In a judgment delivered on 5th October 2018, in the names of Doreen Camilleri vs Information and Data Protection Commissioner (IDPC), the Maltese Court of Appeal (Inferior Jurisdiction) decided that the appellant’s personal data had not been processed according to law and that an employee’s email address constituted personal data. The appellant was employed with the European Union Programme Agency (the “Agency”) and on the 8th of February 2016 she had informed the Permanent Secretary of the Ministry responsible for Education and Employment that her employment was going to be terminated. According to evidence submitted, on the 9th of February 2016, the Agency had requested the Malta Information Technology Agency (“MITA”) to change the password of the appellant’s mailbox. The appellant was not informed of this request and the appellant’s password was changed on the same day on which the request had been made. Following this, on the 15th … [Read more...] about Corporate email address containing name and surname is considered as personal data
Processing of personal data
Riigikogu adopts Personal Data Protection Act
The General Data Protection Regulation (GDPR) entered into effect across the EU on 25 May, regulating the protection of personal data, and national legislation had to be brought into conformity with it, Riigikogu spokespeople said on Wednesday. The general principles of the protection of personal data will not change, however.The protection of personal data is regulated by the general regulation, which grants people greater control over the processing of their personal data. Access to data regarding an individual will become simpler for them, and individuals must be more comprehensively and clearly informed regarding how their data is processed.Should an individual no longer wish to allow their data to be processed and there are no other legal grounds for the preservation of their data, said data must be deleted.Estonia's Personal Data Protection Act establishes, in conformity with the EU's general regulation, a few exceptions to the general principle of the processing of personal data … [Read more...] about Riigikogu adopts Personal Data Protection Act
EU’s Buttarelli says personal data protection is “a pillar of democracy”
Europe’s Data Protection Supervisor Giovanni Buttarelli warned that the Cambridge Analytica scandal of earlier this year was a warning to the public that the use of personal data was no longer a simple question of privacy, but one that also concerns the security and durability of democratic norms. “It is essential to eliminate the slightest doubt about the use of data. Their protection becomes a pillar of democracy,” said Buttarelli. “Digitalisation is not the answer, as responsibility is left to the machines“, adding, “digitisation does not respect geographical boundaries.” According to Buttarelli, this lack of digital frontiers that correspond to national borders is an existential risk that could influence voters remotely and leave the decision-making process to algorithms. “This requires individuals to make life-changing decisions based on opaque criteria,” he adds, examples, he said, were on display in … [Read more...] about EU’s Buttarelli says personal data protection is “a pillar of democracy”
[Ticker] EU court asks Jehovah’s Witnesses to protect personal data
Jehovah's Witnesses must respect EU laws on the protection of personal data when they gather information in their door-to-door preaching activities, the European Court of Justice ruled on Tuesday. Examining a case brought by the Finnish data protection authority, the judges ruled that the group was responsible for organising with the purpose of preaching, and therefore was "a controller" for the processing of data. Read and decide Support quality EU news Get instant access to all articles — and 18 year's of archives. 30 days free trial. … [Read more...] about [Ticker] EU court asks Jehovah’s Witnesses to protect personal data
Facebook and Google honour the letter, not spirit, of EU data rules
Most recently, Facebook and Google have exhibited just a superficial compliance with the EU's General Data Protection Regulation, which requires companies to allow users to keep control of their data. The government-funded Norwegian Consumer Council issued a report showing that the tech companies' rely on "dark patterns" to discourage users from exercising their privacy rights. The designation refers to interfaces intended to trick users into doing something, usually subscribing to a service they don't want or giving up data. Facebook and Google have used this strategy for some time, even as they superficially adhered to the European rules known as GDPR. The report by Norway's agency for consumer protection details the tricks the companies use to create the illusion of compliance. The researchers found that Facebook and Google have default settings designed to extract a maximum of personal data from users. Their GDPR-related notifications are adorned with a big, convenient button … [Read more...] about Facebook and Google honour the letter, not spirit, of EU data rules