fbpx

Download free GDPR compliance checklist!

Tag Archives for " EU "

Microsoft promises to challenge all government requests for customer data

Microsoft has vowed to challenge all requests that any government or security agency makes to access its customers’ data, and will even compensate firms where it’s forced to legally grant access.

The firm will challenge every government request for public sector or enterprise customer data, from any government, where there’s a lawful basis for doing so. Where customer data is handed to authorities in violation of GDPR, Microsoft will provide financial compensation to affected customers, it has said.

Source: Microsoft promises to challenge all government requests for customer data | IT PRO

European Commission Publishes Draft ‘Article 28’ Standard Contractual Clauses

In addition to issuing new (draft) standard contractual clauses for transferring personal data outside of the EEA, on November 12, the European Commission published a draft decision on standard contractual clauses between controllers and processors for the matters referred to in Article 28 of GDPR.

Use of the Clauses is not compulsory, and controllers and processors may still choose to negotiate individual contracts to satisfy the requirements of Article 28 GDPR and allow a certain degree of flexibility.

The Clauses are currently open for public consultation until 10 December 2020.

Source: European Commission Publishes Draft ‘Article 28’ Standard Contractual Clauses | Alston & Bird Privacy Blog

The Spanish Supervisory Authority Approves a GDPR Code of Conduct on Advertising

On September 16, 2020, the Spanish Supervisory Authority (AEPD) approved a “Code of Conduct for Data Processing in Advertising”. This is the first GDPR approved Code of Conduct with an accredited monitoring body in the European Union.

The Code broadly applies to any processing of personal data carried out for advertising purposes, including sending direct marketing communications and using cookies and other technologies for targeted advertising.

Source: The Spanish Supervisory Authority Approves a GDPR Code of Conduct on Advertising

European Commission Publishes Draft of New Standard Contractual Clauses

On November 12, 2020, the European Commission published a draft implementing decision on standard contractual clauses for the transfer of personal data to third countries pursuant to the EU General Data Protection Regulation (GDPR), along with its draft set of new standard contractual clauses (SCC).

The SCCs are open for public consultation until December 10, 2020, and feedback may be submitted here. The adoption process for the SCCs requires an opinion of the European Data Protection Board and the European Data Protection Supervisor, and the positive vote of EU Member States through the comitology procedure. The final SCCs are expected to be adopted in early 2021.

Source: European Commission Publishes Draft of New Standard Contractual Clauses

Rights Activists Slam EU Plan for Access to Encrypted Chats

Digital rights campaigners on Monday criticized a proposal by European Union governments that calls for communications companies to provide authorities with access to encrypted messages.

“Anyone who finds an open back door into my house can enter it, the same is true for back doors in software,” German Left party lawmaker Domscheit-Berg said. “The proposed EU regulation is an attack on the integrity of digital infrastructure and therefore very dangerous.”

Source: Rights Activists Slam EU Plan for Access to Encrypted Chats | SecurityWeek.Com

EU inches closer to ban on end-to-end encryption

The Council of the European Union appears to have a near-completed resolution that would propose a ban on the use of end-to-end encryption on off-the-shelf apps such as WhatsApp and Signal, according to a leaked document.

The memo, dated 6 November and addressed to representatives from EU member states, reveals that strong encryption remains a priority for lawmakers but that the availability of end-to-end encryption has made it overly difficult for law enforcement to conduct investigations.

Source: EU inches closer to ban on end-to-end encryption | IT PRO

Industry groups urge Europe to reject privacy proposal

Industry associations GSMA and ETNO called on European Union member states to reject a proposal for tightening rules on communication services metadata processing, warning the approach would impede innovation and development of Europe’s data economy.

The two organisations issued a joint statement after Germany proposed a change in EU’s ePrivacy Regulation to restrict the use of pseudonymised metadata in communication services.

Source: Industry groups urge Europe to reject privacy proposal – Mobile World Live

EU criticised over surveillance aid in nations where privacy at risk

European Union aid has been used to pay for surveillance equipment and training in countries with inadequate safeguards against excessive state snooping, rights groups said on Wednesday, calling for an end to the “unacceptable” practice.

From training Algerian police on social media monitoring to equipping Niger with phone-tracking tools, the EU has helped numerous nations boost their surveillance capacity in recent years, a report by London-based Privacy International (PI) said.

Source: EU criticised over surveillance aid in nations where privacy at risk | Reuters

European Data Protection Board Issues Schrems II Recommendations

Following the Court of Justice of the European Union’s (“CJEU”) decision in Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems on 16 July 2020 (Schrems II), the European Data Protection Board (EDPB) on 11 November 2020 issued its anticipated recommendations describing how controllers and processors transferring personal data outside the European Economic Area (EEA) may comply with the Schrems II ruling.

The EDPB on November 11 issued two sets of recommendations. The first set of recommendations covers the assessment and supplementary measures data exporters may need to adopt to ensure compliance with the EU level of personal data protection (“Supplementary Measures Recommendations”). The second set of recommendations lays down the elements to be used to examine whether surveillance measures allowing access to personal data by public authorities in a third country can be regarded as a justifiable interference with the level of data protection guaranteed in principle by the EU (“European Essential Guarantees Recommendations”).

These recommendations are applicable immediately but are open for public consultation until November 30.

Source: European Data Protection Board Issues Schrems II Recommendations

German Presidency charts new COVID19 ‘metadata’ rules in leaked ePrivacy text

The German EU Council presidency is seeking to permit the processing of metadata in online communications for ‘monitoring epidemics’ or to help in ‘natural or man-made disasters,’ according to a leaked text on the ePrivacy regulation.

However, the Germans’ proposal on the highly controversial ePrivacy regulation has at the same time withdrawn the ‘legitimate interest’ provision for the general processing of metadata, included in earlier versions of the text.

Source: German Presidency charts new COVID19 ‘metadata’ rules in leaked ePrivacy text – EURACTIV.com

1 2 3 120
>