2020 Data protection e-records 
Debevoise Data Blog
JANUARY 17, 2025
Our top-eleven European data protection developments for the end of 2024 are: EU Cyber Resilience Act: The Council of the European Union approved the Cyber Resilience Act , introducing cybersecurity requirements for digital products sold in the EU. The UK Upper Tribunal did not consider the provisions under the UK GDPR.
Legal IT Group
SEPTEMBER 19, 2023
For example, in 2020, the Data Protection Authority of Hamburg imposed a 35.3 In particular, specific details about the lives of some employees of H&M (illnesses, medical diagnoses, religious beliefs, and family problems) were comprehensively recorded and stored as information on a network drive.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Debevoise Data Blog
NOVEMBER 10, 2020
ICO targets the data broking industry : On 27 October, the ICO demanded that Experian make sweeping changes to data protection practices within its direct marketing business within three months or face further enforcement action. We will continue to report on developments as Experian’s appeal progresses.
Debevoise Data Blog
OCTOBER 12, 2021
million fine against Austrian Post for channelling electronic data protection-related inquiries to a web form and not offering an additional email address, irrespective of the data subject option to also use non-electronic postal mail or customer service. Standard Contractual Clauses).
Debevoise Data Blog
JULY 20, 2021
Here are our highlights: European Commission adopts new Standard Contractual Clauses What happened : As reported in our blog post , the European Commission adopted its new Standard Contractual Clauses (“SCCs”) for the cross-border transfer of personal data from the EEA to “third countries”.
Debevoise Data Blog
FEBRUARY 10, 2021
As covered in our Annual Review , 2020 was a blockbuster year for European data protection. has appealed , both penalties show that companies need to be wary not only of how they treat customer data, but also employee data. Spanish DPA hands CaixaBank record €6m fine. While Notebooksbilliger.de
Debevoise Data Blog
JUNE 8, 2023
Third country data transfers : Businesses that transfer personal data outside of the EEA may want to review their transfer mechanisms in light of new guidance on the EU and South East Asia SCCs, and the DPC’s record-breaking €1.2 Nonetheless, businesses that transfer personal data to the U.S. billion fine against Meta.
Expert insights. Personalized for you.
52 
Let's personalize your content