AstraIA Gear

Ad Astra Per Aspera 

GDPR

  • Meta challenged the EDPB’s opinion 

    On 12 August 2024, the action brought by Meta Ireland against the European Data Protection Board of 27 June 2024 was published. The company asks to annual ‘Opinion 08/2024 on Valid Consent in the Context of Consent or Pay Models Implemented by Large Online Platforms adopted under Article 64(2) GDPR’ and to be compensated for…

  • Meta brought action against EDPB (Case T-8/24)

    On 8 Jan 2024, Meta Ireland (Facebook) submitted the case against the European Data Protection Board (EDPB), regarding the latter’s Urgent Binding Decision 01/2023 at the request of the Norwegian supervisory authority (Datatilsynet) of 27 October 2023 in respect of processing personal data for behavioural advertising purposes by Meta. The platform brought the allegations of…

  • Database of personal information sold in enforcement proceedings 

    On 22 February 2024, the Court of Justice of the European Union released the Advocate General’s opinion on the sale of databases containing personal data within an enforcement proceedings which is considered to be lawful. According to his opinion, the GDPR governs the operations of the objectives that the court enforcement officer estimates the value…

  • EDPB: Clarification of “main establishment” definition 

    EDPB: Clarification of “main establishment” definition 

    On 14 Feb 2024, the Eu Data Protection Board published an “Opinion on the notion of main establishment on the criteria for the application of the One-Stop-Shop mechanism” under the framework of art. 64(2) GDPR, providing the EDPB’s position on the notion of “main establishment” and the circumstance where the One-Stop-Shop mechanism should apply. 

  • NOYB’s Annual Report 2022

    NOYB’s Annual Report 2022

    NOYB released its annual report of 2022, celebrating the most important winning decisions.

  • France: CNIL fined an online psychic service 

    French Data Protection Authority (CNIL) imposed a 150 000 euros penalty on KG COM for infringing the GDPR and French Data Protection Act (Loi Informatique et Libertés). This online psychic company failed to (i) minimise the personal data collected, used, (ii) have a legal basis for the use of banking information, (iii) obtain content prior…