Trends from the 2020 Data Protection Commission Annual Report

The recent Annual Report 2020 from the Data Protection Commission (DPC) highlights a number of trends in data protection within an Irish context. We summarise the trends from the report below: Complaints In respect of complaints received, Access Requests continue to make up almost a third of all complaints received under the GDPR. Common issues […]
What changes to expect in the ePrivacy Regulation

On 10 February 2021, EU member states agreed on the final position for the highly anticipated ePrivacy Regulation. After three years of arduous negotiations, organisations can now plan with certainty how and when they will prepare to meet these new obligations. Upcoming ePrivacy Regulation The ePrivacy Regulation seeks to protect the confidentiality of electronic communications […]
WhatsApp: Why you must get your privacy notice right

Could a privacy notice cause a data-protection concern so massive to trigger the loss of millions of customers within a few weeks, draw the attention of governments and supervisory authorities across the world, and lead to major reputational damage? The answer is yes, and it recently happened to WhatsApp. This scenario highlights how data protection documentation is an essential part of the governance of personal data and the impacts […]
The Carrefour case study – Common errors in data protection and cookie compliance

CNIL has fined Carrefour France €2.25M for GDPR and e-Privacy violations and Carrefour Banque €800,000 for similar breaches. The fines included violations related to the placement of cookies on user’s devices as well as their processing of personal data contrary to the requirements of the GPDR. This article looks at the specific practices that were […]
Common challenges faced by organisations implementing compliant cookie processing

This piece analyses common challenges of compliant cookie processing and outlines how to guarantee the protection of ePrivacy.
Five things needed for compliant cookie processing

This article outlines five key issues and focus areas for compliant cookie processing to achieve transparency.
Data governance and data protection compliance within the social enterprise, charity and the third-sector

Social enterprises, charities and other third-sector organisations are doing important work safeguarding vulnerable individuals and providing essential services. However, they face unique challenges when it comes to data protection compliance. In fact, the person-centred approach of these organisations, though essential for providing services, means that data protection may not always be prioritised. How can we […]
Revised CNIL cookie guidance – moving towards harmonisation?

The article examines the revised cookie guidance by the French data protection authority, highlighting the potential for legal harmonisation.
Irish DPC updates cookie guidance on foot of cookie sweep report

The Irish Data Protection Commission (DPC) has issued a guidance note on cookies and other tracking technologies. This guidance accompanies the release of a report outlining the results of a cookie sweep conducted on 40 website operators. It is the most significant and detailed guidance that the DPC has issued to date on the processing […]
DPC draws line in the sand with cookie sweep report, six months given to comply

Following a sweep of 40 websites, the Irish Data Protection Commission (DPC) has published a report on the use of cookies and other tracking technologies. The sweep assessed the cookie and tracking practices of website operators against the relevant ePrivacy Regulation (S.I. 336/2011 in Ireland) and, where applicable, the consent standard as defined in the […]