How compliant is your cookie banner? An important German case provides more clarity!
Have you ever heard about dark patterns and deceptive designs in the context of a cookie banner and compliance with the e-Privacy directive? No? Then, this court case might be a good opportunity to learn about it. The Landgericht Rostock ruled on 15 September 2020 that cookie banners / pop-ups designed in a misleading way are against the law. I will comment this ruling in this article.
Out of Control: a deep dive into the digital advertising and data sharing practices
In this article, we discuss the out-of-control report issued by the Norwegian Consumer Council, alleging serious breaches of the GDPR by the digital advertising industry through dating platforms, such as Grindr. Then we get into more details about data-driven business models and debate around data protection principles and guarantees to protect consumers' privacy.
Revision of the Swiss Data Protection Act: Conference for HCPs
The revision of the Swiss Federal Data Protection Act (DPA) aims at strengthening the rights of the data subjects, in this case patients, and to align with European data privacy standards. At this conference, I will have the pleasure to present the ongoing revision of the Swiss DPA and its consequences for doctors providing healthcare as private practice. We will assess to what extent the revision of the DPA fulfils this objective of aligning to the GDPR. I will then conclude with situations, practical cases, advice and recommendations. This article reminds the latest fines imposed by data protection authorities in the EU in the healthcare sector.
Google fined €50M by the CNIL under the GDPR
This 21 January 2019, the French data protection supervisory authority (Commission Nationale de l’Informatique et des Libertés or the “CNIL“) fined Google LLC 50 million Euros for breach of the General Data Protection Regulation (the “GDPR“). This article reminds the background, summarizes the case and a few thoughts.
GDPR: Portuguese hospital fined €400k for bad access controls to patient data | ICT
The Portuguese data protection supervisory authority issued a €400k fine against a hospital for three infringements of the GDPR. This article is the opportunity to analyse a few cases since 25 May 2018 and where we stand in Switzerland.