Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: Spanish Data Protection Agency

Posted in International/EU Privacy

Spanish DPA Publishes Guide for Satisfying PbD Obligation

On October 17, the Spanish data protection authority published the Guide to Privacy by Design. While Privacy by Design first became a legal requirement in the EU with implementation of the General Data Protection Regulation, it is a well-known concept among privacy professionals that dates back to the 1990s. PbD should be construed as “the need to consider privacy and the principles of data protection from the inception of any type of processing.” It is a concept focused on risk management and accountability that aims to incorporate privacy protections throughout the life cycle of systems, services, products, and processes. It involves the application of measures for privacy protection among all business processes and practices associated to personal data.

Posted in International/EU Privacy

Complaints Filed with Spanish Data Protection Agency Rise by 12% in 2012

The Spanish Data Protection Agency has published its annual report for 2012. The report contains a detailed description of the activities undertaken by the Spanish DPA in 2012 together with its view of the latest trends and challenges related to data protection, including an increase in the number of complaints lodged with and monetary sanctions issued by the Agency.

Posted in Consumer Privacy, International/EU Privacy

Spanish Data Protection Agency Releases Guidance on Cookies Regulation

On April 26th, the Spanish Data Protection Agency (“SDPA”) issued its long-awaited guidance on the Spanish cookies regulation, which requires companies seeking to place cookies on users’ devices to obtain those users’ prior opt-in consent after providing them with clear and complete information about the use of cookies and the purposes for which data collected via cookies will be processed. The guidance, which the SDPA drafted in collaboration with industry, takes a business-oriented approach and provides companies with several alternatives for complying with the regulation’s notice and consent requirements.

Posted in International/EU Privacy

Spanish Supreme Court Annuls Limitation on Processing of Personal Data

Following the advice of the Court of Justice of the European Union in its November 2011 ruling, the Spanish Supreme Court struck down certain provisions of Spain’s data protection law that it said went beyond the requirements of the EU Data Protection Directive (95/46/EC), in a ruling made public February 13, 2012.

Posted in Consumer Privacy, International/EU Privacy

Social Network Impersonator Fined by Spanish Data Protection Authority In New Exercise of Regulatory Authority

On October 20th, the Spanish Data Protection Authority, the Agencia Espanola de Protecccion de Datos (AEPD), announced an unprecedented decision against an individual who impersonated someone on a social networking site and thus engaged in identity theft. The AEPD fined the individual who had created a profile in a sexually-oriented social network, and chose not to proceed against the online host of the offending content.