La CNIL a publié un document analysant les impacts du GDPR sur Distributed Ledger Technology (blockchain). (link)

Nouvel article 261-1 du code du travail:  http://paperjam.lu/news/des-changements-dans-la-surveillance-au-travail

Loi du 1er août 2018 portant organisation de la Commission nationale pour la protection des données et mise en oeuvre du règlement (UE) : http://legilux.public.lu/eli/etat/leg/loi/2018/08/01/a686/jo

We would like to inform you on judgment C-73/16 of the Court of justice of the European Union dated 27 September 2017 and pertaining notably to tax collection, tax fraud, the protection of fundamental rights and freedoms, as well as the legitimacy of a processing carried on by authorities in the public interest.

(see: http://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:62016CJ0073&qid=1506511807587&from=EN)

The judgment can be briefly summarised as follows: believing himself to be a victim of an infringement of his rights relating to personality by the inclusion of his name on a contested list, Mr Pu?kár applied to the Supreme Court of the Slovak Republic by an action followed by an appeal, to order the Finance Directorate, all tax offices under its control and the Financial Administration Criminal Office not to include his name on the contested list or any other similar list and to delete any reference to him from those lists and from the finance authority’s IT system. According to Mr Pu?kár, the Finance Directorate and the Financial Administration Criminal Office have drawn up and are using a contested list of natural persons, which the public authorities refer to by the expression ‘biele kone’ (‘white horses’). That expression is used for persons acting as ‘fronts’ in company director roles.

The Court in particular rules that article 7(e) of the Directive 95/46 must be interpreted as not precluding the processing of personal data by the authorities of a Member State for the purpose of collecting tax and combating tax fraud such as that effected by drawing up of a list of persons such as that at issue in the main proceedings, without the consent of the data subjects, provided that, first, those authorities were invested by the national legislation with tasks carried out in the public interest within the meaning of that article, that the drawing-up of that list and the inclusion on it of the names of the data subjects in fact be adequate and necessary for the attainment of the objectives pursued and that there be sufficient indications to assume that the data subjects are rightly included in that list and, second, that all of the conditions for the lawfulness of that processing of personal data imposed by Directive 95/46 be satisfied.