1. Judgments in Case C-623/17, Privacy International, and in Joined Cases C-511/18, La Quadrature du Net and Others, C-512/18, French Data Network and Others, and C-520/18, Ordre des barreaux francophones et germanophone and Others (link).              
  2. Second-highest GDPR fine to date: €35.2M imposed on H&M by the Hamburg Commissioner (link).
  3. ICO reduces British Airways’ fine to £20m (link).
  4. Horizon 2020 Commission Expert Group’s report on the Ethics of connected and automated vehicles (CAVs) (link).
  5. Poverty Lawgorithms by Michele Gilman (link).
  6. The Spanish Data Protection Authority has published a guidance document on data protection by default (link).
  7. Proposal for a EU regulation on a temporary derogation from certain provisions of Directive 2002/58/EC of the European Parliament and of the Council as regards the use of technologies by number-independent interpersonal communications service providers for the processing of personal and other data for the purpose of combatting child sexual abuse online (link).
  8. The Data Protection Unit of the Council of Europe has prepared a report on Digital solutions to fight COVID-19 (link).
  9. The ICO has published an updated regulatory approach in response to the coronavirus pandemic (link).
  10. The Belgian Data Protection Authority has published guidance for local authorities when taking additional measures for processing of personal data (link).
  11. ICO fines Digital Growth Experts £60,000 for non-compliant marketing of hand sanitisers during the pandemic (link).
  12. The New Swiss Data Protection Act adopted and likely effective in 100 days (link).
  13. Law Society and Tech London Advocates' Blockchain: legal and regulatory guidance report (link).
  14. Digital finance: Emerging risks in crypto-assets – Regulatory and supervisory challenges in the area of financial services, institutions and markets from the European Parliamentary Research Service (link).
  15. Proposal for an EU regulation on Markets in Crypto-assets (link).
  16. European Parliament’s Civil Liberties Committee has questioned EU plans to establish a bloc-wide facial recognition database for use by police authorities (link).
  17. Amazon named as co-defendant in Capital One consumer data security breach litigation in Virginia.
  18. Blog: Elizabeth Denham on the conclusion of the ICO’s investigation into the use of personal data in political campaigning (link) and report to the Parliament (link).
  19. EU cloud regulation opens new front with US tech giants (link).
  20. First decision on NOYB’s complaints against streaming services such as Netflix and Amazon (link).
  21. The European Data Protection Board has issued guidelines 09/2020 on relevant and reasoned objection under GDPR (link).
  22. Letter from Deputy Assistant Secretary James Sullivan on the Schrems II Decision (link) and Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II (link).
  23. UK government on Using personal data in your business or other organisation after the transition period (link).
  24. The Belgian DPA’s decision not to investigate due to a lack of societal impact reversed (link).
  25. Oracle responds to a recent demand letter from Electronic Privacy Information Center about its acquisition of TikTok (link).
  26. The Finnish Data Protection Authority fined Acc Consulting Varsinais-Suomi €7,000 for failing to obtain direct marketing consent and complying with the rights of the data subject (link).
  27. The September 2020 edition of the Global Privacy Assembly’s Newsletter (link).
  28. The Romanian Data Protection Authority has issued their Annual Activity Report for 2019 (link).