Updated guide for developers and 30 new cookie notices announced by CNIL
Grindr receives a lowered penalty for GDPR violations
Datatilsynet, the data protection authority (DPA) of Norway, issues its final decision penalizing the dating app Grindr with NOK 65 million for violation of the EU General Data Protection Regulation (GDPR). The penalty was reduced from the original NOK 106.4 million issued against the app last January. The penalty was reduced since Grindr provided more info to Datatilsynet, while the DPA was investigating the app for violations. The app still needs to delete personal data that was processed that violated the GDPR.
Source: IAPP, Datatilsynet, IAPP
Digital Services Act endorsed by committee in EU Parliament
The Internal Market and Consumer Protection Committee of the European Parliament voted 36-7 in favor of the Digital Services Act (DSA). Additional packages of amendments, that include provisions for further transparency on targeted advertising practices and restriction on alleged “dark patterns.” Regarding the DSA, the EU is “democratically reclaiming our online environment,” said Christel Schaldemose, Danish Member of Parliament, she also added the legislation is “bringing EU technology regulation into the 21st century.” In January 2022, the European Parliament Plenary will vote on the amendments, if approved the EP will start the consultations together with the Council of the European Union.
Source: IAPP, European Parliament
EDPB will deliberate Article 58 of the GDPR and more
Plans for its 58th plenary session were announced by the European Data Protection Board (EDPB). This will include talks on supervisory authorities that used the EU General Data Protection Regulation’s Article 58 “as a legal basis to order ex officio the erasure of unlawfully processed personal data.” Also part of the discussion is the guidelines on data breach notification and evaluation of the law enforcement orders on the use of personal data by the law enforcement authorities.