Facial recognition is yet another exciting new technology that awaits its wider introduction in Europe. There are already various applications in the European Union, such as passport identification at airports, policing, and name tagging on social media platforms, such as Facebook. However, up until now, large scale deployment has not yet occurred. Why is that? And could it be related to the GDPR?
Previously, I wrote a blog post (see here) on data breaches and where to report them, focusing on the notion of ‘lead supervisory authority’. In this blog post, I focus on the contents of data breach notifications in relation to the GDPR. It is important to notice that notifications might be to either of two stakeholders: the supervisory authority and/or the data subjects concerned (the ‘victims’ of the data breach). Using GDPR compliance
A debate has been going on for quite some years now about the question whether dynamic IP addresses constitute personal data in the sense of European data protection legislation. An IP address is the logical address of a node on the internet (be it a computer, a network device or a mobile device). Given the limited number of available IP addresses available under the 'old' but still widely used IPv4 standard, often a single