Tag Archives: personal data

Portuguese hospital receives and contests 400,000 € fine for GDPR infringement

On July 17, 2018, the Portuguese Supervisory Authority (“CNPD”) imposed a fine of 400.000 € on a hospital for infringement of the European Union General Data Protection Regulation (“GDPR”).  The decision has not been made public.  Earlier this week, the hospital publicly announced that it will contest the fine. According to press reports, the CNPD … Continue Reading

CJEU Confirms Dynamic IP Addresses To Be Personal Data

On Wednesday October 19, 2016 the Court of Justice of European Union (“CJEU”) issued its judgment in Case C-582/14, Patrick Breyer v Germany.  The CJEU held that a “dynamic” IP address constitutes personal data (agreeing with the Opinion of the Advocate General from May this year).  Dynamic IP addresses qualify as personal data, even if … Continue Reading

Brazil Extends the Consultation Period on Its Draft Data Protection Law until April 30

In February 2015, the Brazilian government issued a draft of Brazil’s first comprehensive privacy law, the Preliminary Draft Bill for the Protection of Personal Data (the “Draft Bill”).  The Draft Bill builds on and codifies certain concepts relating to the treatment of personal data already present in Brazilian constitutional, statutory and case law. The Draft … Continue Reading

European Consumer Legislation and Online Privacy Policies: Opening Pandora’s Box?

Regulators and courts in the EU are increasingly vigilant in relation to privacy practices and policies of large online companies.  In recent years and months, the pressure increases not only through privacy-specific regulations and enforcement, but also through the application of consumer legislation.  As the below examples from France and Germany show, some courts or … Continue Reading

Germany Wants to Introduce Class Actions for Privacy Violations

Pursuant to a press release of the German Federal Ministry for Justice and Consumer Protection, the German Government approved a draft law to strengthen the private enforcement of certain data protection law provisions that aim to protect consumers.  In particular, the draft law empowers consumers and other qualified associations to send cease-and-desist letters and to … Continue Reading

Russian Data Localization Bill Now Confirmed To Come Into Effect On 1 September 2015

UPDATED:  This post was first published on December 19, 2014; it is now being updated to reflect President Putin’s signature of the bill discussed below on 31 December, 2014. In July 2014, Russia enacted Law 242-FZ (the “Localization Law”).  The Localization Law amends the Russian Federal Law on Information, Information Technology and Information Protection, and … Continue Reading

Duma Votes to Accelerate Implementation Date of Russian Data Localization Bill By A Year

In July this year, Russia enacted Law 242-FZ (the “Localization Law”).  The Localization Law amends the Russian Federal Law on Information, Information Technology and Information Protection, and would introduce a new requirement for certain businesses (including in particular those processing data concerning Russian citizens and also maintaining offices in Russia) to ensure that personal data … Continue Reading
LexBlog