fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " DPA "

Bulgarian DPA introduces 10-step action plan for GDPR implementation

In the light of the upcoming EU General Data Protection Regulation (the “GDPR”) implementation in May 2018, the Bulgarian Personal Data Protection Commission introduced an action plan during the 15 November 2017 regular session of the Commission.

Source: Bulgarian Personal Data Protection Authority introduces 10-step action plan for GDPR implementation – Lexology

CNIL serves notice to cease serious breach of privacy of connected toys

The robot «I-QUE» and the doll «My Friend Cayla» are so called “connected toys”. They answer children’s questions on various subjects such as mathematical calculations or concerning the weather. The toys are equipped with a microphone and speaker and are associated to a mobile application downloadable on smartphones or tablets.

Source: Connected toys: CNIL publicly serves formal notice to cease serious breach of privacy because of a lack of security

EDPS wants centralised regulator with muscle to police firms

EU lawmakers should create a new, centralised data protection authority to oversee investigations of privacy breaches that affect more than member state in the bloc, Giovanni Buttarelli, the EU’s top privacy watchdog, said in an interview.

Source: Top EU privacy watchdog wants centralised regulator with muscle to police firms – EURACTIV.com

What’s wrong with WP29 guidelines on personal breach notification under GDPR?

Article 29 Working Party has published guidance on GDPR breach notification requirements to supervisory authorities and data subjects. It builds on WP29’s 2014 ePrivacy Directive breach notification guidance, applicable essentially to telcos (WP213). In practice it may lead to a flood of “just in case” notifications to regulators.

Source: What’s wrong with WP29 guidelines on personal breach notification under GDPR?

Irish DPA issues a statement on Art 29 Working Party letter to WhatsApp

The Data Protection Commissioner (DPC) notes the publication of the Article 29 Working Party’s most recent letter to WhatsApp on its Terms of Service and Privacy Policy, that were updated by WhatsApp in August 2016. The DPC welcomes the letter’s useful analysis of the substantive data protection issues that were raised by the Privacy Policy.

Source: 31-10-2017 Commissioners statement on Art 29 Working Party letter to WhatsApp. – Data Protection Commissioner – Ireland

ICO warns data broking industry after issuing £80,000 fine to unlawful data supplier

A firm trading in people’s personal information and describing itself as ‘the UK’s Premier Lead Generation Provider’ has been fined £80,000 by the Information Commissioner’s Office (ICO).

Source: ICO warns data broking industry after issuing £80,000 fine to unlawful data supplier | ICO

Israeli DPA guidelines on workplace surveillance

On Oct. 17, Israel’s data protection authority, which recently changed its name to the Privacy Protection Authority (formerly the ILITA), published guidelines on the use of surveillance cameras in the workplace and in the framework of an employment relationship. The new guidelines constitute supplementary materials to previous guidelines on the more general issue of privacy consideration in the use of surveillance cameras.

Source: Israeli DPA guidelines on workplace surveillance

Most organisations are unclear about data storage and transfer arrangements

Most privacy notices displayed on websites and mobile apps do not explain to consumers the country in which collected personal data is stored, according to a study carried out by data protection authorities based around the world.

Source: Most organisations are unclear about data storage and transfer arrangements, say privacy watchdogs

>