Privacy News 02/04/2021

Apr 6, 2021

 European Union

European Commission and PIPC conclude adequacy finding for South Korea

The European Commissioner, Didier Reynders, and the Chairperson of the PIPC, Yoon Jong, announced, on 30 March 2021, in a joint statement (see below) that the organisations have concluded the adequacy decision findings.

The recent amendments to South Korea’s data protection law and the strengthening of the PIPC has enabled a high degree of convergence between the European Union and South Korea in the area of data protection.

The European Commission will now proceed with the procedure by concluding the adoption of the adequacy decision in the coming months.

You can read the press release here.


National Authorities

 BfDI issues 2020 activity report

The BfDI issued, on 25 March 2021, its annual report for 2020.

The report highlights that the BfDI received 7,878 complaints and inquiries in 2020. It also outlines that 10,024 data protection violations were reported to the BfDI in 2020, a large majority were from tax offices, job centres, and telecommunications companies.

In addition, the report addresses the measures that were adopted in relation to the COVID-19 pandemic, the impact of the Schrems II decision and the consequences of Brexit.

You can read the press release here, only available in German.



 Garante fines Rome Municipality €350,000 for inadequate protection of permit holders

The Garante announced, on 29 March 2021, that it had fined the Rome Municipality €350,000 for failing to take adequate technical and organisational measures in respect of the data of citizens that had been granted a permit to access the traffic-restricted areas of the city.

The investigation had shown that the permits displayed on the users’ cars had a QR code which allowed anyone to access the name of the user and the license plate of their vehicles but also information concerning other permit holders.