News

Merry Christmas and a Happy New Year!

During the fifteenth plenary session, a wide range of topics was discussed: Privacy Shield Review, Guidelines on Territorial Scope, Guidelines on Data Protection by Design & Default, Art. 64 Opinion on Exxon Mobil BCRs, Response letter to LIBE, Additional Protocol Budapest Convention.

The 41st International Conference of Data Protection and Privacy Commissioners took place in Tirana (Albania) from 21 to 24 October 2019.. The theme of the conference was "Convergence and connectivity: raising global data protection standards in the digital age".

On October 8th and 9th, the EEA Data Protection Authorities and the European Data Protection Supervisor, assembled in the European Data Protection Board, met for their fourteenth plenary session. During the plenary a wide range of topics were discussed.

You have a right of access to the processing of personal data by the Police, the State Intelligence Service, the National Security Authority, the Army, the Financial Intelligence Unit and the Customs and Excise Administration.

The European Commission published the results of a special Eurobarometer survey on data protection. The results show that Europeans are relatively well aware of the new data protection rules, their rights and the existence of national data protection authorities, to whom they can turn for help when their rights are violated.

The CNPD has published the English and German versions of the Act of 1 August 2018 on the organisation of the National Data Protection Commission and the general data protection framework.

Just a few days short of the GDPR’s first anniversary, the European Data Protection Board surveyed the Supervisory Authorities (SAs) of the EEA and takes stock of the Board’s achievements.

Following a request from the European Commission (DG SANTE), the European Data Protection Board has adopted an opinion on the clinical trials Q&A. The opinion addresses in particular the aspects related to the adequate legal bases in the context of clinical trials, and the secondary uses of clinical trial data for scientific purposes. The opinion will now be transmitted to the European Commission.

Several organisations informed the CNPD that they had been contacted by private companies offering data protection consulting and audit services, stating that these services were allegedly executed under the mandate or on behalf of the CNPD. The CNPD hereby clarifies

Several organisations have contacted the CNPD following the receipt of a request for access that seemed dubious. The CNPD immediately contacted the GovCert to check whether it is a legitimate email or a phishing attempt. It has indeed been confirmed that the demand that has come from the domain "electronicprivacy.eu" is classified as phishing.

On 4 September 2018, the CNPD organizes new courses on the basics of data protection. These courses are aimed at “beginners”, who wish to learn basic elements of data protection law.

Today the European Data Protection Board (EDPB) held its first plenary meeting. This new, independent EU decision-making-body with legal personality is created by the General Data Protection Regulation (GDPR), which enters into application as of today. The EDPB succeeds the Article 29 Working Party.

The Working Party 29 (WP29), the group uniting European data protection authorities, announces its full support for the ongoing investigations by national privacy authorities into the collection and use of personal data by and through social media. In addition, the WP 29 will create a Social Media Working Group to develop a long-term strategy on the issue.

“As a rule personal data cannot be used without full transparency on how it is used and with whom it is shared. This is therefore a very serious allegation with far-reaching consequences. ICO is conducting the investigation into this matter. As Chair of the Article 29 Working Party, I fully suport their investigation. The Members of the Article 29 Working Party will work together in this process."

On 13 April 2018, the CNPD organizes new courses on the basics of data protection. These courses are aimed at “beginners”, who wish to learn basic elements of data protection law.