The German Federal Office for Information Security (BSI) and the German Federal Criminal Police Office (BKA) warn in a press release published on 02.12.2021 of increased attack risks (e.g. cyber attacks) on companies over the Christmas holidays this year.
Read more … BSI and BKA warn of cyber attacks over Christmas
VIDEO: 3G in the workplace – everything you need to know about the Corona protection regulation and its data protection
Recently, the Corona traffic light has been on red throughout Bavaria, bringing with it stricter regulations for infection control. The regulations applicable to each stage were not adjusted again to the worsening infection situation in the Free State until 05.11.2021 with the Ordinance Amending the Fourteenth Bavarian Infection Control Measures Ordinance.
Read more … VIDEO: 3G in the workplace – everything you need to know about the Corona protection regulation and its data protection
The European Union is striving to reduce traffic-related CO2 emissions. Accordingly, it has issued limit values & a new EU implementing regulation for permissible CO2 emissions for vehicles – the EU 2021/392 implementing regulation.
Read more … VIDEO: Implementing Regulation (EU) 2021/392 – Data protection and the CO2 data transfer.
“Knowledge is power” and knowledge about potential prospects and customers is of enormous value. Data trading has therefore been a flourishing industry for years.
Read more … Personal data as the currency of the 21st century
Ban on further processing of user data Hamburg data protection supervisory authority takes action against Facebook and WhatsApp cooperation
The Hamburg Commissioner for Data Protection and Freedom of Information Johannes Caspar (Hamburg data protection supervisory authority) has issued an order against Facebook to process data from WhatsApp for its own purposes and ordered immediate enforceability for this.
Read more … Ban on further processing of user data Hamburg data protection supervisory authority takes action against Facebook and WhatsApp cooperation
The right to information according to Art. 15 GDPR – ruling of the Bundesarbeitsgericht does not bring clarity
Even in the context of an employment relationship or after its termination, an employee has the right to information about the processing of his or her data pursuant to Art. 15 GDPR. So far, so clear. As in many cases, the problems begin with a detailed examination.
Read more … The right to information according to Art. 15 GDPR – ruling of the Bundesarbeitsgericht does not bring clarity
In many companies, so-called sanctions list checks or embargo list checks are carried out. The fact that this is a topic relevant to data protection law is often forgotten. However, since personal data is processed in the course of these audits, the scope of application of the GDPR is opened and the requirements must be complied with.
Read more … Relevance of the sanctions list check in terms of data protection
Caution with “double opt-in procedures” for obtaining consent for telephone advertising under data protection law
In its decision of February 16, 2021 (Case No.: 2 A 355/19), the Higher Administrative Court of Saarland determined that consent under data protection law to advertising approaches by telephone cannot be proven by the so-called “double opt-in procedure” in connection with an “Internet sweepstake”. The telephone advertising can then also not be based on a legitimate interest according to Art. 6 (1) lit. f DSGVO, as there is an anti-competitive processing.
Read more … Caution with “double opt-in procedures” for obtaining consent for telephone advertising under data protection law
Non-compliant publication of photos in brochure – employee receives compensation of € 5,000 for pain and suffering
Competent employees are a figurehead for successful companies. It is therefore standard practice for websites and other advertising materials to show photos of employees. As a ruling by the Münster Labor Court (Case No. 3 Ca 391/20) dated March 25, 2021 makes clear, data protection requirements must not be disregarded. The defendant employer was ordered to pay € 5,000 in damages for pain and suffering due to the publication of a photo of her employee without her written consent, Section 82 (1) of the GDPR, as it was a photo publication that did not comply with the GDPR. The defendant had used a picture of the plaintiff in a context related to her skin color in violation of the GDPR.
Read more … Non-compliant publication of photos in brochure – employee receives compensation of € 5,000 for pain and suffering
The right to object – Art. 21 GDPR under the The right to object under Art. 21 GDPR is certainly not as prominent as, for example, the right to data erasure (right to be forgotten) under Art. 17 GDPR. Nevertheless, there are some data protection law subtleties to consider here, which we will highlight in this article.
Read more … The right to object – Article 21 GDPR under the microscope