The new AI Act establishes an obligation for the deployers of certain high-risk AI systems to conduct a “fundamental rights impact assessment” (“FRIA”). This will have a high impact on insurance companies that use AI systems...more
The EU Artificial Intelligence Regulation will create a framework for the use of artificial intelligence systems. Discrimination and discriminatory bias will be prohibited and subject to fines. Other AI systems will be...more
A new EU General Court ruling has nuanced the threshold between pseudonymous and anonymous data. In particular, it clarifies that supervisory authorities need to carry out a “test” to assess whether data can be deemed...more
The Spanish Data Protection Authority has opened a public consultation process to obtain comments for an incoming decision establishing the rules for commercial communications via telephone. This decision will be binding upon...more
The Data Act Proposal aims to provide fairness to data access and proposes new rules on who can use and access data generated in the EU across all economic sectors. It creates the obligation for manufacturers and designers to...more
The EU has moved up a gear in recent times, and it is producing new legal tools for companies to maximize the possibilities to collect and make use of data (including personal data) in the context of its European Strategy for...more
The European Union has already enacted several Directives to allow (or mandate) the possibility for companies to access and re-use the data held by EU public administrations in the European Union. However, in many cases this...more
La Comisión Europea acaba de publicar un modelo tipo de contrato de encargo del tratamiento bajo el artículo 28 del Reglamento General de Protección de Datos ("RGPD"). ...more
Spain has just passed the law transposing Directive (EU) 2019/770 on certain aspects concerning contracts for the supply of digital content and digital services ("Directive 2019/770"). This Directive has updated and brought...more
5/12/2021
/ Data Protection ,
Digital Services ,
e-Books ,
EU ,
Medical Devices ,
Mobile Apps ,
Online Platforms ,
Personal Data ,
SaaS ,
Spain ,
Video Games
The Spanish Data Protection Agency (“Spanish DPA”) decided to start 2021 the same way it ended 2020: by imposing the highest fines to date (EUR 5,000,000 and 6,000,000) to two large Spanish financial entities. ...more
3/11/2021
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
Financial Institutions ,
Fines ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Personally Identifiable Information ,
Spain
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
11/22/2019
/ Burden of Proof ,
Class Action ,
Cybersecurity ,
Data Breach ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Commission ,
Evidence ,
Forum Shopping ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Litigation Strategies ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
Risk Management ,
Russia