Updates on Developments in Data Privacy and Cybersecurity
On February 6, 2025, Advocate General Spielmann released his opinion in the EDPS vs. SRB case (Case C‑413/23 P). In this case, the European Data Protection Supervisor appealed a decision from the General Court (see our blog post here).
In essence, the case turns on the question of whether…
Continue Reading CJEU Advocate General Supports Pragmatic Definition of Personal DataOn April 26, 2023, the General Court of the European Union issued its judgment in Case T-557/20, SRB v EDPS.
The Court held that pseudonymized data transmitted to a data recipient will not be considered personal data if the data recipient does not have the means to re-identify the data subjects. The Court also clarified that an individual’s opinions cannot be assumed to be personal data; instead, a case-by-case assessment is necessary.Continue Reading EU General Court Clarifies When Pseudonymized Data is Considered Personal Data
The UK Government recently published its long-awaited response to its data reform consultation, ‘Data: A new direction’ (see our post on the consultation, here).
As many readers are aware, following Brexit, the UK Government has to walk a fine line between trying to reduce the compliance burden on organizations and retaining the ‘adequacy’ status that the European Commission granted in 2021 (see our post on the decision, here).
While we’ll have to wait to review the detail of the final legislation, we outline below some of the more eye-catching proposals for reform.Continue Reading 8 Eye-catching Reforms in the UK Government’s Response to its Public Consultation on Data Protection Law
On February 10, 2020, Germany’s Federal Commissioner for Data Protection and Freedom of Information (BfDI) launched its first public consultation procedure. The consultation invites comments on a position paper of the BfDI which addresses the anonymization of personal data under the General Data Protection Regulation (GDPR), with a particular…
Continue Reading German Federal Commissioner for Data Protection and Freedom of Information Launches Public Consultation on Anonymization
On November 4, 2019, the Spanish Supervisory Authority (“AEPD”), in collaboration with the European Data Protection Supervisor, published guidance on the use of hashing techniques for pseudonymization and anonymization purposes. In particular, the guidance analyses what factors increase the probability of re-identifying hashed messages.
The AEPD explains that the probability…
Continue Reading Spanish Supervisory Authority and EDPS Release Guidance on Hashing for Data Pseudonymization and Anonymization Purposes
