fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " compliance "

GDPR Compliance: We’ve Only Just Begun

Complying with the GDPR is a marathon, not a sprint.

You’re an in-house lawyer for a company with significant European operations. For the past two years, you’ve been getting your company ready for the General Data Protection Regulation (GDPR), which goes into effect in the European Union less than two months from now.

Source: GDPR Compliance: We’ve Only Just Begun | Above the Law

CIPL and AvePoint Release Second Global GDPR Readiness Report

On March 26, 2018, the Centre for Information Policy Leadership at Hunton & Williams LLP and AvePoint released its second Global GDPR Readiness Report (the “Report”), detailing the results of a joint global survey launched in July 2017 concerning organizational preparedness for implementing the EU General Data Protection Regulation (“GDPR”).

The Report tracks the GDPR implementation efforts of over 235 multinational organizations, and builds on the findings of the first Global GDPR Readiness Report by providing insights on key changes in readiness levels from 2016 to 2017.

Source: CIPL and AvePoint Release Second Global GDPR Readiness Report

Facebook Previously Failed To Keep Privacy Promises

Noel King talks to Tim Wu, who was a senior advisor at the Federal Trade Commission in 2011, when the agency settled with Facebook for failing to protect user privacy.

Facebook says it is sorry. This past weekend, Facebook took out full-page ads in major newspapers apologizing for a, quote, “breach of trust.” The company placed the ads after news broke that a political data mining firm, Cambridge Analytica, reportedly used the data of 50 million Facebook users. One person who does not buy the apology is Tim Wu. He’s a former senior adviser at the Federal Trade Commission. And he was there in 2011, the last time that Facebook got in trouble for failing to keep its promises about privacy. Tim Wu is skeptical that the company will change its ways anytime soon.

Source: Facebook Previously Failed To Keep Privacy Promises, Ex-FTC Adviser Says : NPR

Gibraltar issues guidance on data portability under GDPR

The Gibraltar Regulatory Authority (‘GRA’) has published guidance on data portability under the General Data Protection Regulation (GDPR).

The aim of this guidance is to provide advice on the GDPR’s requirement relating to data portability and assist data controllers to clearly understand their respective obligations.

This guidance includes recommendations on good practice and tools that support compliance with the right to data portability. It also aims to clarify the meaning of data portability in order to enable data subjects to efficiently use their new right.

Source: Data Protection – GRA

Local councils call for government funding for GDPR compliance

National Association of Local Councils is concerned complying with GDPR puts financial strain on local authorities and calls on government to help with funding.

NALC chair Sue Baxter has written a letter to digital minister Matt Hancock, highlighting her concerns that complying with GDPR is creating a financial burden for local councils.

In London alone, councils have individually spent up to £300,000 on software, training and consultancy to prepare GDPR, according to a report by think tank Parliament Street.

Source: Local councils call for government funding for GDPR compliance

Five things US marketers should be doing to prepare for the GDPR

The European Union’s General Data Protection Regulation will affect many businesses located outside of Europe.

While the headlines have been dominated by the hefty fines for non-compliance, but there are positives, including getting to know the consumer data you have, ensuring you have permission, and vetting service providers.

If you’ve read the stream of articles about the General Data Protection Regulation (GDPR), then you’re probably familiar with the consensus that Europe’s new regulation will significantly impact businesses that handle consumer data.

Source: Five things US marketers should be doing to prepare for the GDPR | WARC

DPO-as-a-Service Options Pop Up as GDPR Deadline Looms

The 25 May deadline for compliance with the EU General Data Protection Regulation (GDPR) is looming large, and many businesses aren’t yet prepared, including for the requirement of implementing a data protection officer (DPO). However, as-a-service options could be a new cottage industry springing up to fill the need.

For public bodies and many private businesses, appointing a DPO is a mandatory requirement under the GDPR regardless of the size of the organization or the resources it has. DPO-as-a-service models can thus benefit smaller businesses that may balk at the need to recruit expensive, full-time, in-house compliance staff.

Source: DPO-as-a-Service Options Pop Up as GDPR Deadline Looms – Infosecurity Magazine

EU heads of state issue warning over Facebook data case

The 28 EU heads of state issued a warning shot on Thursday (22 March) over allegations that 50 million Facebook users’ data was harvested without their consent to influence political campaigns.

“Social networks and digital platforms need to guarantee transparent practices and full protection of citizens’ privacy and personal data,” read conclusions from the leaders’ discussion at a European Council summit in Brussels.

Source: EU heads of state issue warning over Facebook data case – EURACTIV.com

Forecasting Consent Threat Level in Europe

Consent for online data collection is a squirrelly topic in Europe right now. Leaving aside for the moment whether or not consent ‘aught’ to be required, and if so, how sensitive the data and its use might need to be to warrant this abrasive step, companies are trying to understand the baseline requirements so they can plan and build around them.

Unfortunately, not only are the rules a bit unclear, but close observers also expect the rules to change substantially over the next two years.

Source: Forecasting Consent Threat Level in Europe – The Lucid Privacy Group

>