France: CNIL suggests improvements for proposed law on global security and drone use

Share

The French data protection authority (‘CNIL’) announced that it had given its opinion on the draft law on global security.
In particular, CNIL pointed out that, in its current state, the law does not provide for a system that would safeguard privacy and personal data adequately. More precisely, CNIL emphasized that the proposed legislation includes different provisions relating to the protection of personal data, in particular the amendment of the relevant legal basis to be used in the regulation of video and drone technology.

https://www.cnil.fr/fr/la-cnil-rend-son-avis-sur-la-proposition-de-loi-securite-globale

EDPB: Recommendations 01/2021 on the adequacy referential under the Law Enforcement Directive

Share

Where the working document WP254.rev01 on adequacy referential aims to provide guidance to the European Commission on the level of data protection in third countries and international organisations under the GDPR, the present document aims to provide similar guidance under the LED. It establishes in this context the core data protection principles that have to be present in a third country or an international organisation legal framework to ensure essential equivalence with the EU framework within the scope of the LED (i.e. for processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties). In addition, it may guide third countries and international organisations interested in obtaining adequacy. 

https://edpb.europa.eu/sites/edpb/files/files/file1/recommendations012021onart.36led.pdf_en.pdf

Denmark: Datatilsynet issues guide on setting fines for breaches of data protection legislation

Share

With respect to how fines are assessed, the guide aims to encourage greater accountability. In addition, the Guide defines the standard monetary sums for six separate types of infringements, stating that they can be modified, taking into account the type, gravity and length of the violation, according to the particular circumstances of the event.

https://www.datatilsynet.dk/Media/1/9/B%C3%B8devejledning.pdf

International: CoE issues guidelines on facial recognition

Share

The guidelines seek to provide a collection of steps to allow the security of human rights and personal data for governments, developers of facial recognition, manufacturers, service providers, and organisations using facial recognition technologies.

https://rm.coe.int/guidelines-on-facial-recognition/1680a134f3

Spain: Decree amending NIS implementation law published in Official Gazette

Share

In relation to the strategic and operational structure for the protection of networks and information systems, the decree seeks to establish the NIS Implementation Law in accordance with the security responsibilities of operators of critical services (‘OESs’) and digital service providers (‘DSPs’), in addition to handling security incidents.

https://www.boe.es/diario_boe/txt.php?id=BOE-A-2021-1192

Belgium: DPA publishes recommendations for data cleansing and record destruction

Share

The Belgian Data Protection Authority (‘the Belgian DPA’) released recommendations for data controllers on data cleansing and the destruction of records.

The guidelines are intended, in particular, to help data controllers avoid unauthorized access to personal data stored in such records and to ensure the privacy of personal data belonging to Belgian citizens.

https://www.autoriteprotectiondonnees.be/publications/recommandation-n-03-2020-du-11-decembre-2020.pdf

EU: ENISA publishes report on CSIRT cooperation in fighting cybercrime

Share

The European Union Agency for Cybersecurity (‘ENISA’) published a report and training manual on the cooperation of Computer Security Incident Response Teams (‘CSIRTs’), law enforcement agencies (‘LEAs’), and the judiciary in the context of combatting cybercrime.

You can read the press release here: enisa.europa.eu/…/training-together-to-fight-cybercrime-improving-cooperationdownload the report here: enisa.europa.eu/…n/at_download/fullReport and access the training here: enisa.europa.eu/…terial/legal-cooperation