The inclusion in the General Data Protection Regulation (GDPR)¹ of “pseudonymisation” as a data protection measure is new, when compared to the existing European directive². Thus, in the GDPR the word (or the concept) “pseudonymisation” occurs somehow 15 times, while in the previous directive it did not appear once.
By implementation of the General Regulation (GDPR), personal data protection has aroused a great deal of interest, whether among privacy professionals, data protection officers or among individuals who are interested in gaining more information about the above mentioned topic.
ENISA has published a report that takes a wider look at data protection engineering with a view to support practitioners and organizations with practical implementation of technical aspects of data protection by design and by default.
To celebrate the Data Protection Day we publish an impressive speech by Prof. Niko Härting who has been consistently listed among the best lawyers in IT law in the Best Lawyers Ranking since 2014.
In its judgment No.1 As 238/2021 from 11.11.2021, the Czech Supreme Administrative Court dealt with a question whether or not liability for data breach is absolute under Czech law. Although the case was considered under the rules of old Directive 95/46/EC, the court held that these conclusions can also apply to the GDPR.