Az elmúlt héten az adatvédelmi kérdések iránt érdeklődök csak kapkodták a fejüket. Kezdve azzal, hogy a brit adatvédelmi hatóság (ICO) belengetett néhány komoly adatvédelmi bírságot a GDPR alapján, tárgyalást tartott az Európai Bíróság (ECJ) az EU-n kívüli adattovábbításokat érintően, majd az…

There are several legal aspects related to the use of drones, including a number of data protection issues. Although no comprehensive legislation has been enacted so far in Hungary, the Hungarian Data Protection Authority (Hungarian DPA) has, similarly to other data protection authorities,…

Online services became part of our everyday life. The provision of online services, in almost all cases, goes hand in hand with data processing. On the one hand, we provide our data intentionally to the service providers when we decide to use services online but in other cases, data are collected…

Surveys show that very few people choose passwords that are strong enough, and many prefer to use the same password on multiple, or even all, online platforms. Similarly to PIN codes, where 1-2-3-4 and other easily solvable combinations are the most popular ones, we are not careful enough about…

GDPR requires supervisory authories to establish and make public their lists of the kind of processing operations which are subject to the requirement for a data protection impact assessment (DPIA). 22 supervisory authorities submitted their draft lists to the European Data Protection Board (EDPB)…

The General Data Protection Regulation (GDPR) is applicable from May 25, 2018 and, for this purpose, many data controllers must perform a data protection impact assessment (DPIA).  The obligation to perform a data protection impact assessment connects closely to the principles of data protection…

Data protection rules such as the EU's new General Data Protection Regulation (GDPR) apply to personal data. But what does personal data mean? According to the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable…

Many data controllers consider consent as the primary or preferred legal basis for data processing. Although in many cases it would be justified to use another legal basis instead of the consent, data controllers often obtain consents from the data subjects. Not only data controllers have this…

The General Data Protection Regulation (GDPR or Regulation) is applicable from May 25, 2018 and, for this purpose, many data controllers must perform a data protection impact assessment (DPIA). Last week, I summarised the basic rules of DPIAs and collected those cases when DPIAs need to be…

The General Data Protection Regulation (GDPR or Regulation) is applicable from May 25, 2018 and, for this purpose, many data controllers must perform a data protection impact assessment. The data protection impact assessment has been applied in some Member States of the European Union (e.g. UK,…