Nyhetssamlare

Smittspridningen av covid-19 är mycket kraftig och väntas öka ytterligare. Därför föreslår Folkhälsomyndigheten prioriteringar när det gäller testning. Prioriteringarna är till för att minska belastningen på regionerna och föreslås vara tillfälliga.

Två begrepp som ofta förekommer i samband med dataskyddsförordningen är informationssäkerhet och it-säkerhet. Men, vad skiljer egentligen dessa två begrepp åt? IMY-bloggen ställde frågan till it- och informationssäkerhetsspecialist Magnus Bergström.

During its December plenary, the EDPB adopted the following documents:

• EDPB contribution to the evaluation of the Law Enforcement Directive
• EDPB response to MEP István Ujhelyi on the alleged use of the Pegasus spyware
• Guidelines on examples regarding data breach notifications (following public consultation)
• Opinion 39/2021 on whether Article 58(2)(g) GDPR could serve as a legal basis for a supervisory authority to order ex officio the erasure of personal data, in a situation where such request was not submitted by the data subject

Uppdatering 15 januari 15.10: SMHI har utfärdat en orange varning för vind i kombination med snöfall på kalfjället i södra Jämtlands, Norrbottens och Dalarnas läns fjälltrakter. SMHI avråder starkt från att ge sig ut på fjället under helgen.

Uppdatering 11/1 klockan 23.07: Meddelandet gäller inte längre. Faran är över.

För att minska smittspridningen av covid-19 och belastningen på sjukvården införs flera nya åtgärder från och med 12 januari.

Regeringen ger Folkhälsomyndigheten möjlighet att införa vaccinationsbevis från den 12 januari på serveringsställen och andra platser där risken för trängsel och smittspridning är särskilt stor. Om och när vaccinationsbevis införs beror på smittspridningens utveckling.

Från och med den 23 december gäller nya restriktioner och rekommendationer, meddelar Folkhälsomyndigheten. Bland annat rekommenderas alla som kan att arbeta hemifrån. Vid allmänna sammankomster och offentliga tillställningar inomhus med fler än 20 personer tillåts bara sittande gäster. Det påverkar till exempel nattklubbar, konserter och teatrar.

Folkhälsomyndigheten rekommenderar att barn inom särskilda grupper, som är extra känsliga för luftvägsinfektioner, vaccineras mot covid-19. Det gäller barn från 5 års ålder.

Tillsyn enligt kreditupplysningslagen. Beslut 2021-12-21.

The European Commission open a new call for proposals to promote and protect Union values under the Citizens, Equality, Rights and Values Programme (CERV).

The European Commission Coordinator on combating antisemitism and fostering Jewish life, Katharina von Schnurbein, took active part in various events and presented the newly adopted strategy tackling antisemitism in Europe and beyond as well as the steps forward for its implementation.

14 December 2021 - The General Affairs Council held a debate on combating antisemitism following the adoption by the Commission of the EU Strategy on combating antisemitism and fostering Jewish life and the recently released report on antisemitic incidents recorded in the European Union (2010-2020) by the EU Agency for Fundamental Rights.

The European Commission presented an initiative to extend the list of ‘EU crimes' to hate speech and hate crime, as announced by President von der Leyen in her 2020 State of the Union speech.

On the eve of Human Rights Day and coinciding with the Summit for Democracy, the EU launches the Global Europe Human Rights and Democracy programme, worth €1.5 billion.

14 - 15 December 2021 - The European Commission held its first Working Group on the implementation of the EU Strategy on combating antisemitism and fostering Jewish life with Member States and national Jewish communities representatives as well as experts and European and international Jewish organisations.

Den nya sårbarheten i Apache Log4J kan finnas i många olika system och produkter. Därför är det viktigt att du som har ansvar för IT-system med mailservrar och kontakt med internet snarast ser över IT-miljön och gör nödvändiga uppgraderingar.

The European Data Protection Board has adopted the following statement:

The deliberations of the EDPB often involve complex issues of principle and law. In seeking to ensure the consistent application of the GDPR, the process leading to consensus or majority positions on matters before the EDPB involves accounting for sometimes divergent views and analysis, as well as national case law and procedures. Within the framework provided by the GDPR, the Members of the Board work together in a respectful manner to reconcile and reach common meaningful decisions. That the starting point is not a unified view is not a failure of data protection authorities or a lack of integrity on the part of any of the authorities that hold one position or another – it is simply the GDPR working as intended. In this regard, although not binding in themselves, Guidelines and Recommendations of the EDPB reflect the common position and understanding which the authorities agree to apply in a consistent way. The EDPB Members, in their contributions to the work of the EDPB, act in compliance with the duty of sincere cooperation in the interest of the effective functioning of the EDPB.

Folkhälsomyndigheten föreslår att regeringen inför krav på covidbevis vid inresa till Sverige även från de nordiska länderna. Tidigare gällde kravet länder utanför Norden.

The EDPB and the individual Supervisory Authorities (SAs) contributed to the evaluation and review of the Data Protection Law Enforcement Directive (LED), carried out by the European Commission in accordance with Art. 62 LED. The LED aims to provide a harmonised level of data protection for individuals in the area of law enforcement across the EU.

The past four years have been characterised primarily by the national processes to transpose the Directive. Because of its recent implementation, there is limited experience and empirical data on some parts of the LED. Therefore, the EDPB is of the opinion that it is too early to draw conclusions on the effectiveness of the LED or to consider its revision.
The EDPB strongly urges those Member States still in the phase of the implementation to invest all means possible to ensure that the transposition is fully compliant with the LED without any further delays.

In its contribution, the EDPB reaffirms its commitment to continue providing guidance on the interpretation of the LED. In addition, the EDPB remains committed to providing independent assessments of future draft adequacy decisions, elaborated by the European Commission, with regard to the requirements of LED, especially enforceable rights, effective redress and safeguards concerning onward transfers.

The EDPB stresses that the effective implementation of the tasks under the LED requires the availability of the necessary resources, both human and technical, and calls on the Member States to ensure that the resources of SAs increase in proportion to their workload.

As part of the implementation of the EDPB 2021-2023 strategy and following the establishment of a Support Pool of Experts (SPE), the EDPB has now agreed on the SPE’s project plan. The SPE aims to provide material support to EDPB Members in the form of expertise that is useful for investigations and enforcement activities and to enhance cooperation and solidarity between EDPB Members by sharing, reinforcing and complementing strengths, and addressing operational needs.

The EDPB adopted a reply to MEP Ujhelyi on hacking spyware Pegasus. In its reply, the EDPB highlights that the Board and its Members pay, and will continue to pay, particular attention to the current developments related to the interferences with the fundamental rights to privacy and data protection through surveillance measures. The EDPB adds that protection of journalists and their sources is a cornerstone of the freedom of the press. The EDPB is competent in the matter of the alleged use of the Pegasus software mainly if and as far as it is deployed for purposes under the GDPR and the LED. The EDPB, however, notes that according to the applicable Union law, it does not have the same competences, tasks and powers as national SAs, and that concerning the particular case at stake, the Hungarian National Authority for Data Protection and Freedom of Information has competency to carry out the investigation procedure regarding the alleged use of spyware by Hungarian authorities. The EDPB remains ready to support all members of the EDPB in such matters.
Following public consultation, the EDPB adopted a final version of the Guidelines on examples regarding data breach notifications. These guidelines complement the Article 29 Working Party guidance on data breach notification by introducing more practice orientated guidance and recommendations. They aim to help data controllers in deciding how to handle data breaches and what factors to consider during risk assessment. Following public consultation, the Guidelines were updated to reflect comments received.

Note to editors:
All documents adopted during the EDPB Plenary are subject to the necessary legal, linguistic and formatting checks and will be made available on the EDPB website once these have been completed.