Privacy Update for the week ending 1st March 2020

In the news this week:

Microsoft launches open-source privacy mapping tool – Data Protection/Privacy Mapping Project.

Commentary piece on Subject Access Requests and the Search for Proportionality.

The Danish Data Protection Authority has ordered two organisations to communicate a personal data breach to the data subjects concerned. Namely.com & Intervare.

EDPB contribution to the evaluation of GDPR.  Key areas:

  • The EDPB will participate in the evaluation of current adequacy decisions and the adoption of future ones.
  • The EDPB is of the view that there is a pressing need for the European Commission to bring the existing set of SCCs in line with the GDPR and to draft additional SCCs that cover new transfer scenarios.

This crazy, inaccurate story related to coronavirus appeared in the UK tabloid press this weekend.  Demonstrates the fundamental misunderstandings of data protection legislation that a large section of our society has.

The Financial Conduct Authority (FCA) has revealed that it recently inadvertently published confidential information relating to complainants on its website referring the breach to the ICO.

Clearview AI: Face-collecting company database hacked.

European Data Protection Supervisor (EDPS) has issued its official ‘Opinion on the opening of negotiations for a new partnership with the UK’

The UK government has released its negotiating objectives for the next phase of Brexit, seeking an adequacy finding and continued co-operation between the ICO and EDPB (page 29). Paragraph 59 seems to direct no alignment to GDPR.

Hong Kong looks to strengthen its Personal Data (Privacy) Ordinance (PDPO) linking fines to turnover, mandating data breach reporting, mandating data retention policy, directly regulating processors and expanding the definition of personal data.


Previous Privacy Updates can be found here.


Leave a Comment

Your email address will not be published.