Data protection law is different than “privacy”. We, data protection lawyers, have been complacent recently and have failed to clarify this loud and clear for the general public. Perhaps happy to finally see this field of law taking the front stage of public debate through the GDPR, we have not stopped anyone from saying that […]
Posts by Dr. Gabriela Zanfir-Fortuna
As Europe is grappling with an exponential increase in COVID-19 cases, some European Data Protection Authorities issued public interest guidance on the limits of collecting, sharing and using personal data relating to health in these exceptional circumstances. Particular areas of concern are related to the breadth of measures that employers can legally take to monitor […]
Case C-136/17 GC et al v CNIL – right to be forgotten; lawful grounds for processing of sensitive data Link to judgment: http://curia.europa.eu/juris/document/document.jsf?text=&docid=218106&pageInd ex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=335023 Main issue: Four erasure requests not linked to each other and all having to do with de-linking news articles from Google search results pages, some of which contained sensitive data, were […]
The below piece was originally published on Medium. For a version with humorous images, head to the original post. A ‘notice and consent’ privacy law puts the entire burden of privacy protection on the person and then it doesn’t really give them any choice. The GDPR does the opposite of this. There is so much […]
By Gabriela Zanfir-Fortuna and Sasha Hondagneu-Messner The Future of Privacy Forum organized a panel at the 2019 Computers, Privacy and Data Protection Conference in Brussels to discuss the limits and benefits of the right to data portability as introduced by the GDPR. This panel was chaired by Thomas Zerdick (EDPS), moderated by Stacey Gray (FPF), and […]
The session that the Future of Privacy Forum organized for the IAPP Europe Congress in Brussels on November 28, Deciphering “legitimate interests”: actual enforcement cases and tested solutions, generated great interest among privacy professionals. We had a full house attending – more than 500 participants, according to the IAPP. The panel was based on a Report published earlier this year by the FPF and Nymity.
The European Commission published a Communication on “Artificial Intelligence for Europe” on April 24th 2018. It highlights the transformative nature of AI technology for the world and it calls for the EU to lead the way in the approach of developing AI on a fundamental rights framework. AI for good and for all is the motto the Commission proposes. The Communication could be summed up as announcing concrete funding for research projects, clear social goals and more thinking about everything else.
FPF and Nymity collaborated to compile a Report on actual cases from practice and relevant guidance from the Article 29 Working Party and individual Data Protection Authorities (DPAs) concerning the use of “legitimate interests” as a lawful ground for processing under EU data protection law. Our aim is to help organizations better understand how to use and apply legitimate interests as a lawful basis for processing, while at the same time contributing to enhanced personal data protection for individuals.
Computers Privacy and Data Protection conference (CPDP) kicks off this week in Brussels, and the theme this year is “The Internet of Bodies”. The conference will gather 400 speakers for 80 panels to set the stage for the privacy and data protection conversation in Europe for 2018. And this is such an important year for data protection – not only the General Data Protection Regulation becomes applicable in May, but also the text of the new ePrivacy Regulation will likely be finalized.
Details on the EU-US privacy engineering workshop were published in European Data Protection Supervisor’s latest newsletter. This workshop was organized by the Internet Privacy Engineering Network (IPEN), Future of Privacy Forum, KU Leuven and Carnegie Mellon University, on November 10, in Leuven.