Free tools and resources for Data Protection Officers!

Tag Archives for " EU "

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

The draft text of the EU-UK withdrawal agreement was published by the UK Government and the European Union yesterday, providing some of the first concrete indicators of the possible direction of travel in the area of data protection.

This article provides 10 initial conclusions on Draft EU-UK Withdrawal Agreement.

Full article: Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

UK government adopts draft Brexit withdrawal agreement

The cabinet has agreed a draft withdrawal agreement on the UK’s exit from, and future relationship with the European Union. In terms of data protection, the documents reaffirms the UK government’s commitment to a high level of data protection during and after Brexit.

The future relationship with the EU is described in just seven pages. The EU will commence its evaluation of the UK’s data protection framework with the aim of decisions by the end of 2020. There will be ‘appropriate cooperation between regulators.’ The draft withdrawal agreement talks about ‘essential equivalence’ rather than adequacy.

Full artisle: UK government adopts draft Brexit withdrawal agreement – Privacy Laws & Business

Private Blockchains Could Be Compatible with EU Privacy Rules

A joint study between Queen Mary University of London and the University of Cambridge concluded that, whilst challenging, it is theoretically possible for organizations to design blockchain applications that fully comply with recently implemented EU ‘General Data Protection Regulation’.

Due to innate aspects of blockchain technology, like the immutability and inability to retrospectively remove customer data recorded as such, the problems become obvious when it comes to creating a solution compatible with this European regulation.

Full article: Private Blockchains Could Be Compatible with EU Privacy Rules, Research Shows

EU Commission Comments on NTIA’s Approach to Consumer Privacy

On November 9, 2018, the European Commission (“the Commission”) submitted comments to the U.S. Department of Commerce’s National Telecommunications and Information Administration (“NTIA”) in response to its request for public comments on developing the administration’s approach to consumer privacy.

In its comments, the Commission welcomes and agrees with many of the high-level goals identified by NTIA, including harmonization of the legal landscape, incentivizing privacy research, employing a risk-based approach and creating interoperability at a global level.

Full article: EU Commission Responds to NTIA Request for Comment on Developing the Administration’s Approach to Consumer Privacy

U.S. Court Allows Video Deposition Over EU Deponent’s Privacy Objections

A U.S. court has recently ruled that an EU citizen’s privacy rights and the GDPR do not trump a U.S. litigant’s right to obtain discovery, including video-taped depositions.  A federal magistrate denied an EU citizen’s motion for protective order, holding that the deponent could not rely on EU privacy law to withhold consent to a duly-noted video-recorded deposition scheduled to take place in London.

Full article: U.S. Court Allows Video Deposition Over EU Deponent’s Privacy Objections

Data dealers accused of GDPR failings

Data law regulators in Europe have been called upon to look into a potential data breach case, with brokers, credit ratings agencies and adtech firms falling under suspicion of not playing by new rules. Complaints were filed to regulators last week by a campaign group named Privacy International, regarding possible transgressions committed by the data broker Acxiom, credit rating agencies, Experian and Equifax, and software multinational, Oracle, the Financial Times online reports.

Full article: Data dealers accused of GDPR failings

Europe’s AI ethics chief: No rules yet, please

In a global race to dominate artificial intelligence technology, Europe needs to keep its urge to regulate under control — at least for now. That’s the main message from Pekka Ala-Pietilä, a former president of Nokia and tech entrepreneur who is overseeing EU efforts to draw up principles that will underpin any future regulation of the technology.

Source: Europe’s AI ethics chief: No rules yet, please – POLITICO

Microsoft to comply with the data localisation requests from all countries

Microsoft is committed to complying with the law of the land when it comes to data privacy and will honour data localisation requests from all countries, including India.

“We will have to comply with data laws of various countries. That is mandatory for us. We are already fully compliant with the EU General Data Protection Regulation (GDPR) and will do the same with other countries’ data protection laws,” Ann Johnson, Corporate Vice President, Cybersecurity Solutions Group at Microsoft, told IANS.

As the tech companies demand data to flow freely, Johnson said in order to improve current security and intelligent systems against cybercriminals who are well funded, certain sets of data have to move freely among the countries.

Source: Microsoft to comply with the data localisation requests from all countries- Technology News, Firstpost

What does the newly signed ‘Convention 108+’ mean for UK adequacy?

The Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (Convention 108) has been given an overhaul to bring it into line with the General Data Protection Regulation. While Convention 108 is not an EU document, the European Commission sees the protocol as a way of encouraging “third countries” to adopt the basic tenets of the GDPR. This could be particularly interesting for the U.K., which will become a third country after Brexit.

Full article: What does the newly signed ‘Convention 108+’ mean for UK adequacy?

>