News about GDPR and data2.eu
On this page we will inform you about news items that are related to the GDPR, and about our GDPR tool for creating a processing index that is needed to comply with the GDPR.
The French privacy authority Commission nationale de l'informatique et des libertés (CNIL) has fined Google EUR 100 million and Amazon 35 million for placing cookies without permission.
Last July the Privacy Shield agreement between the United States, Switzerland and the European Union has been rejected by the European Court of Justice. The highest court of the European Union in matters of Union law rejected it because of concerns about U.S. surveillance.
The number of privacy complaints submitted to the Authority for Personal Data (AP) continues to rise sharply. According to the AP, more than 15,000 people filed a complaint in the first half of 2019, compared to approximately 9,000 in the second half of 2018.
After the great hype and the tension surrounding the General Data Protection Regulation in spring 2018 and the relatively quiet summer that followed, our personal experience is that still many organizations haven't finished compliance with GDPR. The processing index, an internal documentation requirement, is usually not yet implemented.
The Dutch bank Theodoor Gilissen Bankiers has paid a fine of €48,000 to the Dutch Personal Data Authorities for non-compliance with the right to access one's own personal data.
The European Union has warned the United States that it still has three months to comply with the Privacy Shield Agreement. The agreement that came into force in July 2016 regulates the transfer and storage of consumer data between Europe and the USA.
From 1 January 2019 the Dutch tax authorities must stop using the Citizen Service Number (BSN) in the VAT number of self-employed persons with a sole proprietorship. The Dutch Data Protection Authority has reported that the Tax and Customs Administration has no legal basis to use the citizen service number in the VAT identification number.
A Dutch Consumers' Association concludes that a large majority of 150 well-known websites in the Netherlands are in breach of the new privacy act GDPR. The new European privacy act, which in the Netherlands is called the AVG (General Data Protection Regulation), contains specific requirements for websites regarding cookies.
Page 1 of 2