The New Deal for Consumers – the GDPR of Consumer Protection?
November 26, 2019

On 8 November 2019, the European Parliament and the Council adopted a directive on the better enforcement and modernisation of EU consumer protection rules. The directive is a part of the so-called ‘New Deal for Consumers’ legislative package proposed by the European Commission in spring 2018. The directive, which the Member States will have 24 […]

The Financial Supervisory Authority in Finland (the “FIN-FSA”) found the provision of insurance against administrative fines prohibited well in time before the issuance of any significant fines. The underlying basis of the prohibition was the premise that it would be contrary to good insurance practice and generally accepted social values to provide insurance against a […]

In principle, the General Data Protection Regulation prohibits the processing of special categories of personal data, such as health data. In the current data economy, this prohibition has created a conflict between individual rights, such as privacy, and the imperatives of economic growth. Ahead of Finland’s Presidency of the Council of the European Union starting […]

Interfaces Between the Clinical Trials Regulation and the GDPR: Comments on the EC’s New Guidance
April 15, 2019

The European Commission has recently issued (on 10 April 2019) a Question & Answer document on the interplay between the General Data Protection Regulation 2016/679 (the “GDPR”) and Clinical Trials Regulation 536/2014 (the “CTR”), which is expected to enter into force in 2020 (subject to development of a fully functional EU clinical trials portal and […]

Data Protection Impact Assessments – National Requirements in Finland and Sweden
February 26, 2019

When the processing of personal data is likely to result in a high risk to the rights and freedoms of natural persons, the General Data Protection Regulation (“GDPR”) requires that a Data Protection Impact Assessment (“DPIA”) be conducted. Furthermore, the GDPR provides national data protection authorities with the competence to decide, within the scope of […]

EU:n tietosuoja-asetukseen liittyvät oikeudenkäynnit ja riidat
January 7, 2019

Euroopan unionin yleisen tietosuoja-asetuksen (EU) 2016/679 valmistelun ja voimaantulon yhteydessä suurimman mediahuomion ja yleisen mielenkiinnon kohteena ovat olleet hallinnolliset sakot, jotka ovat tuoneet asetukselle laaja-alaista huomiota. Hallinnollisten sakkojen voimakas korostaminen on osin saattanut antaa harhaanjohtavan kuvan ”sanktiokentästä”, sillä sakot ovat vain yksi useista mahdollisista seuraamuksista, joita tietosuojasääntelyn, muun lainsäädännön (kuten rikoslainsäädännön) tai sopimusten vastaisesta toiminnasta […]

Summer Reading: Accelerating Data Regulation
July 5, 2018

The post-GDPR era offers us a chance for reflection. Where do we stand in the on-going processes of data legislation in the EU and, more importantly, what is the big picture? While data protection and privacy have been the trending topics of spring 2018, it must be borne in mind that the GDPR is but […]

On 25 May 2018, the long wait was over and the EU General Data Protection Regulation (GDPR) finally entered into full force and effect and became applicable in all EU Member States. During the preceding two-year transition period, companies worked hard to prepare themselves for and to ensure compliance with the new requirements under the […]

As we already prefigured in our earlier blog post, the Article 29 Working Party (the “WP29”) has adopted drafts for guidance regarding requirements for transparency and consents under EU’s General Data Protection Regulation (the “GDPR”). Transparency Transparency is one of the key principles of the processing of personal data under the GDPR. Furthermore, under the […]