Gecić|Law and the University of Belgrade’s Faculty of Law are proud to announce a cooperation agreement signed yesterday. The agreement defines collaboration on the recently established a Law and Technology Clinic. The pioneering educational initiative integrates cutting-edge technology with practical legal training. This partnership highlights our dedication to enhancing the educational landscape for law students through innovative approaches. The Law and Technology Clinic The clinic, initiated by Prof. Dr. Dušan V. Popović, a renowned professor in this emerging field, will be open to fourth-year undergraduate students. The Law and Technology Clinic offers a dynamic and interactive learning environment where students […]
Details
Introduction In the contemporary legal landscape, data privacy stands as a paramount concern, with the General Data Protection Regulation (GDPR) serving as the cornerstone legislation governing the processing of personal data within the European Union (EU) and beyond. Article 30 of the GDPR imposes a pivotal obligation on data controllers and processors to maintain a meticulous Record of Processing Activities (ROPA). This article endeavors to elucidate the intricacies surrounding Article 30, offering practical insights and dissecting the evolving practices of Data Privacy Authorities concerning ROPA compliance. Understanding Article 30 of GDPR GDPR Recital 82 states: “In order to demonstrate compliance […]
Details
I. Strengths of the GDPR The General Data Protection Regulation (“GDPR”), implemented in 2018, has played a vital role in safeguarding personal data in the era of information and communications technologies (“ICT”). As AI technologies continue to advance rapidly, questions arise regarding the effectiveness and adaptability of GDPR in addressing the evolving challenges of data protection. This article examines whether GDPR is ready for retirement or if it requires updates to address AI-related data protection concerns effectively. Namely, Artificial Intelligence (AI) is defined as a methodology used in machine learning to determine which one of several used models has the […]
Details
In August, the Spanish Data Protection Agency (Agencia Española de Protección de Datos, hereinafter: “Agency“) fined an NN person the sum of EUR 1,500 for violating the norms stipulated by the GDPR (General Data Protection Regulation), through the illegal collection and processing of personal data using a video surveillance system. (In the Decision issued by the Agency, the names of the parties involved were not disclosed, so the following terms will be used in the rest of this text: Injured party – person 1, Tortfeasor- person 2) What happened? The proceedings in front of the Agency were initiated by Person […]
Details
Although the Personal Data Protection Act (“Act“) has been in effect for four years, it seems that its provisions have not yet been fully implemented in practice, nor have all companies in Serbia fully adapted to them. Non-compliance with the obligations prescribed by the Act especially starts hurting when inspections are carried out by the Commissioner, and a new round is being announced. So, let’s take a moment to revise what companies should pay attention to when it comes to complying with the Act. Back to basics The general obligations of companies are contained in the principles of the Act. […]
Details
Facebook teamed up with Ray-Ban to create Ray-Ban Stories, new smart glasses. The product, which will initially be only available in stores in Australia, Canada, Ireland, Italy, the UK and the US, is already facing severe scrutiny over privacy concerns. So, how are different privacy watchdogs taking the development of these spectacles? Did Facebook take any steps to respond to privacy concerns? And finally, could the smart glasses come under the radar of privacy watchdogs in the Western Balkans? What are Facebook’s Ray-Ban smart glasses? Smart glasses are not a new technological development. The concept has been around for […]
Details
The Irish Data Protection Commission (“DPC”) fined Facebook’s WhatsApp with EUR 225 million in its latest EU data protection ruling. The fine is the second largest of its kind in the EU. So far, only Amazon paid more in a privacy case in the EU. The DPC said in its ruling on September 2 that WhatsApp’s policies were not in line with the EU’s General Data Protection Regulation (“GDPR”), noting it registered breaches of Article 5(1)(a) as well as Articles 12 through 14. The breaches particularly include the provision of information and the transparency of that information to both users […]
Details
Why Schrems? The EU’s trust in the processing of personal data seems to be shaken. With the famous case Maximillian Schrems v Facebook Ireland Limited pending before the Austrian Supreme Court (“Court“) for a while now, Maximillian Schrems requested the Court to refer four questions to the Court of Justice of the European Union (“CJEU“) concerning the lawful use of personal data of all Facebook users from the EU. So, who is Maximilian Schrems? Maximillian Schrems is a law student from Austria and a personal data protection activist who has been extremely vocal about data protection before EU authorities. […]
Details
The topic of data protection and Big Tech keeps on giving. It appears the subject of data protection simply does not want to leave the main stage and wishes to remain in everyone’s center of attention. This should not come as a surprise, since the world is only starting to become more integrated in terms of digital services provided by Big Tech companies. The most recent “controversy” on data protection and Big Tech comes from Germany, or to be more precise, Hamburg’s Commissioner for Data Protection (“Commissioner”). The Commissioner investigated Facebook’s use of personal data gathered from WhatsApp users and […]
Details
General Data Protection Regulation (GDPR) is currently a global hot topic – and for a good reason. It practically revamps the legal framework concerning Data Protection rules, introduces a whole set of new obligations while imposing massive fines for non-compliance. While the GDPR came into the force recently, it is no surprise that many are worried how it will affect their organizations as the legislation, under certain conditions, is to be applied worldwide —both inside and outside of the EU. Given that compliance with the GDPR will be no mean feat, requiring vast amount of time and resources, no matter how […]
Details