Focusing on the latest digital trends and risks and developments in the field of data protection, privacy, information and cyber law.

GDPR Guidelines – Is The Article 29 Working Party Going Too Far?

David Smith

The Article 29 Working Party has been working overtime to publish guidelines on a wide range of GDPR requirements. Not surprisingly, given the impact of the GDPR, there have been calls for even more guidance but the data protection authorities that make up the Working Party have limited resources and it is not always easy Read More

WP29 guidelines on consent under GDPR

Nigel Parker

The WP29’s draft guidelines on consent begin with some good advice. “[A] controller must always take time to consider whether consent is the appropriate lawful ground for the… processing or whether another ground should be chosen instead”. The decision whether or not to seek and rely on consent has heightened importance under the GDPR, given Read More

WP29 guidelines on transparency under GDPR

Nigel Parker

Shortly before the Christmas break, the Article 29 Working Party (WP29) published keenly awaited draft guidelines on transparency and consent under the GDPR. These guidelines will be closely scrutinised. Privacy notices, requests for consent, how an organisation deals with data subject enquiries regarding the processing of personal data, and how an organisation communicates information in Read More

VCAST cloud television recording service constitutes unlawful communication to the public

Alex Woolgar

In its judgment on a reference from the District Court of Turin (Italy), the CJEU determined that a service enabling consumers to have free-to-air television content received remotely and directly recorded onto a personal cloud storage space, was unlawful. Although the questions referred by the Italian court were not framed as such, the CJEU used this reference Read More

US Consumer Financial Protection Bureau guidelines for third-party financial data sharing

Jacob Reed

On October 18, the U.S. Consumer Financial Protection Bureau (CFPB) published nine principles for the protection of consumers in the emerging financial data aggregation industry. The CFPB, which is charged with ensuring consumer access to fair and transparent financial services, emphasized that the principles are not intended as guidance on existing laws and regulations and Read More

WP29 draft guidelines on profiling and automated decision-making under the GDPR

Ondrej Kramolis

On 17 October, the Article 29 Working Party (WP29) published new draft guidelines on profiling and automated decision-making under the GDPR (the Guidelines). The Guidelines identify two benefits of profiling – increased efficiencies and resource savings and note that profiling and automated-decision making can be used to tailor services and products to align with individual Read More