A simple syllogism. Continue reading “The GDPR doesn’t work for Data Retention”
The EU Court of Justice: privacy and data protection are different rights. Data Protection Authorities are on notice
The press release 84/2017 issued by the EU Court of Justice on the EU-Canada PNR transfer contains ? an important (though unnoticed) statement:
… the transfer of PNR data from the EU to Canada, and the rules laid down in the envisaged agreement on the retention of data, its use and its possible subsequent transfer to Canadian, European or foreign public authorities entail an interference with the fundamental right to respect for private life (emphasis added). Similarly, the envisaged agreement entails an interference with the fundamental right to the protection of personal data (emphasis added).
A useful feature of the upcoming GDPR
The unified system of definitions set forth by the GDPR is its main strength because it prevents – at national level – the unauthorized modification of the EU provisions. Continue reading “A useful feature of the upcoming GDPR”
Enforcing the GDPR: Authority vs Legal Interpretation
In the last couple of days, commenting a Linkedin post about Article 29’s (the future European Data Protection Supervisor) opinions, I’ve been involved in an interesting thread that can be summarized as “Authority vs. Legal Interpretation”. Continue reading “Enforcing the GDPR: Authority vs Legal Interpretation”
The Italian Data Protection Authority to Challenge the European Court of Justice?
According the online newspaper Repubblica.it, the Italian Data Protection Authority (DPA) stated verbatim that the 72 ? months retention periodo imposed by the upcoming legislation is much too long.
By doing this, the DPA implied that the only problem with data-retention is its duration, and didn’t mention the main issue raised by the EUCJ decision: carpet data-retention is not possible under the EU legislation. Continue reading “The Italian Data Protection Authority to Challenge the European Court of Justice?”