Weekly Newsletter: 28 December 2020 – 1 January 2021
GDPR EU Representative

January 4, 2021

EU-UK Trade and Cooperation Agreement: protecting European interests, ensuring fair competition, and continued cooperation in areas of mutual interest

[#DataProtection #brexit #eu #unitedkingdom #internationaldatatransfers]

“After intensive negotiations, the European Commission has reached today (edit: 24 December 2020) an agreement with the United Kingdom on the terms of its future cooperation with the European Union.”

As stated in the EU-UK Trade and Cooperation Agreement Summary (p.32):

“182. This Part also includes a provision to provide for the continued free flow of personal data from the EU and EEA EFTA States to the UK until adequacy decisions are adopted, and for no longer than 6 months. The UK has, on a transitional basis, deemed the EU and EEA EFTA States to be adequate to allow for data flows from the UK.”

You can find the Summary here.

You can find the Agreement here.

To read more: Click here

Your car may be recording more data than you know

[#DataProtection #vehiclesecurity #vehiclesdata]

“When we think about privacy and who can access our location data, we’re often focusing on our phones, and not on the machine that actually takes us places: our car. A recent report from NBC News goes into just how much data is collected by our vehicles, and how it can be used by police and criminals alike.

Your car, depending on how new it is and what capabilities it has, could be collecting all sorts of data without your knowledge — including location data, when its doors were opened, and even recordings of your voice. The NBC article uses the example of Joshua Wessel, a man who’s been charged with murder because the victim’s truck has a recording of his voice at the time of the killing.”

To read more: Click here.

Vienna Superior Court: Facebook can “bypass” GDPR consent, but must give access to data

[#datenschutz #dsgvo #Schrems #GDPR #consent #compliance]

“The Viennese Superior Court (Oberlandesgericht Wien) has delivered a ruling today that Facebook must pay Mr Schrems € 500 in emotional damages and grant him full access to all the data that Facebook holds about him.[…]”

However,[…] “The Austrian Court allows Facebook to bypass the new GDPR requirements. Facebook just copied the ‘consent’ into another document in the night the GDPR came into force and argues this would be a contract, not consent. This would have the consequence, that Europeans would be stripped of their new protections. Facebook is clearly abusing the law and this cannot be tolerated.”

[…]”It seems the Court has not really taken a deeper look into many of the problems that this case is raising. We will clearly try to get this case all the way up to the highest courts. There could be a reference to the CJEU on the core questions within the spring of 2021. If the industry is allowed to just add a line to their terms, to bypass the GDPR consent requirements, we can shred large parts of the GDPR.”

To read more: Click here.

Spain will register those who choose not to get vaccinated, and will share the information with the E.U.

[#DataProtection #covid19 #dataprivacy #healthdata #covid #privacy #vaccinations]

“Spain plans to collect and share with other European Union nations information about residents who decide not to get vaccinated for Covid-19, the country’s health minister said on Monday.

[…]“Vaccination refusals will be kept in a register,” Mr. Illa said in an interview with La Sexta, a Spanish television channel. “This is not a public document and it will be done with the highest respect of data privacy.”

[…]Mr. Illa’s comments came a day after Spain launched its vaccination program, with the goal of vaccinating 2.5 million people between January and March, all of them within priority health groups, starting out with residents of nursing homes and the health care professionals who care for them.”

To read more: Click here.