Author

Julia Kaufmann

Browsing

The so-called Omnibus Directive 2019/2161[1] is part of the European Union’s ‘New Deal for Consumers’ initiative aimed at amending four legal acts, namely Council Directive 93/13/EEC (unfair contract terms), Directive 98/6/EC (price indications), Directive 2005/29/EC (unfair commercial practices) and Directive 2011/83/EU (consumer rights – “Consumer Rights Directive”) in order to improve and modernise consumer protection legislation and to strengthen their enforceability. The EU Member States must transpose the Omnibus Directive into national law by November…

It has been two years since the GDPR came into force on 25 May 2018 and during that time, we have seen more guidance published at an EU level as well as from data protection authorities in Member States which has impacted how organisations approach areas of GDPR compliance. We have also seen enforcement action from data protection authorities across the EU and UK. There have also been other significant developments, over the past two…

On 4 May 2020 the European Data Protection Board (“EDPB”) adopted updated guidelines on consent under the GDPR (the “New Guidelines”). The New Guidelines supersede the guidelines on consent originally adopted by the EDPB’s predecessor, the Article 29 Working Party, on 10 April 2018 (the “2018 Guidelines”), and subsequently endorsed by the EDPB. The New Guidelines clarify the EDPB’s position on two specific issues: Cookie Walls – consent is not valid if access to a…

The European Data Protection Board (EDPB) has published its draft guidelines on processing personal data in the context of connected vehicles for public consultation. The Guidelines have a wide reach and will apply to more than just vehicle manufacturers. We have summarised the key points and recommendations from the EDPB in the Guidelines below. The public can provide comments to the EDPB until March 20th, 2020. Thereafter, the EDPB will finalize and adopt the Guidelines,…

In this episode of Connect On Tech, your host ​Brian Hengesbaugh is joined by Julia Kaufmann, a partner at Baker McKenzie in Munich. In this episode, you will learn about: The Planet49 case and the ruling of the Court of Justice of the European Union Broader implications this case has beyond sweepstakes operators, how it will impact all website operators, and the huge elements of change in regards to cookies and affirmative consent Open questions…

The German Data Protection Authority in the state of Baden-Württemberg (DPA) imposed the first fine under the GDPR in Germany. The fine of EUR 20,000 was imposed on a chat platform provider for storing its users’ passwords without encrypting them. The unencrypted storing of passwords was revealed by the provider itself in conjunction with submitting a breach notification to the DPA following a hacker attack.It began with a security breachThe chat platform provider “knuddels.de” was…

Under the European General Data Protection Regulation (GDPR), which will start to apply on 25 May 2018, many companies will be required to appoint a Data Protection Officer (DPO). Violating the requirements relating to the appointment of a DPO can be sanctioned with fines of up to EUR 10 million or up to 2 percent of the total worldwide annual turnover, whichever is higher. So, who do you appoint as your DPO? Companies may choose…