All Questions
Tagged with united-kingdom european-union
110
questions
1
vote
0
answers
43
views
How specific does the information need to be relating to personal information transfer between data controllers?
When personal information is transferred between data controllers the GDPR imposses certain requirements. Among these are information that must be provided to the data subject. As I understand it ...
- 7,544
1
vote
1
answer
137
views
Can computer performance metrics be personal data?
ScorecardResearch is a major data collection organisation that serves code onto some major UK web sites. Their privacy policy mentions a lot of tracking, including "hardware or device ...
- 7,544
8
votes
2
answers
4k
views
Is it legal to discriminate on marital status for car insurance/pensions etc.?
In 2012 the European Court of Justice (ECJ) ruled that gender is no longer allowed to be a factor when premiums are calculated for "everything from pensions to car and life insurance".
I ...
- 7,544
0
votes
3
answers
139
views
Do the various anti-end to end encryption laws have provisions concerning third party clients?
There has been multiple attempts to criminalise end to end encryption (E2E). Currently in the news is the EU Chat Control 2.0 (though it seems it has now been withdrawn), the UK passed the Online ...
- 7,544
3
votes
0
answers
43
views
Does there exist an example of meaningful information about an automated individual decision-making algorithm?
The GDPR Article 14 includes provisions for the data subject to have meaningful information about an automated individual decision-making algorithm that which produces legal effects concerning him or ...
- 7,544
0
votes
0
answers
57
views
Does the GDPR right to deletion in Art. 17 effectively include some "disproportionate effort" exception?
Some provisions of the GDPR have explicit exceptions about "disproportionate effort". Particularly relevant is the one in Article 19:
The controller shall communicate any rectification or ...
- 7,544
1
vote
1
answer
85
views
What exactly is a decision wrt. GDPR Automated individual decision-making?
The GDPR Article 22 provides rights relating to automated individual decision-making, including profiling. It starts:
The data subject shall have the right not to be subject to a decision based ...
- 7,544
5
votes
2
answers
166
views
How do Wi-Fi Positioning Systems interact with the GDPR?
There is a paper (described in the news) that details how to use Apple's Wi-Fi Positioning System (WPS) facilitates mass surveillance, even of those not using Apple devices. The system is described ...
- 7,544
0
votes
2
answers
159
views
Double Jeopardy when received a police caution?
I was curious about the application of Double Jeopardy around the world, and in particular the European Union, in the following scenario.
Someone commits a crime in England, the police arrest them. ...
- 1,190
0
votes
0
answers
83
views
MLAT De Minimis period?
The UK Government website covers Mutual Legal Assistance Treaty (MLAT) requests that it receives from outside of the UK.
I was hoping someone could clarify the De Minimis part.
Question 1:
Focusing on ...
- 1,190
4
votes
1
answer
113
views
What happens when data that was not personal information become personal information?
Supposed there is some data that is not associated with an individual. This data is processed by a company and distributed on the web. At a later date this data becomes associated with an individual ...
- 7,544
0
votes
0
answers
36
views
Is a third party which solicits and accepts personal data from a customer on another’s behalf a processor or a controller?
Alice contracts with ACME insurance which sends her to their identity verification solution provider’s app/website (BCME KYC SOLUTIONS Inc). BCME’s portal asks Alice for photos of herself and other ...
1
vote
1
answer
75
views
Can either side of a GDPR SAR require the other to agree to ToS during the identification process?
I shall use a real situation that happened to me, but this is just to demonstrate my point. I am definitely not going to do anything about it. This is a purely theoretical question, I am not ...
- 7,544
0
votes
1
answer
97
views
Is "gossip surveillance" processing personal data under the GDPR?
The Guardian has an article on "gossip surveillance" where strangers report on social media private conversations they are not party to in the hope of exposing duplicity from the speakers in ...
- 7,544
2
votes
2
answers
176
views
Is it legal/appropriate to email a GDPR SAR to the executive team if that is the only email address the company provides?
This is prompted by this question but I am fairly sure I do not have the correct answer so I am making this one.
My personal answer to "How do I get my data from company X under GDPR" is to ...
- 7,544