IN THE SPOTLIGHT

The Romanian DPA fines controller for breaches of GDPR requirements related to GPS monitoring
On 23 March 2023, the Romanian DPA announced that it had fined a controller with: EUR 3,000 for failure (i) to comply with the principles of lawfulness, fairness and transparency, data minimizati…
![AdobeStock_235934934 [Converted]](https://privacyoutloud.ro/wp-content/uploads/2022/07/AdobeStock_235934934-Converted-320x240.jpg)
Two controllers in the medical field fined by the Romanian DPA for failure to ensure the security of processing
On 16 March 2023, the Romanian DPA announced two sanctions of EUR 1,000, respectively EUR 3,000, applied to controllers in the medical field for failure to ensure the security of processing. Both i…

The EDPB announces the launch of coordinated enforcement on the role of data protection officers
On 15 March 2023, the European Data Protection Board (EDPB) published news about its 2023 coordinated enforcement action regarding the designation and position of data protection officer. This is the …

The Advocate General delivers his Opinion in the CJEU case on Automated Decision Making
On 16 March 2023, the Advocate General Priit Pikamäe from the Court of Justice of the European Union (CJEU) has issued his Opinion in the case C-634/21 (OQ vs Land Hessen, with the participation of SC…

The Romanian DPA fines a political party EUR 10,000 for failure to ensure data minimization and accountability principles
On 15 March 2023, the Romanian DPA announced it sanctioned a political party with a fine of EUR 10,000 for non-compliance with the data protection principles related to data minimization and accountab…

Political party sanctioned with EUR 4,000 fine and corrective measures following a data breach caused by a phishing attack
On 15 March 2023, the Romanian DPA reported a EUR 4,000 fine imposed on a political party for failure to implement adequate technical and organizational measures to ensure a level of security appropri…