS II SENTENCE. EUROPEAN DATA PROTECTION BOARD: Online Workshop: Data Protection within International Organisations 2020 SPANISH SUPERVISORY AUTHORITY: The AEPD publishes a guide in order to facilitate the practical application of the data protection as default. PRIVACY365 as a sponsor for the women’s volleyball championship A-series. With the data processors, safety needs to be considered at 360 degrees: Article 32 of the GDPR. IRISH SUPERVISORY AUTHORITY: DPC Reply to Representation Received From Senator Malcolm Byrne on 7 October 2020 NORWEGIAN SUPERVISORY AUTHORITY: Consultation response to the new law on gambling. DUTCH SUPERVISORY AUTHORITY: Private sector investigation “the agreement for the Data Processor does not exist”. LITHUANIAN SUPERVISORY AUTHORITY: ADA guidelines is a mobile app for the provision of information on personal data protection. FINNISH SUPERVISORY AUTHORITY: The Office of the DPA investigates the lawfulness of the Vastamo Psychotherapy Center. NORWEGIAN SUPERVISORY AUTHORITY: breach tax to Østfold HF hospital. SLOVAKIAN SUPERVISORY AUTHORITY: municipalities and city’s cameras and its possible use in order to control the density and the number of people before the sampling point during the area test. CANADIAN SUPERVISORY AUTHORITY: Facial recognition and artificial intelligence: International privacy guardians call for more protection and accountability BRITISH SUPERVISORY AUTHORITY: ICO takes enforcement action against Experian after data broking investigation AUSTRALIAN SUPERVISORY AUTHORITY: Children’s right to privacy essential in the digital age The Italian Data Protection Authority: data breach and food delivery, it has been adopted the inspection program for the second term on e-invoicing. More precautions in the use of the algorithm for individual patients put at risk, Italian Data Protection Authority The Italian DPA has sanctioned a polyclinic: Medical records available online open to other patients. NORWEGIAN SUPERVISORY AUTHORITY: Indicate the obligations towards Vigilo. GUERNSEY SUPERVISORY AUTHORITY: ‘Travel Tracker’ available from Monday before phase 5c commences on Wednesday 28th October The bank has been sanctioned for a loss of data breach notification, the client asks for a copy of the policy, but they can not find the contract. CYPRIOT SUPERVISORY AUTHORITY: Cyprus ratifies the Amending Protocol of the convention n. 108 of the European Data Protection Board. FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board has adopted a default and integrated guidelines on personal data protection and has established a a framework for the coordination of the annual activities of the supervisory authorities. ITALIAN SUPERVISORY AUTHORITY: deep fake: the Italian Data Protection Authority opens an investigation against Telegram for the software that “strips” women. DANISH SUPERVISORY AUTHORITY: Complete supervision of the personal data use ad test data and sub-processors. POLISH SUPERVISORY AUTHORITY: Guidelines on the data protection by design and by default FINNISH SUPERVISORY AUTHORITY: The assistance of the Data Protection Commissioner has ordered to the Psychotherapy Center of Vastamo to personal inform its clients on personal data breaches. FRENCH SUPERVISORY AUTHORITY: COVID-19 and sporting practices: which legal framework for the data recollection? FRENCH SUPERVISORY AUTHORITY: “TousAntiCovid”, the CNIL examines the “StopCovid” app evolution. GERMAN SUPERVISORY AUTHORITY: BfDI criticises Quellen-TKU for intelligence services. SWEDISH SUPERVISORY AUTHORITY: The new Directive will reinforce the child and youth rights. FRENCH SUPERVISORY AUTHORITY: The CNIL starts a public consultation on a benchmark draft in the social sector. NORWEGIAN SUPERVISORY AUTHORITY: Infringement fee to Odin Flissenter AS SWEDISH SUPERVISORY AUTHORITY: The Data Inspectorate stops the ABB control. FINNISH SUPERVISORY AUTHORITY: The European Data Protection Board has adopted a guideline project on the concept of significant and substantiated objection GERMAN SUPERVISORY AUTHORITY: BfDI starts with its own social media channel. EUROPEAN SUPERVISORY AUTHORITY: Thirty-ninth plenary session: EDPB adopts guidelines on the concept of relevant and reasoned objection ITALIAN SUPERVISORY AUTHORITY: receipts lottery, awards also for the exhibitors: the Italian DPA ok. IRISH SUPERVISORY AUTHORITY: Data Protection Commission statement on funding in 2021 Budget Since the 1 of December it has been possible to oppose calls on Telemarketing mobiles, but only theoretically. DUTCH SUPERVISORY AUTHORITY: The Commissioner starts the investigations on the IT attacks against the Canadian Internal Revenue Agency and other federal organizations Health data of millions of patients were found online without any protection, blood test on Excel. NORWEGIAN SUPERVISORY AUTHORITY: The European Courts prohibit the teledata massive recollection. EUROPEAN DATA PROTECTION BOARD: Norwegian Data Protection Authority: Decision to Fine Bergen Municipality FRENCH SUPERVISORY AUTHORITY: The State Council asks to the Health Data Hub for additional guarantee in order to limit the transfer risk in USA DANISH SUPERVISORY AUTHORITY: Can citizens be encouraged to use a no cryptographed connection? SPANISH SUPERVISORY AUTHORTY: The AEPD publishes a new instrument in order to help deciding if communicate a security breach to affect people. ESTONIAN SUPERVISORY AUTHORITY: For the organizations, enable the electronic services authentication with Estonian safe solutions. ITALIAN SUPERVISORY AUTHORITY: Personal data protection memorial of the President on the conversion of the legislative decree to the Decree-law N. 125 of the 7 October 2020, about the emergency measures on the extension of the COVID-19 epidemiological emergency declaration and on the business continuity of the COVID-19 system alert, as well as the implementation of the European Directive n. 2020/739 of the 3 of June 2020. From the general perspective of Spanish Personal Data Protection Authority, the privacy by default POLISH SUPERVISORY AUTHORITY: Your data – you company, it is started the eleventh edition of the program. SWEDEN SUPERVISORY AUTHORITY: criticism about the collection agency with which is difficult to get in touch. LATVIAN SUPERVISORY AUTHORITY: European Data Protection Board – 39a plenary section: the AESD adopts guidelines on the concept of justified and reasonable objection. AUSTRIAN SUPERVISORY AUTHORITY: Q&A on personal data protection and COVID-19 SLOVAKIAN SUPERVISORY AUTHORITY: Statement by the Office on the planned global population audit in Covid 19 BRITISH SUPERVISORY AUTHORITY: Blog: Simplifying subject access requests – new detailed SARs guidance AUSTRALIAN SUPERVISORY AUTHORITY: Protecting and promoting privacy and information access rights in sharp focus in 2019-20 ROMANIAN SUPERVISORY AUTHORITY: Sanction for GDPR breach. URUGUAYAN SUPERVISORY AUTHORITY: The closed session of the Global Privacy Assembly (GPA) was held. MEXICAN SUPERVISORY AUTHORITY: INAI INTENSIFIES ITS WORK TO STRENGTHEN THE RIGHTS OF ACCESS TO INFORMATION AND PROTECTION OF PERSONAL DATA DURING THE PANDEMIC ROMANIAN SUPERVISORY AUTHORITY: Another sanction for breaching the GDPR. EUROPEAN DATA PROTECTION SUPERVISOR: European Cybersecurity Month 2020: Time for clarity on 5G, security and privacy in the “new normal” HONG-KONG SUPERVISORY AUTHORITY: Doxxing Case Defendant Sentenced for Breaching Injunction Order Privacy Commissioner Urges the Public Not to Flout the Law LUXEMBOURG SUPERVISORY AUTHORITY: DATA PROCESSING LAWFULNESS ITALIAN SUPERVISORY AUTHORITY: Cashback, green light of the Italian DPA to the draft regulation. GERMAN SUPERVISORY AUTHORITY: BfDI in the executive committee of the elected Global Privacy Assembly SLOVENIAN SUPERVISORY AUTHORITY: Opening lecture “2020 Initiative”. NEW ZEALAND SUPERVISORY AUTHORITY: Reshaping how we regulate privacy NEW ZEALAND SUPERVISORY AUTHORITY: Privacy 2.0: New Refusal Grounds under the Privacy Act 2020 POLISH SUPERVISORY AUTHORITY: your data, your company or why it is so important sharing awareness with students. SWEDISH SUPERVISORY AUTHORITY: It is important for people how personal data are managed DANISH SUPERVISORY AUTHORITY: New resolutions of the Global Privacy Assembly. BRITISH SUPERVISORY AUTHORITY: ICO fines British Airways £20m for data breach affecting more than 400,000 customers SWISS SUPERVISORY AUTHORITY: guest list, the managers need to guarantee the data protection. SINGAPOREAN SUPERVISORY AUTHORITY: new decision of the Commission the 16 October 2020 IRISH SUPERVISORY AUTHORITY: Two statutory surveys by the Data Protection Commission on the processing of children’s data on Instagram by Facebook (opened in September 2020) POLISH SUPERVISORY AUTHORITY: guidelines consultation on the notion relevant to the case and the reasoned objection. DALL’AUTORITA’ PER LA PROTEZIONE DEI DATI HONG KONG: Il Commissario per la privacy sostiene la protezione dei dati personali in mezzo a COVID-19 alla Conferenza internazionale sulla privacy