Tag Archives for " EU "

Is your company part of the GDPR ‘mobile loophole’?

Europe is leading the way in privacy protection with General Data Protection Regulations (GDPR). But most companies are not focused on what it means for their mobile workers. Personal mobile devices, which often contain corporate data from being connected/synced to back office systems, and including data about individuals, are subject to the same regulations and restrictions of GDPR as larger systems (e.g., PCs and servers).

Source: Is your company part of the GDPR ‘mobile loophole’? | Computerworld

Will Bulgaria get ePrivacy done in time?

Earlier this month the current Bulgarian Presidency of the European Council sent out a progress report on the draft ePrivacy regulation, and the question on everyone’s lips was whether there would be a general approach before Bulgaria gives up the presidency at the end of June.

Read full article: Will Bulgaria get ePrivacy done in time? Doesn’t look good

MEPs to continue investigation of Facebook and Cambridge Analytica

MEPs will continue to assess the impact of the Facebook-Cambridge Analytica scandal on personal data protection at hearings on 25 June and 2 July with Facebook representatives.

The second and third hearings will focus on the consequences of the Facebook-Cambridge Analytica scandal, and possible solutions. The first hearing took place on 4 June and aimed to better map the case.

The hearings follow up on the 22 May meeting between the founder and CEO of Facebook, Mark Zuckerberg and EP President Antonio Tajani, political group leaders and the Chair and Rapporteur of the Civil Liberties, Justice and Home Affairs Committee.

Source: Facebook/Cambridge Analytica: MEPs continue the personal data breaches probe | News | European Parliament

EU court could settle ICANN data gathering dispute

The internet’s global domain name organisation, the Internet Corporation for Assigned Names and Numbers (ICANN), has appealed a recent ruling by a court in Germany on the amount of data that domain name registrars can be forced to gather on people operating websites.

“If the Higher Regional Court does not agree with ICANN or is not clear about the scope of the European Union’s General Data Protection Regulation (GDPR), ICANN is also asking the Higher Regional Court to refer the issues in ICANN’s appeal to the [CJEU],” ICANN said in a statement.

Source: EU court could settle ICANN data gathering dispute

GDPR implementation bills: The election problem

It is by now no secret that a lot of EU countries won’t have implementing acts ready in time for the introduction of the General Data Protection Regulation this week. While this is unlikely to be the end of the world for most companies — the GDPR doesn’t need to be transposed into member states’ national laws to apply — it does create a level of confusion where the new regulation clashes with still-active national implementations of the old EU Data Protection Directive.

Read full article: GDPR implementation bills: The election problem

UK Privacy Regulator Open to Self-Certification under GDPR

Organizations in Europe may eventually be able to self-certify that they are compliant with the EU’s General Data Protection Regulation, an official at the U.K.’s independent privacy watchdog said. But at the moment there is no such thing as GDPR certification; there is only compliance that you can work toward.

Source: GDPR: UK Privacy Regulator Open to Self-Certification

How to approach DPIAs under the GDPR

A DPIA consists of a procedure aimed at describing the treatment, assessing its necessity and proportionality, and facilitating the management of risks for the rights and freedoms of individuals deriving from the processing of their personal data (through the assessment of these risks and the definition of appropriate measures to address them).

It is important that the risks to the interested parties are identified (not just the data breach impacts, but also considering the intrinsic risks of the processing which, even if safe and with a low exposure to risks of violations, could violate the privacy of the data subject). Therefore it is convenient to extend the analysis to compliance risk and risks related to the organization, since the privacy risks towards the interested party usually have associated risks of compliance and towards the organization.

Read full article: How to approach DPIAs under the GDPR

Bulgarian Presidency Presents Progress Report and Points for Debate on ePrivacy

On January 10, 2017, the EU Commission adopted a proposal for a Regulation on Privacy and Electronic Communications. On June 8, 2018, the Council of the European Union’s Bulgarian Presidency presented a progress report on the draft ePR to the Transport, Telecommunications and Energy Council.

The Report reflects on the amendments presented in the May 2018 Examination of the Presidency text. The Report is split into two sections: Annex I, a progress report, and Annex II, questions for the policy debate.

Source: Bulgarian Presidency Presents Progress Report and Points for Debate on ePrivacy

1 2 3 77
>