On 4 October 2024, the Court of Justice of the European Union (CJEU) published its long-awaited judgement in case C-621/22 (KNLTB), which clarifies that purely commercial interests may not be categorically excluded from...more
Once again, a Dutch district court has recalled a decision of the Dutch Data Protection Authority (Dutch DPA) for its too strict interpretation that purely commercial interests cannot be legitimate interests under Article...more
On 1 May 2024, the Dutch Data Protection Authority (DPA) issued guidelines on data scraping used by private organisations in relation to GDPR principles including ‘lawfulness’. The guidelines could affect the way GenAI...more
The European Commission (EC) has proactively reached out to the Dutch Data Protection Authority (DPA) to criticize its interpretation of legitimate interest under the GDPR. The criticism is in response to enforcement actions...more
The Dutch Supervisory Authority (Autoriteit Persoongsgevens or "AP") has published a privacy booklet that primarily aims to support Works Council in its role with regard to privacy under the GDPR. Whilst the booklet provides...more
The Dutch Data Protection Authority (DPA) issued a EUR 830,000 (approximately USD 937,000) fine against the Dutch Credit Registration Bureau (BKR) for violating data subject rights. The fine stems from BKR’s practice of...more
The Dutch Data Protection Authority (Dutch DPA) recently imposed a fine of EUR 525,000 on the Royal Dutch Tennis Association (KNLTB) for sharing the personal data of its members with two of its sponsors in June 2018 on the...more
The legal requirements for the use of cookies have been subject to discussion over the last few years, with little to no enforcement and guidance from European data protection authorities (DPAs). That has changed recently....more
12/18/2019
/ CNIL ,
Consent ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
Data Collection ,
Data Protection ,
Data Protection Authority ,
Data Use Policies ,
Electronic Communications ,
EU ,
Information Commissioner's Office (ICO) ,
Information Technology ,
Regulatory Requirements ,
UK
In the wake of a recent announcement by a major Dutch bank that it would start providing its customers with personalized advertisements based on their spending patterns, the Dutch Data Protection Authority (DPA) has sent a...more
7/11/2019
/ Advertising ,
Consumer Financial Products ,
Customer Privacy ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Protection ,
Data Protection Authority ,
Direct Marketing ,
EU ,
Financial Services Industry ,
Financial Transactions ,
General Data Protection Regulation (GDPR) ,
Marketing Perspectives ,
Netherlands ,
Personal Data ,
Regulatory Standards
On 7 March 2019, the Dutch Data Protection Authority published guidance (in Dutch) that it considers “cookie walls” to violate the GDPR. A cookie wall is a pop-up on a website that blocks a user from access to the website...more
3/13/2019
/ Cookies ,
Cybersecurity ,
Data Protection ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
Failure to Comply ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Netherlands ,
Personal Data ,
Personally Identifiable Information ,
Websites