In this data privacy update, we explore recent developments in data protection across various countries.
The EU has introduced new cybersecurity legislation, while Belgium has dealt with numerous cases concerning the use of employee images and data. In Brazil, workplace privacy requirements are increasingly at odds with pay transparency mandates.
In Denmark, a register of employees terminated for gross misconduct has been deemed GDPR compliant. Meanwhile, German courts have sided with employees in cases involving disproportionate data subject access requests. Italy has made employee-friendly rulings, including a ban on facial recognition technology and a requirement for the swift deletion of employee metadata.
Kazakhstan has prohibited the collection of paper ID documents for onboarding, while Poland and Slovakia have imposed fines on employers for losing employee data. Turkey is moving to ban international data transfers based on consent, and Chile has introduced sweeping new data protection legislation. In a pro-employer move, Lithuania now permits the processing of criminal background data during onboarding under the principle of legitimate interests. Finally, the UK’s YMCA recently faced a breach involving sensitive personal data.