fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " EU "

UK Issues Regulations on Post-Brexit Data Protection Law

Two sets of regulations aimed at readying UK data protection law for a post-Brexit world have been promulgated in recent weeks. These regulations, which were made pursuant to the EU (Withdrawal) Act 2018 (EUWA), will only come into force in most respects upon the UK’s withdrawal from the EU.

These regulations are intended to preserve the status quo post-Brexit by (1) amending certain provisions of the GDPR to allow it to be retained as UK domestic law and (2) transitionally adopting certain key decisions of the EU institutions that, collectively, would allow for the continued lawfulness of personal data flows out of the United Kingdom where currently permitted under EU law.

Source: UK Issues Regulations on Post-Brexit Data Protection Law

Jourová on first lessons 10 months after the application of the GDPR

European Commission Věra Jourová at the 9th Annual European Data Protection and Privacy Conference delivered a speech “What next for European and global data privacy?”

It her speech First Jourová discusses lessons 10 months after the application of the GDPR, Facebook / Cambridge Analytica scandal and globalised discussion about challenges to privacy.

Read full speech: Speech by European Commission Věra Jourová at the 9th Annual European Data Protection and Privacy Conference: What next for European and global data privacy?

EU citizens being tracked on sensitive government sites

EU governments are allowing more than 100 advertising companies, including Google and Facebook, to surreptitiously track citizens across sensitive public sector websites, in apparent violation of their own EU data protection rules, a study has found.

Danish browser-analysis company Cookiebot found ad trackers — which log users’ locations, devices and browsing behaviours for advertisers — on the official government websites of 25 EU member states. The French government had the highest number of ad trackers on its site, with 52 different companies tracking users’ behaviour.

Source: EU citizens being tracked on sensitive government sites | Financial Times

e-Privacy breaches can rise GDPR fines

Businesses face higher fines if their processing of personal data is found to breach both the General Data Protection Regulation (GDPR) and EU ‘e-Privacy’ rules, according to a new opinion issued by the European Data Protection Board (EDPB).

The EDPB’s opinion, issued earlier this month, concerns the interplay between the e-Privacy Directive and the GDPR.

Full article: GDPR: ‘e-Privacy’ breaches can be factored into fines

Cybersecurity certification schemes backed by MEPs

Businesses could in future be forced to ensure their products, services or processes meet specified cybersecurity standards under proposed new EU rules that have been formally approved by the European Parliament.

According to the proposed new rules, cybersecurity standards could be mandated for certain ICT products, services and processes before the end of 2023.

Source: Cybersecurity certification schemes backed by MEPs

EU Regulators Increase Focus on Cookie Practices

In the absence of cookies-related guidance and enforcement by regulators against ordinary website publishers and operators, many e-commerce sites, online publishers and other website operators have taken a “wait and see” approach with respect to implementing GDPR-compliant cookies consent procedures.

Full article: EU Regulators Increase Focus on Cookie Practices

European Parliament Approves EU Cybersecurity Act

Following a political agreement at the end of 2018, earlier this week the European Parliament approved a new cybersecurity regulation known as the EU “Cybersecurity Act“.

This forms part of the EU’s Cyber Package, first announced in September 2017 (which we blogged about here ). In addition to reinforcing the mandate of ENISA — now to be known as the EU Agency for Cybersecurity — the new regulation establishes an EU cybersecurity certification framework.

Source: European Parliament Approves EU Cybersecurity Act

Germany’s Federal Data Protection Commissioner says EU copyright reform poses risks to data protection

The Federal Data Protection Commissioner of Germany, Ulrich Kelber, issued a statement voicing his concerns about the most problematic element of the bill in its current form: upload filters.

Even though upload filters are not explicitly mandated by the bill, they will be employed as a practical effect. Smaller service providers wouldn’t be able to develop such filters themselves, therefore they will utilize offerings by large IT companies.

“At the end of the day, this would result in an oligopoly consisting of a few vendors of filtering technologies, which would then be instrumental to more or less the entire Internet data traffic of relevant platforms and services. The wealth of information those vendors would receive about all users in the process is evidenced by, among other examples, current media coverage of data transfers by eHealth apps to Facebook.”

Source: FOSS Patents: Germany’s Federal Data Protection Commissioner: EU copyright reform poses risks to data protection

Facebook’s global lobbying against data privacy laws

Facebook has targeted politicians around the world promising investments and incentives while seeking to pressure them into lobbying on Facebook’s behalf against data privacy legislation, an explosive new leak of internal Facebook documents has revealed.

The documents reveal a secretive global lobbying operation targeting hundreds of legislators and regulators in an attempt to procure influence across the world, including in the UK, US, Canada, India, Vietnam, Argentina, Brazil, Malaysia and all 28 states of the EU.

Source: Revealed: Facebook’s global lobbying against data privacy laws | Technology | The Guardian

>