Dashcams have become increasingly popular in recent years and a built-in dashcam is now the most sought-after feature among car buyers. Buyers' primary motivation is self-explanatory: recorded footage can be used as evidence in case of an accident. However, whether dashcams are incompatible with privacy and data protection law and thus illegal on Austrian roads is a tricky question.
Members of Parliament recently filed an application to amend the Data Protection Act 2018 in order to clarify certain aspects which have led to confusion over the past couple of months. In addition to several provisions relating to competence, the proposed act, among other things, contains a rephrased version of the fundamental right to data protection, introduces the mandatory appointment of data protection officers and suggests enabling the matching of images with explicit consent.
Approximately one year before the General Data Protection Regulation will come fully into force, the Austrian legislature has officially started a six-week consultation process for the national Data Protection Amendment Act 2018. If and to what extent the legislature will make use of the competencies provided for by the 'opening clauses' in the General Data Protection Regulation is highly relevant to companies, and the amendment act has answered this question.
It is common knowledge that the European Court of Justice (ECJ) has found the EU Data Retention Directive to be invalid. However, the spotlight should be on the ECJ's considerations on data security, as these may have an impact beyond the case that triggered the ruling, potentially influencing the privacy aspects of international data transfers as they are known today.
The European Court of Justice (ECJ) recently declared the EU Data Retention Directive, which has been the subject of much debate, invalid. The ECJ held that the directive interferes with the fundamental rights to respect for private life and the protection of personal data. If this decision reflects the ECJ's general stance on the matter, it will have an impact that goes far beyond telecommunications data retention considerations.
The European Commission recently published a new regulation on the measures applicable to the notification of personal data breaches under the EU Directive on Privacy and Electronic Communications. When the regulation enters into force, national rules that are in contradiction to European law must cease to apply. This raises some substantial questions with regard to the application of the Austrian Telecommunications Act.