Iubenda logo
Start generating


Table of Contents

DPO Newsletter: Data Protection & Privacy News (issue #48)

DPO Newsletter: Global Data Protection & Privacy News

We’ve compiled the latest in Data Protection and Privacy news for your convenience below.

1) Newly Published Documentation

  • The Commissioner for Data Protection and Freedom of Information of Baden-Württemberg has published updated guidance on cookies. Read about the updated guidelines here →(in German)
  • The Danish DPA (Datatilsynet) has issued guidance on the use of cloud technologies, including indications on data protection elements, the use of US providers focusing on additional security measures, and practical examples on how to conduct a Transfer Impact Assessment properly. Click here to access the guidance →
  • The updated edition of the “Guide to the Post Third-Party Cookie Era” was published by the Interactive Advertising Bureau (IAB) Europe on March 10, 2022. Access the guide here →

2) Notable Case Law

  • Clearview AI, a US business, was fined 20 million euros by the Italian DPA (Garante Privacy) for issues linked to the company’s facial recognition software. The Garante found that Clearview AI was processing personal data unlawfully and failing to provide the information required by GDPR Articles 13 and 14. The corporation was banned from further collecting and processing such personal data of persons in the Italian territory, amongst other things. Read the full ruling here → (in Italian)
  • CAIXABANK SA was fined 2.1 million euros by the Spanish DPA (AEPD) for having obtained consent for purposes other than those indicated on the contract and do so using pre-ticked boxes. Read about the decision here → (in Spanish)
  • The UK DPA (ICO) imposed a fined of £98,000 on the London headquartered law firm Tuckers Solicitors for failing to put in place proper cybersecurity measures after a cyberattack saw almost a million legal documents stolen and leaked onto the dark web. The Authority’s notice can be found here →

3) New and Upcoming Legislation

Privacy legislation in the US states:

4) Strong Impact Tech

  • The UK’s High Court of Justice has ruled that a class-action lawsuit against TikTok regarding alleged violations of children’s privacy is viable. A spokeswoman for TikTok stated that the company has “robust policies, processes and technologies in place to help protect all users, and in particular our teenage users.” A 12-year-old girl, who the court granted anonymity, filed the lawsuit in December 2020, alleging that the social network illegally processes children’s data. Read more on the case here →

Other key information from the past weeks

  • The UK Department for Digital, Culture, Media & Sport (DCMS) has launched a consultation on the recently published Online Advertising Programme, which aims to examine the regulatory framework for paid-for online advertising in light of the supply chain’s lack of transparency and accountability.

👍 Enjoyed this issue? Share it on LinkedIn and subscribe for weekly updates

About us


Attorney-level solutions to make your websites and apps compliant with the law across multiple countries and legislations.