With the application of the GDPR the question how to qualify IT maintenance in terms of data protection arises. This aspect is of great relevance while any software contains personal data. E.g. Microsoft, Oracle and SAP process personal data of…
Google is tracking location of users without consent
Associated Press (AP) has reported that Google is tracking the location of Android-users without their consent.[1] Adroid provided an option to activate the location setting to its users. Although users did not activate the location setting Google tracked the location…
‘Data processing on behalf’ within a group
Any exchange of data requires a legal basis. This fundamental principle applies not only for the data transfer from one controller to a different external third party. This principle equally applies to data transfer from one legal entity to another…
Ban of Facebook Customs Audience – decision of German DPA upheld
The ban of a German Federal DPA (state of Bavaria) on an online shop for using Facebook Customs Audience has been upheld by the respective Administrative court. In an injunction the Administrative court stated that the decision of the Bavarian…
Fan pages jointly liable with Facebook – landmark of ECJ
The ECJ decided that the administrator of a fan page on Facebook is responsible for the respective data processing.[1] The administrator is ´joint controller’ together with Facebook. That means administrators cannot close its eyes whether Facebook is infringing GDPR. In…
Accountability – the gravity centre of GDPR
Accountability may be compared with removing the centre of the universe from earth to sun by the Copernican revolution. The gravity power of Accountability – as new gravity centre of GDPR – derives by shifting the burden of proof to…
Turning point
Dear Data Protection Community, With 25th of May 2018 we are reaching a turning point in data protection. The EU sets a worldwide standard which will generate a broad effect on the global economy. This standard applies to all companies…