In the news this week:
The Swedish DPA imposes €7m administrative fine on Google.
A further draft of the ePrivacy Regulation has been published.
Australia sues Facebook for $529 billion.
ICO issues two legal warnings to schools for wrongly disclosing the personal data of children.
Scotland creates a Commissioner to oversee the use of biometrics by Police.
IAPP cancels UK and Global privacy events.
Norwegian DPA proposes to fine Coop Finnmark €37,000 for unlawfully spreading video footage of four children.
Norwegian DPA proposes to fine Municipality of Rælingen €74,000 for failing to risk assess an application processing the data of children with physical and mental disabilities.
Non-material damage (Art 82)
- UK Supreme Court grants Google permission to appeal in Lloyd v Google LLC.
- Austrian Post decision on non-material damage overturned and no appeal can be made.
- An overview of cases across the EU where this has been considered.
Second Modified CCPA Draft Regulations Released.
Advocate General delivers opinion on GDPR consent.
An insight into DPA guidance for COVID-19.
Swedish DPA probes authorities for use of controversial Clearview AI technology.
Icelandic DPA fines two organisations for data breaches:
- €20,000 to The National Center of Addiction Medicine.
- €9,000 to the Breiðholt Upper Secondary School.
Danish DPA issues fines for insufficient technical security (unencrypted computers).
- €7,000 to Hørsholm Municipality.
- €14,000 to Gladsaxe Municipality.
Spanish DPA fine: €15,000 to Gesthotel Activos Balagares.
CNIL to focus on health data security, new uses of geolocation data, and cookie and other tracking technologies in 2020.
ICO published guidance around its expectations for organisations during Covid-19.
Previous privacy updates can be found here.