#SypherPrivacyTalks - January 2024 - Week 3
By Sypher | Published in News - January 15, 2024
Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.
Microsoft to keep all European cloud customers’ personal data within EU
complianceweek.com • 1 min read
⭐ On January 11 of this year, Microsoft revealed an expansion of its European Union data storage initiatives, allowing cloud users to keep their personal data exclusively within the EU's borders.
With this development, the tech giant will be able to offer customers a solution to address concerns about potential violations of the GDPR, given that this regulation provides EU residents with increased control over the storage of their personal data, surpassing the rights currently in place in the United States.… read more
More information on Microsoft’s EU Data Boundary project in the company’s press release.
CNIL fined NS CARDS FRANCE €105,000
💶 CNIL, the French DPA, fined online payment company NS CARDS FRANCE €105,000 for failing to comply with the rules on 🍪 cookies and trackers and for several breaches of the GDPR relating to data retention periods, information to individuals and data security.
CNIL found the following breaches:
Failure to comply with the obligation to retain data for a period limited to the purpose for which it was collected
Failure to comply with the obligation to inform individuals
Failure to comply with the obligation to ensure the security of personal data
Failure to comply with obligations relating to the use of cookies and trackers
Romania's first GDPR fine in 2024: Bank fined 17,000 euros
e-juridic.manager.ro • 3 min read
💶 The Romanian DPA, the ANSPDCP, issues its first fine of 2024, following an investigation on Alior Bank SA, specifically its branch in Romania - Alior Bank SA Warsaw, Bucharest Branch.
The DPA found the following breaches to GDPR:
- Unsolicited electronic mail;
- Transmission of commercial correspondence by e-mail, although the data subject had already exercised his right to object;
- Processing of personal data of individuals who have ended the contractual relationship with the bank for a purpose incompatible with the one for which the data was originally collected… read more (in Romanian).
More information on ANSPDCD press release (in Romanian).
Transfer Impact Assessment (TIA): the CNIL Consults You on a Draft Guide
🌏 Organisations transferring personal data outside the European Economic Area (EEA) must assess the level of data protection in the destination countries and the need to take additional measures.
The EU Court of Justice's 'Schrems II' ruling highlights the responsibility of data exporters and importers to ensure that personal data transferred outside the European Economic Area (EEA) is protected at GDPR level.
To this end, exporters must conduct 📝 transfer impact assessments (TIAs), assessing the level of protection in the destination country.
The French data protection authority, the CNIL, has published a guide in line with the EDPB's recommendations to help exporters conduct TIAs.
📢 A public consultation on the draft guidance is open until ⏱️12 February 2024.
More info on the CNIL website, on Transfer Impact Assessment (TIA): the CNIL Consults You on a Draft Guide (in English).👇
Amazon’s Dutch Data Privacy Case May Decide Future of European Class Actions
corporatecomplianceinsights.com • 5 min read
⚖️ A recent class action lawsuit filed by Dutch consumer rights group Stichting Data Bescherming Nederland (SDBN) against Amazon alleges illegal tracking of users' online activities.
This case, a consequence of the EU's new law facilitating class-action lawsuits by consumer groups, could shape public policy and legal dynamics.
With echoes of a GDPR violation case in 2021, the lawsuit tests the impact of the EU's streamlined approach to class actions on consumer compensation and legal procedures in the region. The outcome could redefine how wronged consumers seek justice, and influence the operational landscape for EU law firms … read more
___
Stay tuned for more by 📌 connecting with us on LinkedIn or, better yet, by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.
