news
📢 EDPB Adopts Guidelines on Art. 65(1)(a) of GDPR 📚
Great news for privacy enthusiasts. The European Data Protection Board (EDPB) has recently adopted the final version of the Guidelines on the application of Art. 65(1)(a) of the GDPR. These guidelines are designed to provide clarity on the various stages of the Art. 65 procedure and shed light on the EDPB’s authority when issuing legally binding decisions based on Art. 65(1)(a) of the GDPR.
📌 Exciting News: UK and US Commit to Data Bridge, but Details Remain Scarce 🔔
🛡 The UK and US have committed in principle to establish a data bridge, extending the Data Privacy Framework. Although details are limited, this move is seen as an attempt to substantiate the Prime Minister’s visit to the US. The data bridge has the potential to encompass sectors like pharmaceuticals and financial services, which are currently not covered by the Privacy Shield but pose data sensitivity challenges. The extension of the data transfer regime through certification and accountability mechanisms is a positive step, pending further details.
🔔 EDPB adopts final version of Guidelines on facial recognition technology in the area of law enforcement 📣
The European Data Protection Board (#EDPB) has just released the final version of the Guidelines on facial recognition technology in the area of law enforcement. The guidelines provide guidance to EU and national lawmakers, as well as to law enforcement authorities, on implementing and using facial recognition technology systems.
🚨 CASE LAW UPDATE ⚖️ Case T‑557/20 European General Court (EGC) can be a true landmark decision on the question what qualifies as personal data and on the concept of pseudonymisation.
Since the decision Breyer (C-582/14) in 2016 it was common practice to consider indirect identifiable data always as personal data, because there is someone who may hold the key for the identification. In Case T-557/20, Single Resolution Board (SRB) v European Data Protection Supervisor (EDPS) - Case T‑557/20 the EGC now came to the conclusion that transferring pseudonymised data may lead to anonymisation. Key question is, if the reidentification is reasonably possible for the recipient.
💬 EDPB Launches Data Protection Guide for small business ❗
The European Data Protection Board (EDPB) has recently launched a Data Protection Guide, designed to assist small and medium-sized enterprises (SMEs) in achieving compliance with the General Data Protection Regulation (GDPR). This helpful manual offers a variety of practical tools and real-world examples, covering crucial GDPR compliance topics like the fundamentals of data protection, data subject rights, data breaches, and more. The EDPB has incorporated various materials such as videos, infographics, and interactive flowcharts, aiming to provide SMEs with user-friendly and easily accessible information.