Tag Archives for " data subject rights "

Irish DPA recived 1,300 GDPR queries

More than 1,300 “concerns or complaints” have been made to the Data Protection Commission since the General Data Protection (GDPR) became law last month, while firms have logged 60 breaches of people’s personal data with the watchdog.

Source: Data watchdog deals with 1,300 GDPR queries | Irish Examiner

‘My Data Request’ lists guides to get data about you

My Data Request lists dozens of tech companies and tells you how you can contact them. The website also links to the privacy policy of each service and tells you what to do even if you don’t live in the EU.

For most companies (including Amazon), you’ll have to email them yourself. My Data Request has created handy email templates.

Source: ‘My Data Request’ lists guides to get data about you | TechCrunch

Privacy: A Quick Overview for App Designers

Privacy by design and by default is something that all developers will have learn. Here are some basic points app designers should know and take into consideration:

  • Privacy isn’t scary: it’s an opportunity to earn people’s trust.
  • This is about how we handle personal data.
  • Some data are sensitive, and we need explicit consent before collecting them.
  • System permissions for apps are not the same as explicit consent.
  • Everyone is entitled to certain privacy rights: to be informed (Notice), to see the data we collect (Access), to take their data elsewhere (Portability), and to have their data corrected or deleted (Right to Be Forgotten).
  • Here are some design patterns we can use to respect people’s privacy in our mobile apps.

Source: Privacy: A Quick Overview for App Designers – Prototypr

A Right to Be Forgotten in Canada?

Should Canada adopt its own version of the “right to be forgotten”? The Office of the Privacy Commissioner of Canada (OPC) recently concluded, in a Draft Position Paper, that such a right actually exists already.

According to the OPC, Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) gives individuals legal power to make search engines like Google de-list search results about them, and to make individual websites take down information.

Source: A Right to Be Forgotten in Canada? | Center for Internet and Society

Open-source GDPR framework seeks to tackle DSARs

Customer data platform mParticle has been working with engagement platform Braze, and analytics platforms Amplitude and AppsFlyer to create the framework, laying out three goals for the project:

  1. offer a JavaScript Object Notation specification — a format for structuring data — to allow controllers and processors to manage data subject access requests in an efficient manner;
  2. provide cryptographic verification of request receipts in order to demonstrate accountability to regulators; and
  3. create a callback mechanism to give controllers the ability to track the statuses of the requests.

Source: Open-source GDPR framework seeks to tackle DSARs

Trends in Privacy Law Compensation

There is a strong need for in-house mid-to-senior level corporate privacy protection counsel.

Our data trends indicate that compensation packages have increased significantly over the past few years. Base salaries are up, sign on bonuses have become more common, and equity packages are more aggressive.

Source: Trends in Privacy Law Compensation – Executive Search | Executive Recruiter | Compliance Jobs | JW Michaels

Competition Is at the Heart of Facebook’s Privacy Problem

Opinion: Until consumers can easily control their data, competitors to Facebook won’t thrive.

Consumers are trusting companies with vast amounts of intimate data and receiving very little assurance that it will be properly handled and secured. In turn, our data are used to power the connected services we use, and depending on the platform or app, are sold to advertisers. Sometimes, as in the case of Facebook, we receive services for free in exchange for our data.

Source: Competition Is at the Heart of Facebook’s Privacy Problem | WIRED

How to request your personal data under GDPR

A subject access request will require any company to turn over data it has collected on you, and it’s pretty simple to do.

  • Individuals can get access to all of their data from a given firm, including their employer, by filing a subject access request.
  • The GDPR will eliminate the cost for subject access requests and shorten the required response time one month.

Source: How to request your personal data under GDPR – TechRepublic

What’s new in WP29’s final guidelines on transparency?

The Article 29 Data Protection Working Party has published its “last revised” guidelines on transparency under the General Data Protection Regulation.

When the WP29 released its proposed guidelines last December offering “practical guidance and interpretive assistance” regarding transparency obligations, IAPP analyzed the key issues. In addition to a brief summary of the transparency requirements, IAPP’s analysis of the proposed guidelines focused on the meaning of phrases such as “concise, transparent, intelligible and easily accessible” and “in writing or by other means,” as well as what information should be provided and when and how to provide this information to data subjects.

Source: What’s new in WP29’s final guidelines on transparency?

1 2 3 4