The German Federal Office for Information Security (BSI) and the German Federal Criminal Police Office (BKA) warn in a press release published on 02.12.2021 of increased attack risks (e.g. cyber attacks) on companies over the Christmas holidays this year.
Recently, the Corona traffic light has been on red throughout Bavaria, bringing with it stricter regulations for infection control. The regulations applicable to each stage were not adjusted again to the worsening infection situation in the Free State until 05.11.2021 with the Ordinance Amending the Fourteenth Bavarian Infection Control Measures Ordinance.
The European Union is striving to reduce traffic-related CO2 emissions. Accordingly, it has issued limit values & a new EU implementing regulation for permissible CO2 emissions for vehicles – the EU 2021/392 implementing regulation.
“Knowledge is power” and knowledge about potential prospects and customers is of enormous value. Data trading has therefore been a flourishing industry for years.
The Hamburg Commissioner for Data Protection and Freedom of Information Johannes Caspar (Hamburg data protection supervisory authority) has issued an order against Facebook to process data from WhatsApp for its own purposes and ordered immediate enforceability for this.
Even in the context of an employment relationship or after its termination, an employee has the right to information about the processing of his or her data pursuant to Art. 15 GDPR. So far, so clear. As in many cases, the problems begin with a detailed examination.
In many companies, so-called sanctions list checks or embargo list checks are carried out. The fact that this is a topic relevant to data protection law is often forgotten. However, since personal data is processed in the course of these audits, the scope of application of the GDPR is opened and the requirements must be complied with.
In its decision of February 16, 2021 (Case No.: 2 A 355/19), the Higher Administrative Court of Saarland determined that consent under data protection law to advertising approaches by telephone cannot be proven by the so-called “double opt-in procedure” in connection with an “Internet sweepstake”. The telephone advertising can then also not be based on a legitimate interest according to Art. 6 (1) lit. f DSGVO, as there is an anti-competitive processing.
Competent employees are a figurehead for successful companies. It is therefore standard practice for websites and other advertising materials to show photos of employees. As a ruling by the Münster Labor Court (Case No. 3 Ca 391/20) dated March 25, 2021 makes clear, data protection requirements must not be disregarded. The defendant employer was ordered to pay € 5,000 in damages for pain and suffering due to the publication of a photo of her employee without her written consent, Section 82 (1) of the GDPR, as it was a photo publication that did not comply with the GDPR. The defendant had used a picture of the plaintiff in a context related to her skin color in violation of the GDPR.
The right to object – Art. 21 GDPR under the The right to object under Art. 21 GDPR is certainly not as prominent as, for example, the right to data erasure (right to be forgotten) under Art. 17 GDPR. Nevertheless, there are some data protection law subtleties to consider here, which we will highlight in this article.