Tag Archives for " data subject rights "

The majority of businesses are failing to comply with GDPR

Some 70% of businesses worldwide failed to address requests made from individuals seeking to obtain a copy of their personal data as required by GDPR (General Data Protection Regulation) within the one-month time limit set out in the regulations, reveals new research from Talend, a global leader in cloud data integration solutions.

Source: The majority of businesses are failing to comply with GDPR

How to comply with the right to erasure

Now that the General Data Protection Regulation has come into force, organizations need to be able to process requests to erase the personal data of individuals. To establish this capability, changes to a variety of policies and procedures across the organization need to be implemented.

For one, the systems, applications and databases need to be calibrated to allow the easy identification and deletion of data related to the requesting individual. Then, policies and procedures need to be in place for the data protection officer and other stakeholders to follow the full lifecycle of the data erasure request. Finally, the DPO should maintain oversight of the effectiveness of every step of the way to the deletion and communicate timely to the data subject.

Full article: How to comply with the right to erasure (if you haven’t already!)

What We Mean When We Say “Data Portability”

“Data portability” is a feature that lets a user take their data from a service and transfer or “port” it elsewhere. This often comes up in discussions about leaving a particular social media platform and taking your data with you to a rival service. But bringing data to a competing service is just one use for data portability; other, just-as-important goals include analyzing your data to better understand your relationship with a service, building something new out of your data, self-publishing what you learn, and generally achieving greater transparency.

Full article: What We Mean When We Say “Data Portability” | Electronic Frontier Foundation

Data portability: the hidden GDPR risk your business needs to cover

The right to data portability is one of the most fundamental, but also most contentious rights within the GDPR. Whilst we saw parallels between the Data Protection Act and GDPR, data portability was a brand new requirement for businesses.

Read article: Data portability: the hidden GDPR risk your business needs to cover

‘Right to be forgotten’ could threaten global free speech

The “right to be forgotten” online is in danger of being transformed into a tool of global censorship through a test case at the European court of justice (CJEU) this week, free speech organisations are warning.

An application by the French data regulator for greater powers to remove out of date or embarrassing content from internet domains around the world will enable authoritarian regimes to exert control over publicly available information, according to a British-led alliance of NGOs.

Source: ‘Right to be forgotten’ could threaten global free speech, say NGOs | Technology | The Guardian

Irish DPA investigates Facebook’s refusal of Subject Access Request

When Facebook refuses Subject Access Request from one of its users, the alarm bells start to ring. Particularly when this is a legal obligation under GDPR. Following a complaint made by a UK academic, the Irish Data Protection Commissioner is to investigate Facebook’s failure to comply.

Source: Facebook refuses Subject Access Request | The GDPR Guys

ICO publishes new guide for students to demand more information about their exam results

The United Kingdom’s Information Commissioner’s Office has published a new guide for students on demanding more information about their exam results. The new rights from GDPR enables students to ask what information is being held on them including exam marks, examiner’s comments and the minutes of any examination appeals panel.

Source: ICO publishes new guide for students to demand more information about their exam results

Woman sues US border patrol over data copied from seized iPhone

An American Muslim citizen is suing the US Customs and Border Protection (CBP) for seizing her iPhone at an airport, keeping it for 130 days, failing to explain why, and refusing to destroy whatever copies of her data that they might have grabbed, including photos of her when she wasn’t wearing a hijab, which she wears as an expression of her Islamic faith.

Source: Woman sues US border patrol over data copied from seized iPhone – Naked Security

GDPR prompts UK data protection complaints to double

The number of data protection complaints received by the UK’s data protection watchdog has doubled since the General Data Protection Regulation (GDPR) took effect.

The Information Commissioner’s Office (ICO) said that it received 4,214 data protection complaints in July, up from 3,098 in June, 2,310 in May and 2,165 in April, according to media reports. The GDPR took effect on 25 May this year.

Source: GDPR prompts UK data protection complaints to double

Finnish court issues precedent “right to be forgotten” decision for Google to remove data

The Supreme Administrative Court ruled that Google must remove a convicted man’s information from its search engine data, as requested, in respect of his privacy. The court ruled that even though the crime in question was extremely serious, the public’s right to information on the case did not outweigh the man’s right to privacy and personal data protection.

Source: Finnish court issues precedent “right to be forgotten” decision for Google to remove data | Yle Uutiset | yle.fi

1 2 3 6
>