Author

Magdalena Kogut-Czarkowska

Browsing

The so-called Omnibus Directive 2019/2161[1] is part of the European Union’s ‘New Deal for Consumers’ initiative aimed at amending four legal acts, namely Council Directive 93/13/EEC (unfair contract terms), Directive 98/6/EC (price indications), Directive 2005/29/EC (unfair commercial practices) and Directive 2011/83/EU (consumer rights – “Consumer Rights Directive”) in order to improve and modernise consumer protection legislation and to strengthen their enforceability. The EU Member States must transpose the Omnibus Directive into national law by November…

It has been two years since the GDPR came into force on 25 May 2018 and during that time, we have seen more guidance published at an EU level as well as from data protection authorities in Member States which has impacted how organisations approach areas of GDPR compliance. We have also seen enforcement action from data protection authorities across the EU and UK. There have also been other significant developments, over the past two…

With a changing digital landscape and emerging data driven technologies, the rules of the Directive on Privacy and Electronic Communications (Directive 2002/58/EC) are in need of updating. The proposed E-Privacy Regulation was intended to address new legal challenges and complement the General Data Protection Regulation (GDPR) in relation to privacy in electronic communications. The first draft of the E-Privacy Regulation was presented in January 2017, with the aim that it would be passed quickly and would apply from May…

On 4 May 2019, further amendments to the rules on processing personal data will come into force. They concern over 150 legal statutes and refer to both the private and public sector. Below we present the most important changes in the legal statutes that will be significant for the majority of companies:Labour CodeThe Act on Electronic Provision of Services (AEPS),Telecommunications LawPersonal Data Protection ActAmong other significant changed laws there are the Banking Law (e.g. with…

Polish DPA imposes EUR 220,000 fine for breach of Art. 14 GDPROn 26 March 2019, the Polish data protection authority (DPA) announced that it has imposed its first financial penalty amounting to EUR 220,000 (approx. PLN 943,000) on a data controller in Poland for failing to comply with the provisions of the GDPR. The controller is a company that aggregates personal data from publicly available registers, such as the Central Register and Information on Economic…