I remember myself criticising new EDPB Guidelines 07/2020 for obvious mistakes in choosing an approach for giving explanations: https://virtualshadows.wordpress.com/2020/09/13/do-new-guidelines-07-2020-on-the-concepts-of-controller-and-processor-in-the-gdpr-guidelines-really-help-to-identify-joint-controllership/ Today I came across an article from Herbert Smith Freehills (see the link below) and, ironically, found the same thought I had a month ago: "the guidelines do not appear to add much clarity with respect to the … Continue reading 7 practical takeaways from the EDPB Guidelines 07/2020 (by Herbert Smith Freehills)
Sweden is ahead of the rest of the world when it comes to children's rights, even in the digital/online world. Read more here. To say I felt an excitement deep in me is an understatement. It was children's safety online which brought me into privacy. My master thesis for my MSc Information Security was on … Continue reading Digital online rights for children
Swedish DPA #datainspektionen has updated its guidance as to how personal data should be processed in employment relationships. The information is primarily addressed to employers in both the private and public sectors. It can also help workers, job seekers, trade unions and trade associations. Original text is in Swedish but can be easily translated into English via … Continue reading Swedish DPA has updated its guidance for employment sector.
While many transnational companies continue to feel headache after 'Schrems II' hit in July, the problem for SMEs looks simpler and more trivial: they seem to be unable to meet even more general and clear data protection requirements without external help. This can return us to early talks (they are sometimes heard now, though) that … Continue reading CNIL partners with Order of Chartered Accountants to help SME to improve their compliance with the GDPR.
So hot of the press is that H&M (a Swedish business), although the fine of €41,4m was due to practices in one of their German outlets which were not compliant with GDPR. Clearly as an employer it is difficult to avoid the collection of sensitive data from employees, i.e. when they are sick, just the … Continue reading H&M have invaded employee privacy