European Data Protection Board

CEF 2024: Launch of coordinated enforcement on the right of access

Retrieved on: 
Saturday, March 9, 2024

Brussels, 28 February - The European Data Protection Board has kicked off its Coordinated Enforcement Framework (CEF) action for 2024.

Key Points: 
  • Brussels, 28 February - The European Data Protection Board has kicked off its Coordinated Enforcement Framework (CEF) action for 2024.
  • In addition, it often enables the exercise of the other data protection rights, such as the right to rectification and erasure.
  • In 2023, the EDPB adopted Guidelines on data subject rights - Right of access to help organisations respond to data access requests from individuals in line with the requirements set out in the GDPR.
  • This series of actions is the third initiative under the Coordinated Enforcement Framework (CEF), which aims to streamline enforcement and cooperation among DPAs.

CSC re-elects Deputy Coordinator

Retrieved on: 
Tuesday, January 2, 2024

The Coordinated Supervision Committee (CSC) has re-elected Sebastian Hümmeler from the German Federal data protection authority as its Deputy Coordinator for a term of two years.

Key Points: 
  • The Coordinated Supervision Committee (CSC) has re-elected Sebastian Hümmeler from the German Federal data protection authority as its Deputy Coordinator for a term of two years.
  • The CSC ensures the coordinated supervision of the large EU Information Systems and of EU bodies, offices and agencies in accordance with Article 62 of Regulation 2018/1725 or with the EU legal act establishing the large scale IT system or EU body, office or agency.
  • The CSC currently covers the Internal Market Information system (IMI), Eurojust, the European Public Prosecutor’s Office (EPPO) and Europol and the Schengen Information System (SIS).
  • You can find more information on the Committee here: https://edpb.europa.eu/csc/about-csc/who-we-are-coordinated-supervision-...

EDPB publishes urgent binding decision regarding Meta

Retrieved on: 
Tuesday, January 2, 2024

The EDPB urgent binding decision followed a request from the Norwegian Data Protection Authority (NO DPA) to order final measures in this matter which would have effect in the entire European Economic Area (EEA).

Key Points: 
  • The EDPB urgent binding decision followed a request from the Norwegian Data Protection Authority (NO DPA) to order final measures in this matter which would have effect in the entire European Economic Area (EEA).
  • Already in December 2022, the EDPB Binding Decisions clarified that contract is not a suitable legal basis for the processing of personal data carried out by Meta for behavioural advertising.
  • In addition, Meta has been found by the IE DPA to not have demonstrated compliance with the orders imposed at the end of last year.
  • Already in December 2022, the EDPB Binding Decisions clarified that contract is not a suitable legal basis for the processing of personal data carried out by Meta for behavioural advertising.
  • This ban was limited in time and geographic scope: it was valid for three months and only applicable in Norway.

Background


Timeline

Trust Stamp Partners with Partisia and launches Global Secure Data

Retrieved on: 
Monday, December 18, 2023

Copenhagen, Denmark, Dec. 18, 2023 (GLOBE NEWSWIRE) -- Trust Stamp (Nasdaq: IDAI), the Privacy-First Identity CompanyTM, providing AI-powered trust and identity services, has entered a partnership with Partisia, a global pioneer and leader in commercial-grade infrastructure for privacy-preserving Secure Multiparty Computation (MPC) software solutions.

Key Points: 
  • Copenhagen, Denmark, Dec. 18, 2023 (GLOBE NEWSWIRE) -- Trust Stamp (Nasdaq: IDAI), the Privacy-First Identity CompanyTM, providing AI-powered trust and identity services, has entered a partnership with Partisia, a global pioneer and leader in commercial-grade infrastructure for privacy-preserving Secure Multiparty Computation (MPC) software solutions.
  • Nations are progressively insisting that the data of their citizens be stored and processed within their jurisdiction or in countries they recognize as providing equivalent data protection.
  • By leveraging cutting-edge technologies such as Trust Stamp’s Privacy First Identity Token (IT2) and Partisia's unparalleled Secure Multiparty Computation technologies, GlobalSecure creates a global infrastructure where data can flow securely while adhering to local regulations and data protection guidelines and eliminates the need to transfer data to third parties — against whom consumers have limited to no data access rights.
  • These advancements are pivotal for businesses expanding into emerging markets with inadequate data protection regulations, limited cloud infrastructure, and strict data localization laws.

ESA’s Joint Board of Appeal suspends the decision by the European Securities and Markets Authority to withdraw the recognition decision of Dubai Commodities Clearing Corporation as a Tier 1 third-country central counterparties 

Retrieved on: 
Thursday, November 9, 2023

25 October 2023

Key Points: 
  • 25 October 2023
    The Joint Board of Appeal (“the Board”) of the European Supervisory Authorities (“ESAs”) decided that the application for suspension brought by Dubai Commodities Clearing Corporation (“DCCC”) against the European Securities and Markets Authority (“ESMA”) is admissible and suspends the ESMA Decision.
  • DCCC challenged ESMA’s Decision, asking the Board to extend the adaptation period and to suspend the withdrawal Decision until the outcome of the appeal is concluded.
  • The Board finds that the appeal case is admissible and suspends the ESMA Decision.
  • Franca Rosa Congiu
    [email protected] | +33 1 86 52 7052 | Follow @EBA_News

ESA’s Joint Board of Appeal suspends the decision by the European Securities and Markets Authority to withdraw the recognition decision of Dubai Commodities Clearing Corporation as a Tier 1 third-country central counterparty

Retrieved on: 
Thursday, November 9, 2023

ESA’s Joint Board of Appeal suspends the decision by the European Securities and Markets Authority to withdraw the recognition decision of Dubai Commodities Clearing Corporation as a Tier 1 third-country central counterparty

Key Points: 
  • ESA’s Joint Board of Appeal suspends the decision by the European Securities and Markets Authority to withdraw the recognition decision of Dubai Commodities Clearing Corporation as a Tier 1 third-country central counterparty
    The Joint Board of Appeal (“the Board”) of the European Supervisory Authorities (“ESAs”) decided that the application for suspension brought by Dubai Commodities Clearing Corporation (“DCCC”) against the European Securities and Markets Authority (“ESMA”) is admissible and suspends the ESMA Decision.
  • The application was brought in relation to ESMA’s Decision, adopted under Article 25p Regulation (EU) No 648/2012 (EMIR), to withdraw the recognition of DCCC as a Tier 1 third-country central counterparties (CCP) as a consequence of the United Arab Emirates (UAE) being included in the list of high-risk third countries provided for in the Commission Delegated Regulation (EU) 2016/1675.
  • DCCC challenged ESMA’s Decision, asking the Board to extend the adaptation period and to suspend the withdrawal Decision until the outcome of the appeal is concluded.
  • The Board finds that the appeal case is admissible and suspends the ESMA Decision.

Internet of Things: tech firms have become our digital landlords – but people are starting to fight back

Retrieved on: 
Wednesday, November 8, 2023

Many people worry about the privacy risks of using these devices because they may allow hackers to listen to our conversations at home.

Key Points: 
  • Many people worry about the privacy risks of using these devices because they may allow hackers to listen to our conversations at home.
  • But the contracts for using them are so long we don’t understand which other rights we might be signing away.
  • Of the 246 contracts, I focused on those that are most likely to be relevant to smart speaker Echo’s users.
  • I found they are on average as long as Harry Potter and the Prisoner of Azkaban (317 pages).

Does this matter?

  • T&Cs are not just about our privacy – and our privacy is not just about our data.
  • By surrounding ourselves with devices with sensors (also known as the “Internet of Things)”, we’ve effectively invited digital landlords into our homes.
  • Another example is how tractor manufacturer John Deere relied on its end-user licence agreement (Eula) to stop farmers repairing their smart tractors.
  • Cochrane’s girlfriend’s son had been “playing” with his computer without his permission while he was away from the house.

Regulation won’t work

  • They are both in progress, so we don’t know yet when they will be adopted.
  • Big tech and other large stakeholders have a huge influence because they have money and influence to fight laws they don’t like.
  • This was the case with the General Data Protection Regulation (GDPR) which came into effect at the end of a nine-year process.

What does work

  • Let’s circle back to John Deere and the way the company tried to deprive tractor owners of their right to fix their machines.
  • There is much to learn from those farmers who joined together with hackers to resist “smart power abuses”.
  • But only after attendees at a hacker’s convention figured out how to “jailbreak” the code that was locking farmers and engineers out.


Guido Noto La Diega receives funding from the Arts and Humanities Research Council and the German Research Foundation - project ref no AH/W010518/1 "From Smart Technologies to Smart Consumer Laws: Comparative Perspectives from Germany and the United Kingdom". They serve on the Advisory Council of the Open Rights Group Scotland.

Digital euro: ensuring the highest data protection and privacy standards

Retrieved on: 
Tuesday, October 24, 2023

Brussels, 18 October  - The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a Joint Opinion on the proposed Regulation on the digital euro as a central bank digital currency.

Key Points: 
  • Brussels, 18 October  - The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a Joint Opinion on the proposed Regulation on the digital euro as a central bank digital currency.
  • The EDPB and the EDPS acknowledge that the proposed Regulation addresses many data protection aspects of the digital euro, notably by addressing an offline modality to minimise the processing of personal data.
  • At the same time, the EDPB and the EDPS make several recommendations to better ensure the highest standards of personal data protection and privacy for the future digital euro.
  • In our Joint Opinion, we suggest further improvements to ensure that the rights to privacy and to the protection of personal data are effectively preserved.
  • In the absence of such demonstration, the EDPB and the EDPS recommend considering less intrusive measures from a data protection perspective.

OneTrust is Selected as an Official Europrivacy™ Technology Partner

Retrieved on: 
Tuesday, October 17, 2023

PARIS, Oct. 17, 2023 /PRNewswire/ -- TrustWeek 2023 - OneTrust, the market-defining leader for trust intelligence, announces that it has been selected as an official Europrivacy™ Technology partner to help organizations in the European Union (EU) demonstrate compliance with the General Data Protection Regulation (GDPR) and streamline certification with the Europrivacy scheme.

Key Points: 
  • "OneTrust was built on the philosophy that privacy and data protection are critical to building trust and driving business value," said Linda Thielova, Data Protection Officer (DPO) at OneTrust.
  • "Achieving the Europrivacy certification and demonstrating GDPR compliance helps build trust with people, customers, partners, stakeholders, and regulators.
  • As a Europrivacy partner, OneTrust will help organizations streamline certification and drive market differentiation by aligning with one of the industry's most advanced and rigorous certification schemes for data protection."
  • "We are delighted to welcome OneTrust as an official Europrivacy partner.

Swift adoption of Regulation to streamline cross-border enforcement needed

Retrieved on: 
Wednesday, September 27, 2023

With this Joint Opinion, we aim to ensure that the new Regulation works for all parties involved.

Key Points: 
  • With this Joint Opinion, we aim to ensure that the new Regulation works for all parties involved.
  • In addition, the Commission’s proposal to boost consensus-finding early on in the cooperation procedure, is key to a more efficient and enhanced enforcement cooperation.
  • Moreover, time limits, extendable in duly justified circumstances, should be defined for certain procedural steps to allow swift and efficient enforcement.
  • The draft template aims to specify what gatekeepers should include in the independently audited descriptions of their profiling techniques.
  • These descriptions will be transmitted by the Commission to the EDPB and will inform enforcement actions by DPAs.