European Data Protection Board holds latest plenary session

Among other things, the EDPB adopted an Opinion on the notion of main establishment. During its latest plenary, the EDPB adopted an Opinion on the notion of main establishment and on the criteria for the application of the One-Stop-Shop mechanism, following a request under Article 64(2) GDPR by the French data protection authority. The Opinion…

Read More… from European Data Protection Board holds latest plenary session

CJEU considers when an administrative fine can be imposed under the GDPR

Cases C-683/21 | Nacionalinis visuomenes sveikatos centras and C-807/21 | Deutsche Wohnen, the Court of Justice has clarified when national supervisory authorities may impose an administrative fine on one or more controllers for an infringement of the GDPR. In particular, it ruled that the imposition of a fine requires wrongful conduct; that is, that the…

Read More… from CJEU considers when an administrative fine can be imposed under the GDPR

Political agreement reached on EU Cyber Resilience Act

The European Commission has welcomed the political agreement between the European Parliament and the Council on the Cyber Resilience Act, which was originally proposed by the Commission in September 2022. The Cyber Resilience Act (which is an EU Regulation) aims to improve the level of cybersecurity of digital products by introducing proportionate mandatory cybersecurity requirements…

Read More… from Political agreement reached on EU Cyber Resilience Act

Home Office issues response to Computer Misuse Act consultation

The Computer Misuse Act 1990 (CMA) is the main legislation that criminalises unauthorised access to computer systems and data, and the damaging or destroying of these. The intention behind the Act is protecting the integrity and security of computer systems and data through criminalising access to them which has not been authorised by the owner…

Read More… from Home Office issues response to Computer Misuse Act consultation