Iubenda logo
Start generating


Table of Contents

DPO Newsletter: Data Protection & Privacy News (issue #36)

DPO Newsletter: Global Data Protection & Privacy News

We’ve compiled the latest in Data Protection and Privacy news for your convenience below.

1) Newly Published Documentation

  • The Irish Data Protection Authority has issued guidance on having a Child-Oriented Approach to Data Processing. Read the details here →
  • The United Kingdom’s Information Commissioner’s Office (ICO)has opened a consultation on how it uses its powers to investigate, regulate and enforce. Access the consultation here →
  • The UK Geospatial Commission published a report on public attitudes to data location. The report will inform a government Guidance on the ethical use of location data. View the report here →
  • The Office of the Privacy Commissioner of New Zealand has published guidance on Sensitive Information. Read here it →

2) Notable Case Law

  • The Norwegian Data Protection Authority (the Datatilsynet) has issued a fine to a dating-app company after finding that the company shared personal data with advertising partners without valid consent. Indeed, the Authority went through all the conditions for obtaining consent under the GDPR, which it underlined were cumulative. The Datatilsynet found that the requirements for consent being “freely given”, “specific”, “informed”, “unambiguous”, and “as easy to withdraw as to give consent” were not fulfilled. The decision is available in English →
  • The Finnish Data Protection Authority fined a psychotherapy centre for failing to secure personal data processed. In this case, the company’s patient files had been copied by hackers who then threatened the centre. The centre had then failed to notify the affected data subjects or the Data Protection Officer. Read the decision here (in Finnish) →
  • The Spanish Data Protection Authority (the AEPD), issued a fine against an organization for sharing personal data and health data without obtaining valid consent. Read the decision here (in Spanish) →

3) New and Upcoming Legislation

4) Strong Impact Tech

  • The European Data Protection Supervisor issued a TechSonar Report, to anticipate rising technologies and monitor their potential impact on data protection. The five technologies it chose to monitor were synthetic data, smart vaccination certificates, the central bank digital currency, just walk out (JWO), continuous biometric authentication, and digital therapeutics.

Other key information from the past weeks

  • The United Kingdom and the United States – The UK and the US have issued a joint statement on their commitment to allow data exchanges between both countries.
  • The ICO has issued a 50,000 GBP fine to Virgin Media after deciding that it had deliberately sent direct marketing emails without valid consent.
  • The French Data Protection Authority (the CNIL) has updated its GDPR guidance for developers.

👍 Enjoyed this issue? Share it on LinkedIn and subscribe for weekly updates

About us


Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.