On August 14, 2017, the Colombian Superintendence of Industry and Commerce (“SIC”) announced that it was adding the United States to its list of nations that provide an adequate level of protection for the transfer of personal information, according to a report from Bloomberg BNA.
Civil libertarians tell Ars they’re worried about “mass surveillance expansion.”
As reported in BNA Privacy & Security Law Report , on August 9, 2017, the Russian privacy regulator, Roskomnadzor, expanded its list of nations that provide sufficient privacy protections to allow transfers of personal data from Russia.
Rackspace is the latest firm to offer new cybersecurity tools ahead of the GDPR implementation.
A decision of the Italian privacy authority on the illegal collection of data on criminal convictions of employees raised the issue on a practice that is quite common. We are running a number of privacy audit on companies that need to get compliant with the General Data Protection Regulation and we can verify that the practice of collecting a police clearance report (in Italian the “casellario giudiziale “) of employees is quite common, regardless of the role to be taken by such employees, just because this is a standard practice adopted with anyone hired by the company and in absence of a regulatory obligation.
Hunton Privacy Team Publishes Several Chapters in International Comparative Legal Guide to Data Protection
Recently, the fourth edition of the book, The International Comparative Legal Guide to: Data Protection 2017, was published by the Global Legal Group. Hunton & Williams’ Global Privacy and Cybersecurity lawyers prepared several chapters in the guide, including the opening chapter on “All Change for Data Protection: The European Data Protection Regulation,” co-authored by London partner Bridget Treacy and associate Anita Bapat.
Amid the noise about the introduction of data privacy reforms under Europe’s General Data Protection Regulation, the GDPR, less attention has been paid to the Network and Information Systems Directive . The NIS Directive calls on EU member states to introduce cyber-security requirements for “Operators of Essential Services” (OESs), with a less stringent set of obligations for certain groups of “Digital Services Providers” (DSPs).
On the 7 th August 2017, the UK’s Government Department for Digital, Culture, Media and Sport issued a Statement of Intent (the Statement ) outlining its planned reforms of the UK’s data protection laws which are to be implemented by the Data Protection Bill (the Bill ). The Statement anticipates the UK’s departure from the EU and makes it clear that following this, the Bill will transpose the General Data Protection Regulation (the GDPR ) into domestic law, stressing the importance of continued efficiency of data flow between the UK and the EU in a post-Brexit world.
Ireland’s Data Protection Commissioner published guidance on appropriate qualifications for a Data Protection Officers (DPOs) under General Data Protection Regulation (GDPR).