One takeaway on the fringe of #LaQuadratureduNet is how vitally important the purpose of processing is when assessing necessity & proportionality of a measure. See the different analysis for national security v. combating crime & safeguarding public security. #DataRetention 1/
Another takeaway is how important it is to literally dissect the facts of a processing - what data is processed, how & for what purpose (see the IP address analysis) to establish necessity. Reminds me of our work for the Necessity Toolkit at the EDPS, where this was emphasized 2/
See the final version of the Necessity Toolkit here: edps.europa.eu/sites/edp/file… but maybe also check out the first version, very dear to me 😊 edps.europa.eu/sites/edp/file… 3/END

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Gabriela Zanfir-Fortuna

Gabriela Zanfir-Fortuna Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @gabrielazanfir

16 Jul
The CJEU clearly upheld its string of serious data protection cases against gov access to personal data, starting with Digital Rights Ireland, then Schrems I, then Tele2Sverige, EU-Canada PNR Opinion. If you knew those decisions, the outcome of the PS assessment is no surprise.
The surprise was that the Court decided to go full strength on in this particular case, after the AG has given it a way out to postpone the assessment of the PS and focus on SCCs. Clearly, the Court saw an inextricable link between the two. The other option would have been...
to show the weaknesses of the Privacy Shield and give the Commission and the US government time to act/react, while sharpening Commission's attention to the rest of the world too, with Chinese-based apps taking more and more of the European market very recently.
Read 4 tweets
23 Jun
Worrying news from Brazil 🇧🇷 The Fake News bill being discussed by Congress imposes mandatory social media account ID registration (!) and seems to be aiming to strict data localization and data retention obligations. 1/5
#LGPD #GDPR #privacy
If you thought mandatory SIM card registration is bad, this is worse. All social media users would have to provide valid Brazilian ID or passports if they’re foreigners & a Brazilian phone number to be able to open a user account. 2/5
It also aims to impose data retention obligations for internet connection logs (!) for 1 year by ISPs and 6 months by online applications. Plans for EU Adequacy post-LGPD may be … problematic. See CJEU in Digital Rights Ireland curia.europa.eu/juris/document… 3/5
#dataretention #GDPR
Read 5 tweets
22 Jan
Andrea Jelinek, Chair of @EU_EDPB, said there are currently 70 cross-border cases w final decisions, proving that OSS works; ‘these are not spectacular cases in terms of fines’ though #CPDP2020 #OneStopShop #GDPR
Most of these +70 cases are related to the rights of the data subject (erasure & access), followwd by cases related to data breach notifications.
One of the main challenges for smooth functioning of OSS are differences in national peocedural laws. ‘Resolution of cross border cases is time & resource consuming & intensive’ #CPDP2020
Read 12 tweets
14 Oct 19
I still can't stop being amazed by the 1973 HEW Report, which recommended a US Federal Code for Fair Information Practice. Check this out - it recommended all those goodies that are currently a GDPR trademark, starting with having some sort of DPO in place 1/ :
Have data security measures in place and only share personal data with third parties after ensuring the third party has appropriate safeguards in place 2/
And it even recognized some sort of portability rights. Yes, #portability! 3/
Read 8 tweets
5 Oct 19
With my last drop of CJEU judgments brainpower for the week, here are some key points from the global takedown of #Facebook defamatory comments case published yesterday #Glawischnig Long thread alert! 1/x curia.europa.eu/juris/document…
Setting the scene: this is not a data protection or #privacy case. This is a case concerning deletion of information, but grounded on defamation. It is irrelevant for the case at hand that those comments contained personal data, even if they did. 2/
Fun fact: the #GDPR specifically excludes from its scope of application those situations which also fall under the scope of liability rules for intermediary service providers, Art 12 to 15 from eCommerce Directive, precisely what the CJEU was asked to interpret. 3/
Read 18 tweets
7 Jan 19
@winfriedveil @PrivacyMatters @WieseSvanberg @hartzog It is not me or you who ultimately say #EUDataP is about control or not. We are not talking about an intellectual construct here, but about a fundamental right distinct than privacy, protected at constitutional level in the European Union. A constitutional order which 1/14
@winfriedveil @PrivacyMatters @WieseSvanberg @hartzog is guaranteed by the Court of Justice of the EU, which beautifully laid out in several of its cases what this right is and is not. Look for example at para 48 in Nowak, where the Court explains that data protection principles are “reflected” 2/14
@winfriedveil @PrivacyMatters @WieseSvanberg @hartzog in accountability obligations of the controller & in the rights that are conferred to the person to know about the processing, see the data, to request correction and even to object. Speaking of the right to object, it’s one of clearest manifestations of control in #EUDataP 3/14
Read 14 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!