DPOblog

  • Home
  • EDITORIAL
  • ARTICLE
  • AUTHORS
  • ABOUT
  • SEARCH

The “Whitelist” and its Value during a Data Protection Impact Assessment

by Iheanyi Samuel Nwankwo // Background The EU General Data Protection Regulation (GDPR) solidifies the risk-based approach in data protection through several references that tie the obligation of data controllers to the risk exposure associated with their data processing. This…

By Guest | October 25, 2019 | Article |
Read more

Planet 49 (ECJ): most consents for cookies invalid

The ECJ held a consent requires an opt-in of the user.1 A consent is only valid insofar the user consents in an active and unambiguous manner. It follows, cookies consent is invalid if a controller is using a pre-ticked checkbox.…

By Thomas Kahler | October 1, 2019 | Article |
Read more

The DPO and the messanger of bad news

The strong legal position of the DPO, which is provided by the GDPR, does not prevent the DPO1 in practice of the risk of either being sued or being fired by the controller. Role of DPO according to GDPR The…

By Thomas Kahler | September 21, 2019 | Article |
Read more

“Fashion ID”: ECJ opens door for class action against Facebook

The ECJ held a website embedding the “Like“ button is required to inform it users and to ask for their consent. Without user´s consent the transfer of personal data from the website (“Fashion ID“) to Facebook is not admissable.1 An…

By Thomas Kahler | August 10, 2019 | Article |
Read more

Struggling with users’ consent: Economic approach to solve the issue of coupling

by Dr. Alexander Golland // Although it has always been discussed in jurisprudential literature, the so-called “prohibition of coupling” – making the provision of a service conditional on the user’s consent – has been lurking in the shadows under the…

By Guest | July 28, 2019 | Article |
Read more

Liability of private parties for data protection breaches

by Tobias Jacquemain//The data protection law provides those affected a right to compensation. In practice, however, this right rarely applies. Criteria for assessing damages are problem areas that can reduce the existing sanction deficit in data protection. I. Regulatory mechanisms…

By Guest | June 27, 2019 | Article |
Read more

Data breach: 72 hours period extended on weekend

GDPR requires companies to notify data breaches to the supervisory authority „…without undue delay and, where feasible, not later than 72 hours…“1 Insofar the notice period of 72 hours would include weekends companies were required to organise an urgency duty…

By Thomas Kahler | May 31, 2019 | Article |
Read more

Enforcing the law in the digital era – a key task for Europe

by Prof. Winfried Bausback Increasingly, the forthcoming European Parliament elections in May are being described as a battle to decide Europe’s destiny. This is partly because Europe is often no longer regarded as a great achievement; instead, there are forces…

By Guest | April 13, 2019 | Editorial |
Read more

Consent to privacy policy – invalid

Many websites are asking their customers to consent to their privacy policy in the following way: “By using this website you are consenting to our privacy policy“. Usually without confirming the on a “ok-button“ the user may not be able…

By Thomas Kahler | March 30, 2019 | Article |
Read more

There Shall be Order! A Proposal for More Structured Normativity on the Internet

by Matthias C. Kettemann Can you recall a time before the Internet? When you read newspapers, called your friends on the landline and watched what the TV offered. Like everyone else? Things have changed considerably in this age of instant…

By Guest | March 17, 2019 | Article |
Read more
  • « Previous
  • Next »

about

DPOblog provides DPOs within the EU with information about the GDPR. DPOblog seeks to initiate a debate with all relevant stakeholders to reach a European understanding of the Right to Data Protection.

Contact

  • CONTACT
  • DATA PROTECTION
  • IMPRINT
  • Schrems II: approval of BCR invalid?

SEARCH

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Contact

  • CONTACT
  • DATA PROTECTION
  • IMPRINT
  • Schrems II: approval of BCR invalid?
Copyright ©2025 DPOblog | Theme by: Theme Horse | Powered by: WordPress