News

English Summary }}}} A court awarded €3,000 to a data subject after finding a news portal violated her privacy under [[Article 5 GDPR]] by publishing her personal data unnecessarily and disproportionately, despite claims of public interest.A court awarded €3,000 in damages to a data subject after finding that a news portal violated her right to privacy by publishing her personal data unnecessarily and disproportionately in two articles, despite the controller’s claims of public interest. == Engl

}}}} A court annulled a DPA decision imposing a €150,000 fine on a news programme diffusing personal data of a minister for information purposes. The court concluded that public interest was overriding the right to privacy.A court annulled a DPA’s decision imposing a €150,000 fine on a public broadcaster after airing a private former Minister’s private conversation. The court concluded that public interest in airing the conversation overrode the former Minister’s right to privacy. == English Sum

Government invasion of a reporter’s home, and seizure of journalistic materials, is exactly the kind of abuse of power the First Amendment is designed to prevent. It represents the most extreme form of press intimidation. Yet, that’s what happened on Wednesday morning to Washington Post reporter Hannah Natanson, when the FBI searched her Virginia home and took her phone, two laptops, and a Garmin watch. The Electronic Frontier Foundation has joined 30 other press freedom and civil liberties orga

Fixed Link He latter further claimed during the lawsuit against AZOP's decision that the authority had incorrectly and incompletely established the facts, misapplied substantive law, and breached procedural rules. He emphasized that the published personal data was unrelated to transparency in public administration, that he was neither a public figure nor a political actor, and that any public interest ended once he left office on 31 March 2023. He invoked his right to erasure under [[Articl

Fixed Link: Hij beweerde later, tijdens de rechtszaak tegen de beslissing van AZOP, dat de autoriteit de feiten onjuist en onvolledig had vastgesteld, het materiële recht verkeerd had toegepast en de procedurele regels had geschonden. Hij benadrukte dat de gepubliceerde persoonlijke gegevens geen verband hadden met transparantie in de overheidsadministratie, dat hij noch een publiek figuur noch een politieke acteur was, en dat elk algemeen belang ophield zodra hij op 31 maart 2023 zijn functie had verlaten. Hij beroepte zich op zijn recht op verwijdering, zoals vastgelegd in [[Artikel...]].

Fixed Link: He later claimed, during the legal proceedings against the AZOP decision, that the authority had incorrectly and incompletely established the facts, had misapplied the relevant law, and had violated procedural rules. He emphasized that the published personal data were not related to transparency in government administration, that he was neither a public figure nor a political actor, and that any public interest ceased once he left his position on March 31, 2023. He invoked his right to erasure, as stipulated in [[Article...]].

links to the Articles === Facts ====== Facts === A software consulting company (the processor) provided an administration (the controller) with software for processing files relating to persons with disabilities. This software enabled users (data subjects) to upload their files and track their progress via an online portal. Nextpublica, a software consulting company (the processor) provided the Maison Départementale pour les Personnes Handicapées MDPH, a public interest group (the controller), w

Facts: A court ruled that a television channel was justified in publishing a video containing personal data of a board member of a publicly traded company, because this information served the public interest and was therefore in compliance with Article 6 of the GDPR, and considered the right to erasure. A court ruled that a television channel was justified in publishing a video containing personal data of a board member of a publicly traded company, because this information served the public interest and was therefore in compliance with Article 6 of the GDPR, and...

Facts }}}} A court held that a television broadcaster lawfully published a video containing personal data about a public company board member as the information served the public interest thus complying with [[Article 6 GDPR|Article 6 GDPR]] and outweighting the right to erasure.A court held that a television broadcaster lawfully published a video containing personal data about a public company board member as the information served the public interest thus complying with [[Article 6 GDPR]] and

Facts }}}} A court held that a television broadcaster lawfully published a video containing personal data about a public company board member as the information served the public interest thus complying with [[Article 6 GDPR]] and outweighting the right to erasure.A court held that a television broadcaster lawfully published a video concerning the resignation of a public company’s board member as well as their personal data. According to the court, the information served the public interest and

Feiten: Een rechtbank heeft geoordeeld dat een verzekeringsmaatschappij op rechtmatige wijze gezondheidsgegevens van een aanvrager voor een vrijwillige persoonlijke verzekering mag verwerken tijdens de aanvraagfase, onder de nationale uitzondering voor verzekeringen. Dit vernietigde een eerder uitgevaardigd verbodsbevel van de Autoriteit Persoonsgegevens. Een rechtbank heeft ook geoordeeld dat een verzekeringsmaatschappij op rechtmatige wijze gezondheidsgegevens mag verwerken met betrekking tot een aanvraag voor een vrijwillige persoonlijke verzekering, in overeenstemming met artikel 9(2)(g) AVG en de nationale verzekeringswetgeving. De rechtbank heeft vastgesteld dat dergelijke verwerking noodzakelijk is voor...

Feiten: Een rechtbank heeft geoordeeld dat een televisiezender een video rechtmatig heeft gepubliceerd die persoonlijke gegevens van een bestuurslid van een beursgenoteerd bedrijf bevatte, omdat de informatie het algemeen belang diende en dus in overeenstemming was met artikel 6 van de AVG, waarbij het recht op verwijdering werd overschreden. Een rechtbank heeft ook geoordeeld dat een televisiezender een video rechtmatig heeft gepubliceerd over het vertrek van een bestuurslid van een beursgenoteerd bedrijf, evenals hun persoonlijke gegevens. Volgens de rechtbank diende de informatie het algemeen belang.

Feiten: Een rechtbank heeft geoordeeld dat een televisiezender op rechtmatige wijze een video heeft gepubliceerd die persoonlijke gegevens van een bestuurslid van een beursgenoteerd bedrijf bevatte, omdat deze informatie het algemeen belang diende en dus in overeenstemming was met artikel 6 van de AVG, en het recht op verwijdering overwoog. Een rechtbank heeft geoordeeld dat een televisiezender op rechtmatige wijze een video heeft gepubliceerd die persoonlijke gegevens van een bestuurslid van een beursgenoteerd bedrijf bevatte, omdat deze informatie het algemeen belang diende en dus in overeenstemming was met artikel 6 van de AVG, en...

Facts: A court has ruled that an insurance company is legally permitted to process health data from an applicant for a voluntary personal insurance policy during the application phase, under the national exception for insurance. This overturned a previous injunction issued by the Data Protection Authority. A court has also ruled that an insurance company is legally permitted to process health data related to an application for a voluntary personal insurance policy, in accordance with Article 9(2)(g) of the GDPR and national insurance legislation. The court found that such processing is necessary for...

Facts: A court ruled that a television channel was legally justified in publishing a video containing personal data of a board member of a publicly traded company, because the information served the public interest and therefore complied with Article 6 of the GDPR, even though it overrode the right to erasure. Another court also ruled that a television channel was legally justified in publishing a video about the departure of a board member of a publicly traded company, along with their personal data. According to the court, the information served the public interest.

Facts }}}} A court held that an insurance company may lawfully process health data of an applicant for voluntary personal insurance at the application stage under the national insurance derogation, overturning a prohibition order issued by the DPA.A court held that an insurance company may lawfully process health data concerning an application for voluntary personal insurance in accordance with Article 9(2)(g) GDPR and national insurance law. The court found that such processing is necessary for

It's no secret that digital surveillance and other tech-enabled oppressions are acute dangers for liberation movement workers. The rising tides of tech-fueled authoritarianism and hyper-surveillance are universal themes across the various threat models we consider. EFF's Surveillance Self-Defense project is a vital antidote to these threats, but it's not all we do to help others address these concerns. Our team often receives questions, requests for security trainings, presentatio

Het is geen geheim dat digitale surveillance en andere vormen van onderdrukking met behulp van technologie ernstige gevaren vormen voor mensen die actief zijn in bevrijdingsbewegingen. De toenemende trends van technologisch gedreven autoritarisme en hyper-surveillance zijn terugkerende thema's in de verschillende risicobeoordelingen die we uitvoeren. Het project "Surveillance Self-Defense" van de EFF is een belangrijk tegengif voor deze bedreigingen, maar het is niet alles wat we doen om anderen te helpen bij het aanpakken van deze problemen. Ons team ontvangt regelmatig vragen en verzoeken voor beveiligingstrainingen en presentaties.

De GDPR-risicoanalyse is bedoeld om controllers en verwerkers te helpen bij het identificeren van de risicofactoren voor de rechten en vrijheden van de betrokkenen, wiens gegevens worden verwerkt. Het doel is om een eerste inschatting te maken van het inherente risico, inclusief de noodzaak om een Privacy Impact Assessment (DIA) uit te voeren, en om het resterende risico te schatten als maatregelen en beveiligingsmechanismen worden gebruikt om specifieke risicofactoren te verminderen.

The processing of personal data that may indirectly reveal sensitive information about an individual, such as information about their sexual orientation, may qualify as processing of "special categories of personal data" within the meaning of the AVG. The processing of such sensitive data is prohibited in principle. This is the EU Court's answer to questions from a Lithuanian judge.

The new data governance regulation sets out the conditions for the reuse of certain government data. In addition, the regulation provides a notification and oversight framework for the provision of data mediation services. Furthermore, the regulation contains a framework for the voluntary registration of entities that collect and process data made available for altruistic purposes. The rules will apply from September 2023.

An association representing consumer interests may bring a representative action against the alleged perpetrator of a personal data breach. A specific breach of a data subject's right to the protection of his or her personal data is not required to bring such a claim. In addition, such a claim can be brought independently of whether a data subject has given an order to do so. This is the EU Court's answer to questions from a German court.

Lawfully collected and stored personal data may be retained in an additional internal database, to the extent that it pursues the same data processing purposes as the original data collection. That is the opinion of Advocate General Pikamäe to the EU Court in response to questions from a Hungarian judge.

The collection by the tax authority of a Member State of personal data concerning the advertisements for the sale of vehicles placed on the website of an economic operator falls within the material scope of the General Data Protection Regulation (AVG). Thus, that authority will also have to comply with the principles on the processing of personal data laid down in the AVG. However, a tax authority can derogate from the AVG in certain cases, even if the right to derogate is not granted by nationa