privacy

Subscribe to privacy via RSS

On Monday September 7, 2020, the European Data Protection Board (EDPB) issued draft Guidelines 8/2020 on the targeting of social media users (the “Draft Guidelines”). The Draft Guidelines have far-reaching implications for social media platforms, advertisers, and adtech companies, as they will result in a clarification of the roles and responsibilities of the key stakeholders, and establish rules for consent.

The Draft Guidelines are open for public consultation until October 19, 2020. Interested companies can submit their comments to the EDPB.
Continue Reading EDPB Issues Guidelines on Social Media Targeting Under GDPR

On May 4, 2020, the European Data Protection Board (EDPB) adopted new guidelines (the guidelines) regarding the use of consent as a legal basis for processing personal data under the General Data Protection Regulation (GDPR).[1] The guidelines update and replace the Article 29 Working Party’s April 2018 guidance on the same topic.

The guidelines remain largely unchanged from the earlier version but do provide helpful clarifications on two points: a) the validity of consent when interacting with so-called “cookie walls”; and b) “scrolling” as a means of indicating consent.
Continue Reading EDPB Adopts Updated Consent Guidance

On April 21, 2020, the European Data Protection Board (EDPB) published two sets of guidelines addressing data processing in the context of the COVID-19 pandemic. These guidelines address the use of location data and contact tracing tools to combat the spread of COVID-19 and the use of health data for the purposes of scientific research into COVID-19 (together, the guidelines).

Since March 2020, the EDPB and the European Commission (EC) have been active in addressing the use of data to combat the COVID-19 pandemic. The EC released its recommendation regarding contact tracing apps and the use of mobility data on April 8, while the EDPB issued a letter on April 14 addressing the same issue. The EC then published specific guidance regarding the use of COVID-19 mobile apps. In these most recent guidelines, the EDBP further elaborates on the signposts provided in its earlier letter and provides specific guidance on the deployment of contact tracing apps as well as the re-use of information for scientific research purposes.
Continue Reading EDPB Publishes Guidelines on COVID-19 Related Data Usage

On April 16, 2020, the European Commission (EC) published guidance (guidance) regarding mobile applications developed to combat the spread of the COVID-19 pandemic (COVID-19 mobile apps). As previously mentioned in our blog posts, the guidance follows the EC recommendation last week on the same topic, and takes into account a prior consultation with the European Data Protection Board (EDPB).

The guidance expands on the legal bases for data processing identified in the EC’s consultation with the EDPB and highlights key data protection requirements for certain COVID-19 mobile apps.
Continue Reading The European Commission Publishes Guidance on COVID-19 Mobile Apps

On April 14, 2020, the European Data Protection Board (the EDPB) published a letter in response to the European Commission’s call for consultation (the letter) regarding its recommendation on the use of mobile applications and location data to fight the COVID-19 outbreak.

As previously reported in our blog post, the European Commission’s recommendation sets out a “toolbox” of measures to be implemented across EU member states to address the use of technology in combating the spread of the COVID-19 pandemic. In its letter, the EDPB sets forth data privacy and information security measures that app developers should consider when developing mobile applications to inform individuals or monitor infected persons (COVID-19 mobile apps).
Continue Reading The EDPB Responds to the European Commission’s Recommendation on COVID-19 Mobile Apps

On April 8, 2020, the European Commission (the Commission) released its recommendation for a pan-EU approach on the use of technology and data to combat the COVID-19 pandemic (the Recommendation).

The Commission calls for the creation of a “toolbox” consisting of practical measures taken at the EU level to address the use of mobile applications to inform individuals or monitor infected persons (COVID-19 mobile apps) and address the use of anonymized population data to analyze the evolution of the pandemic in the EU. While the Recommendation does not specify the measures to be included in the toolbox, it provides a roadmap to promote the harmonization of these measures across all EU member states.
Continue Reading European Commission Calls for a Common Approach to COVID-19 Apps and Anonymized Data Use