Turning Point in Data Protection Law: Two years GDPR on DPOblog.eu

RA Dr. Thomas Kahler FAIT-Recht

doi:10.5771/9783748921561

Summary

„Turning Point in Data Protection Law“ enthält Beiträge aus den ersten beiden Jahren der DS-GVO des DPOblog.eu. Die Themen erstrecken sich von den neuen Grundlagen der DS-GVO über die aktuellen Entscheidungen des EuGH bis zu den ersten Rechtsverfahren von Max Schrems.

Search publication

Bibliographic data

Edition: 1/2020
Copyright Year: 2020
ISBN-Print: 978-3-8487-6909-4
ISBN-Online: 978-3-7489-2156-1
Publisher: Nomos, Baden-Baden
Language: English
Pages: 194
Product Type: Edited Book

Titelei/Inhaltsverzeichnis No access Pages 1 - 10
Authors:
1. 25 April 2018 No access
  Authors:
Authors:
1. 25 April 2018 No access
  Authors:
Authors:
1. Authors:
  1. 1. A consent shall not be conditional No access
    Authors:
  2. 2. Consent shall be given in a separate way for any single purpose No access
    Authors:
  3. 3. Consent shall be given separately for any data processing operation No access
    Authors:
Authors:
1. Authors:
  1. 1. Facts and legal background No access
    Authors:
  2. 2. The statement of the German DPAs with pro and contra No access
    Authors:
Authors:
1. Authors:
  1. 1. Origin and transformation of Accountability No access
    Authors:
  2. 2. Accountability and liability No access
    Authors:
  3. 3. How to comply with Accountability? No access
    Authors:
Authors:
1. Authors:
  1. 1. Facts No access
    Authors:
  2. 2. The legal arguments of Max Schrems No access
    Authors:
  3. 3. Are Max Schrems arguments convincing? No access
    Authors:
  4. 4. Are Facebook and Google wilfully infringing GDPR? No access
    Authors:
  5. 5. What powers does GDPR provide to the DPAs? No access
    Authors:
  6. 6. How the DPA of Hamburg would decide the WhatsApp case No access
    Authors:
  7. 7. Conclusion No access
    Authors:
Authors:
1. Authors:
  1. 1. Facts and procedure No access
    Authors:
  2. 2. The decision of ECJ No access
    Authors:
  3. 3. Joint liability of fan pages with Facebook No access
    Authors:
  4. 4. Fan pages bearing risk to be fined No access
    Authors:
  5. 5. Conclusion No access
    Authors:
Authors:
1. Authors:
  1. 1. Facts and procedure No access
    Authors:
  2. Authors:
    1. a. Processing of personal data No access
      Authors:
    2. b. ‘Data processing on behalf’ or ‘transmission’? No access
      Authors:
    3. c. Legitimate interest as a legal basis for transmission? No access
      Authors:
2. Authors:
  1. 3. Will the final decision be valid under GDPR? No access
    Authors:
Authors:
1. Authors:
  1. 1. Requirements of ‘data processing on behalf’ No access
    Authors:
  2. 2. Parent company as ‘data processor’? No access
    Authors:
  3. 3. Exemption of GDPR-requirements for data exchange within a group? No access
    Authors:
  4. 4. Risk of breach No access
    Authors:
Authors:
1. Authors:
  1. Authors:
    1. a. Performance of a contract No access
      Authors:
    2. b. Legitimate interest No access
      Authors:
    3. c. Consent No access
      Authors:
    4. d. Intentional infringement by Google No access
      Authors:
  2. 2. What is the reaction of the data protection watchdog? No access
    Authors:
Authors:
1. Authors:
  1. 1. Statement of German DPAs No access
    Authors:
  2. 2. Consequences of the statement No access
    Authors:
  3. 3. Legal background No access
    Authors:
  4. 4. Legal opinion No access
    Authors:
  5. 5. Will the consistency mechanism apply? No access
    Authors:
Authors:
1. Authors:
  1. 1. Substance of the decision No access
    Authors:
  2. 2. Assessment No access
    Authors:
Authors:
1. Authors:
  1. 1. Legal background No access
    Authors:
  2. 2. Assessment No access
    Authors:
  3. 3. Conclusion No access
    Authors:
Authors:
1. Authors:
  1. 1. Notification of data breaches No access
    Authors:
  2. 2. Powers of the DPA No access
    Authors:
  3. 3. Appropriate technical and organisational measures No access
    Authors:
  4. 4. Criteria for the amount of fines No access
    Authors:
  5. 5. What about class action? No access
    Authors:
Authors:
1. Authors:
  1. 1. Facts No access
    Authors:
  2. Authors:
    1. a) Software maintenance as data processing No access
      Authors:
    2. b) Microsoft becomes controller No access
      Authors:
    3. c) No legal basis for data transfer to Microsoft No access
      Authors:
  3. 3. Dutch Government liable for 'data breach of Microsoft' No access
    Authors:
  4. 4. Conclusion No access
    Authors:
Authors:
1. Authors:
  1. 1. Introduction No access
    Authors:
  2. Authors:
    1. 2.1 Controller No access
      Authors:
    2. 2.2 Processor No access
      Authors:
  3. Authors:
    1. 3.1 Term No access
      Authors:
    2. 3.2 Intra-Group relationship No access
      Authors:
  4. Authors:
    1. 4.1 Formal requirements No access
      Authors:
    2. Authors:
      1. 4.2.1 Allocation of functions within the data processing No access
        Authors:
      2. 4.2.2 Regulation of data subjects’ rights No access
        Authors:
      3. 4.2.3 Regulation of other duties No access
        Authors:
    3. 4.3 Transparent communication of the substance of the agreement No access
      Authors:
  5. 5. Practical example for an intra-group joint controllership No access
    Authors:
  6. 6. Conclusion No access
    Authors:
Authors:
1. Authors:
  1. A faster, better and cheaper way of enforcing consumer rights No access
    Authors:
  2. How does the “one for all lawsuit” work? No access
    Authors:
  3. Specific details on the “one for all lawsuit”: No access
    Authors:
Authors:
1. Authors:
  1. 1. Landmark decision of the German Anti-trust Authority No access
    Authors:
  2. 2. The decision of Bundeskartellamt (German Anti-trust Authority) No access
    Authors:
  3. 3. Assessment No access
    Authors:
  4. 4. Conclusion No access
    Authors:
Authors:
1. Authors:
  1. Norms for the hardware No access
    Authors:
  2. The normative order of the internet and national legal orders No access
    Authors:
  3. There is order No access
    Authors:
Authors:
1. Authors:
  1. 1. No consent without choice No access
    Authors:
  2. 2. Consent shall be specific for different purposes No access
    Authors:
  3. 3. Assesment No access
    Authors:
Authors:
1. 13 April 2019 No access
  Authors:
Authors:
1. Authors:
  1. 1. Does national law or EU-law apply? No access
    Authors:
  2. 2. Regulation (EEC, EURATOM) No 1182/71 No access
    Authors:
  3. Authors:
    1. 3.1. Start and end of 72 hours period No access
      Authors:
    2. 3.2. Notice period on weekend No access
      Authors:
  4. 4. Assessment No access
    Authors:
Authors:
1. Authors:
  1. I. Regulatory mechanisms are only complementary No access
    Authors:
  2. Authors:
    1. Authors:
      1. a) Material damage No access
        Authors:
      2. Authors:
        aa) Missing assessment criteria in data protection law No access
        Authors:
        bb) Violation of data protection = unauthorised commercialisation of personal data? No access
        Authors:
        cc) Assessment criteria for violations of privacy resulting from data protection violations No access
        Authors:
  3. III. Conclusion No access
    Authors:
Authors:
1. Authors:
  1. 1. Legal basis for personalised advertising No access
    Authors:
  2. 2. The Concept of “Paid Alternative Access” No access
    Authors:
  3. 3. Pricing the “Paid Alternative Access” No access
    Authors:
  4. 4. Conclusion No access
    Authors:
Authors:
1. Authors:
  1. 1. Proceeding: joint controller and consent No access
    Authors:
  2. 2. Class action: new option for consumer agencies No access
    Authors:
  3. 3. Assessment No access
    Authors:
Authors:
1. Authors:
  1. 1. Role of DPO according to GDPR No access
    Authors:
  2. 2. Limits of DPOs independence No access
    Authors:
  3. 3. DPO at risk No access
    Authors:
  4. 4. How to empower the DPO No access
    Authors:
  5. 5. DPO as a messenger of bad news No access
    Authors:
Authors:
1. Authors:
  1. Authors:
    1. 1.1 'Clickbox No 1' No access
      Authors:
    2. 1.2 'Clickbox No 2' No access
      Authors:
  2. 2. Legal framework No access
    Authors:
  3. 3. The rationale of the ECJ No access
    Authors:
  4. 4. Assessment No access
    Authors:
Authors:
1. Authors:
  1. Background No access
    Authors:
  2. The Importance of the Whitelist No access
    Authors:
  3. Conclusion No access
    Authors:
Authors:
1. Authors:
  1. 1. Sensitivity of Japanese to the data protection No access
    Authors:
  2. Authors:
    1. Authors:
      1. 2.1.1 Three Acts on the Protection of Personal Information No access
        Authors:
      2. 2.1.2 Special data protection laws and guidelines No access
        Authors:
    2. 2.2 Data protection in local authorities No access
      Authors:
  3. Authors:
    1. 3.1 Basic principle of the APPI No access
      Authors:
    2. 3.2 OECD Privacy Guidelines No access
      Authors:
  4. 4. Resume No access
    Authors:
Authors:
1. Authors:
  1. Dresden Regional Court on Google Analytics No access
    Authors:
  2. 1. The facts of the case No access
    Authors:
  3. 2. The reasons No access
    Authors:
  4. Authors:
    1. 3.1 Data protection law does not end with the GDPR No access
      Authors:
    2. 3.2 “AnonymizeIp” is not all it’s cracked up to be No access
      Authors:
    3. 3.3 Indispensability of informed consent when using Google Analytics No access
      Authors:
    4. 3.4 Possible damages No access
      Authors:
  5. 4. Practical implications No access
    Authors:
Authors:
1. Authors:
  1. 1. Liability pursuant to European public liability law No access
    Authors:
2. a) Infringement of rights of individuals No access
  Authors:
3. b) The breach must be sufficiently serious No access
  Authors:
4. c) Direct causal link between the breach and the damage No access
  Authors:
5. d) Application of European public liability law No access
  Authors:
6. Authors:
  1. 2. Assessment No access
    Authors:
Authors:
1. Authors:
  1. 1. Internal Audit and DPO No access
    Authors:
  2. 2. Seperation of tasks between controller and DPO No access
    Authors:
  3. 3. Independent role of DPO and T-LoD No access
    Authors:
  4. 4. Internal Audit and the Accountability Principle No access
    Authors:
  5. 5. Assessment No access
    Authors:
Authors:
1. Authors:
  1. Double opt-in No access
    Authors:
  2. Facts of the case No access
    Authors:
  3. Legal framework No access
    Authors:
  4. Decision of the DPA No access
    Authors:
Authors:
1. Authors:
  1. 1. Does GDPR provide any adequate legal basis? No access
    Authors:
  2. 2. GDPR was not designed for a 'state of pandemic' No access
    Authors:
  3. 3. Law for the ‘state of pandemic' No access
    Authors:
  4. 4. Assessment No access
    Authors:
Authors:
1. Authors:
  1. The supervisory authorities on lawfulness of video surveillance No access
    Authors:
  2. ECJ ruling on private video surveillance No access
    Authors:
  3. Video surveillance to detect and prevent criminal offences No access
    Authors:
  4. Sensitive data and information obligations No access
    Authors:
  5. Impact on practice No access
    Authors:
Authors:
1. Authors:
  1. Risk Assessments under the GDPR No access
    Authors:
  2. The usage of location data No access
    Authors:
  3. Decentralized Privacy-Preserving Proximity Tracing No access
    Authors:
  4. Anonymization vs. pseudonymization No access
    Authors:
  5. Conclusio No access
    Authors:
Author directory No access Pages 187 - 194

Similar publications

from the topics "Europarecht & Internationales Recht & Rechtsvergleichung", "Datenschutzrecht & Informationsrecht & Digitalrecht", "Recht allgemein, Übergreifende Werke und Sammlungen"