Tag Archives: Spain

Spanish DPA fines Facebook €1.2 million for data protection infringements

The Spanish Data Protection Authority (AEPD) has imposed a fine of €1.2 million against Facebook following its investigation into whether Facebook’s data processing activities were in accordance with the Spanish Data Protection Act (Law 15/1999) (the Act). In its decision, the AEPD concluded that Facebook had committed serious breaches of the Act, as discussed further … Continue Reading

First European Cookie Fine Issued By Spanish Data Protection Authority

The Spanish data protection authority, the AEPD, has issued the first European cookie fine for the violation of Article 22.2 of Spain’s Information Society Services and Electronic Communications Law 34/2002 (Spanish E-Commerce Act), as amended by Royal Decree Law 13/2012 which implements the e-Privacy Directive (Directive 2002/58). On 29 April 2013, the AEPD issued guidelines … Continue Reading

Spanish Court Ruling Validates Employee Monitoring

This post was written by Cynthia O’Donoghue. Spain’s constitutional court, the Tribunal Constitucional, made a landmark ruling in the case of Pérez González v. Alcaliber S.A. in early October, finding that companies are permitted to access and monitor employee communications via company IT resources, including emails and texts, as part of investigations into employee misconduct. … Continue Reading

Ibero-American Data Protection Network continues to promote data protection development in Latin America

The six executive committee members of the Ibero-American Data Protection Network (Network) attended the First Latin American Congress on Data Protection. The Network brings together 22 Data Protection Authorities (DPAs) from Spain, Portugal, Mexico, and a number of countries in Central and South America and the Caribbean. During the 10 years of its existence, the … Continue Reading

Spanish Constitutional Court sides with employer on inspection of an employee’s derogatory communications

The Spanish Constitutional Court has dismissed a case brought by an employee whose online communications were inspected by his employer. The opinion in the case of Ruiz Medina v. Global Sales Solutions Line (published 22 January 2013) was a noted change in the Constitutional Court’s line of judgments, which usually supports employee rights. In 2004, … Continue Reading

ECJ to weigh in on Spanish contest with Google over the application of data protection laws

As Google continues its legal battle with the Spanish Data Protection Authority (DPA), the Spanish High Court (Audiencia Nacional) has referred several questions to the European Court of Justice (ECJ). The questions cover whether individuals have the right to demand the removal and blocking of information contained within Internet search results, even though that information … Continue Reading

Spanish Data Protection Authority’s New Outsourcing Model Clauses for Service Providers Subcontracting Outside the EEA

In December 2012, the Spanish Data Protection Authority (SPDA) published a new set of Model Clauses prepared purely for use by service providers that subcontract to companies located in countries outside the EEA. These new Model Clauses (based on the 2010 controller-to-processor clauses) will allow for an international transfer of personal data between a data … Continue Reading

Does Google Remember Too Much? Spain’s National Court Tests the “Right to be Forgotten”

In the midst of discussions on Google’s revised privacy policy and its compliance with EU legislation, Spain’s highest court, the Audiencia Nacional de España, has referred a case up to the European Court of Justice (ECJ) to decide on whether Spanish citizens can lawfully demand that Google delete information about them from its search engine, … Continue Reading
LexBlog