Privacy & Data Protection

27 Sep 2022

Spanish Agency Confirms – GDPR Applies to All

In August, the Spanish Data Protection Agency (Agencia Española de Protección de Datos, hereinafter: “Agency“) fined an NN person the sum of EUR 1,500 for violating the norms stipulated by the GDPR (General Data Protection Regulation), through the illegal collection and processing of personal data using a video surveillance system. (In the Decision issued by the Agency, the names of the parties involved were not disclosed, so the following terms will be used in the rest of this text: Injured party – person 1, Tortfeasor- person 2) What happened? The proceedings in front of the Agency were initiated by Person […]

Details
28 Jul 2022

The Personal Data Protection Act Revisited

Although the Personal Data Protection Act (“Act“) has been in effect for four years, it seems that its provisions have not yet been fully implemented in practice, nor have all companies in Serbia fully adapted to them. Non-compliance with the obligations prescribed by the Act especially starts hurting when inspections are carried out by the Commissioner, and a new round is being announced. So, let’s take a moment to revise what companies should pay attention to when it comes to complying with the Act. Back to basics The general obligations of companies are contained in the principles of the Act. […]

Details
30 Sep 2021

Facebook’s Ray-Ban Stories cause privacy concerns in Europe

Facebook teamed up with Ray-Ban to create Ray-Ban Stories, new smart glasses.  The product, which will initially be only available in stores in Australia, Canada, Ireland, Italy, the UK and the US, is already facing severe scrutiny over privacy concerns.  So, how are different privacy watchdogs taking the development of these spectacles? Did Facebook take any steps to respond to privacy concerns? And finally, could the smart glasses come under the radar of privacy watchdogs in the Western Balkans?   What are Facebook’s Ray-Ban smart glasses? Smart glasses are not a new technological development.  The concept has been around for […]

Details
06 Sep 2021

Irish watchdog issues record fine in WhatsApp data protection ruling

The Irish Data Protection Commission (“DPC”) fined Facebook’s WhatsApp with EUR 225 million in its latest EU data protection ruling.  The fine is the second largest of its kind in the EU. So far, only Amazon paid more in a privacy case in the EU. The DPC said in its ruling on September 2 that WhatsApp’s policies were not in line with the EU’s General Data Protection Regulation (“GDPR”), noting it registered breaches of Article 5(1)(a) as well as Articles 12 through 14.  The breaches particularly include the provision of information and the transparency of that information to both users […]

Details
23 Aug 2021

Schrems, Facebook and Data Privacy

Why Schrems?  The EU’s trust in the processing of personal data seems to be shaken. With the famous case Maximillian Schrems v Facebook Ireland Limited pending before the Austrian Supreme Court (“Court“) for a while now, Maximillian Schrems requested the Court to refer four questions to the Court of Justice of the European Union (“CJEU“) concerning the lawful use of personal data of all Facebook users from the EU.   So, who is Maximilian Schrems? Maximillian Schrems is a law student from Austria and a personal data protection activist who has been extremely vocal about data protection before EU authorities. […]

Details
25 Jun 2021

Data protection and Big Tech: Is it just a bump in the road?

The topic of data protection and Big Tech keeps on giving.  It appears the subject of data protection simply does not want to leave the main stage and wishes to remain in everyone’s center of attention.  This should not come as a surprise, since the world is only starting to become more integrated in terms of digital services provided by Big Tech companies. The most recent “controversy” on data protection and Big Tech comes from Germany, or to be more precise, Hamburg’s Commissioner for Data Protection (“Commissioner”).  The Commissioner investigated Facebook’s use of personal data gathered from WhatsApp users and […]

Details
22 Jun 2018

GDPR in Serbia (and Other Non-EU Countries) – A Foreign Investors’ Perspective

General Data Protection Regulation (GDPR) is currently a global hot topic – and for a good reason. It practically revamps the legal framework concerning Data Protection rules, introduces a whole set of new obligations while imposing massive fines for non-compliance.  While the GDPR came into the force recently, it is no surprise that many are worried how it will affect their organizations as the legislation, under certain conditions, is to be applied worldwide —both inside and outside of the EU. Given that compliance with the GDPR will be no mean feat, requiring vast amount of time and resources, no matter how […]

Details