The Swedish DPA, Datainspektionen, uses its rights to issue fine for breaches of GDPR. A high school in Skellefteå has tried using a camera with facial recognition to register student’s presence in class.Biometric data, that are used for facial recognition, are considered as special categories of personal...
Following an extensive investigation, The Information Commissioner's Office (ICO) in the UK intends to fine Marriott International €110 290 061 for infringements of the General Data Protection Regulation (GDPR).The proposed fine relates to a cyber incident which was notified to the ICO by Marriott in November 2018. A variety of...
Our CEO Karl-Oskar Brännström got an invitation to Scandinavia´s no1 privacy podcast, Dataministeriet.A conversation with LL.M Anders Bäckström och Filip Johnssén.Unfortunately only available in Swedishhttps://poddtoppen.se/podcast/1458808673/dataministeriet/s01e08-ostrukturerat-material-pusha-in-skit-gast-karl-oskar-brannstrom ...
GDPR requires all organisations within its scope to give data subjects the right to review the personal data being held on them. Individuals can make this request by submitting a DSAR (data subject access request), which organisations must respond to by providing: Confirmation that the individual’s data is being processed. Access to their personal data. The purpose for processing the data...
The Swedish DPA, Datainspektionen, recently released a report, The National integrity report, describing the state of privacy amongst citizens and organizations in Sweden.The report is based on interviews with 1687 DPOs and 1003 citizens responding.The conclusions are interesting, showing that 75% of swedes are concerned about how...
Following an inspection by the Danish Data Protection Agency in October 2018, the taxi company, Taxa 4x35, have been reported by the Danish Data Protection Agency to the police and the Agency has recommend a fine of 160 000€ for violation of the GDPR. In most jurisdictions, the Data Protection Authority can...
The Municpality of Bergen has been fined 170 000€ by the Norwegian DPA, Datatilsynet.The breach came to the DPAs attention by the report of one of the students of the public school, administrated by the Municpality of Bergen, who found a file with login credentials for 35 000 students...
We often get asked what the long-term value of a comprehensive personal data inventory is, and we have previously answered it in our blog.https://aigine.se/en/do-you-have-to-make-a-data-inventory-under-gdpr/gdpr/However, seeing is believing, so we also want to show both the direct, and the more distant, benefits of being in...
The Legal, Financial and Administrative Services Agency of Sweden has conducted an in-depth legal study of the current situation with Swedish and European law with regards to current US legislation.The question they sought to answer was whether a Swedish authority legally can use cloud-based software services such...
On Monday, news outlet Computer Sweden broke the news that millions of calls to a national Swedish health care adviser were openly available on the internet.In short, they were recording calls for years, put them on a NAS and connected it to the internet, unencrypted, with no password protection....