fbpx

Download free GDPR compliance checklist!

Tag Archives for " EU "

EDPS publishes opinion on communication data as personal data

The European Data Protection Supervisor (EDPS) published, on 11 September 2019, the pleading notes before the Court of Justice of the European Union (CJEU) in the joint hearing for case C-623/17 Privacy International, joint cases C-511/18 and C-512/18 La Quadrature du Net and Others, and case C-520/18 Ordre des Barreaux Francophones et Germanophone and Others.

Notes address question whether the IP addresses or other data relating to electronic communications are capable of providing information on the content of communications, what information concerning the private lives of the concerned persons can be obtained from IP addresses or other data relating to electronic communications, as well as whether, and to what extent, it would be possible to limit the retention and the access to electronic communication data while enabling the objectives set out in Article 15(1) of the ePrivacy Directive.

Source: Pleading notes of the European Data Protection Supervisor (EDPS)

Privacy Shield review goes on

US  Administration will host the third annual joint review of the European Union–United States Privacy Shield Framework in Washington, D.C.

This third annual review will bring together key American and European stakeholders to discuss the functioning, value, and integrity of the Privacy Shield Program, which facilitates compliance with European data protection and privacy requirements in support of transatlantic commerce.

Source: Statement from the Press Secretary on the European Union–United States Privacy Shield Framework | The White House

The role of the UK representative post-Brexit

If the United Kingdom leaves the European Union without a deal Nov. 1, it will automatically cease to be a member of the EU. U.K.-based companies will no longer be regulated under the EU General Data Protection Regulation.

The two most significant effects of this are that data transfers between the U.K. and the EU will be affected, and companies may need to appoint an extra EU representative.

Full article: The role of the UK representative post-Brexit

New Calculation Model for Data Protection Fines in Germany

In June, the conference of the German Data Protection Authorities (Datenschutzkonferenz) approved a concept for the calculation of GDPR fines.

“In a first step, the fine is calculated in daily rates derived from the worldwide company turnover of the previous year. The daily rate is multiplied by a factor which depends on the seriousness of the breach and is determined by the application of a scoring system. The sum is then reduced or increased depending on the degree of fault and on whether there have been any previous breaches. Three or more previous breaches can lead to a surcharge of 300 per cent. Mitigating factors will also be taken into account.”

Source: New Calculation Model for Data Protection Fines in Germany | Inside Privacy

Top European Court to Review National Data Retention Laws

The Court of Justice for the European Union will hear challenges to the data retention laws of the UK, Belgium, and France.

The Court previously invalidated European and national data retention laws that required companies to retain communications data for law enforcement purposes. The new challenges, brought by civil society organizations, contend that European national laws fail to comply with the earlier rulings.

Source: Top European Court to Review National Data Retention Laws

EU data caught in Facebook audio transcribing

The social networking giant initially said no local users were affected, but 48 EU citizens had their information collected without their knowledge.

The revelation comes after Facebook had initially claimed that no one from the 28-country bloc had their audio messages collected and transcribed by hundreds of third-party contractors in a potential violation of the region’s tough privacy standards.

Yet after reviewing the activity, which took place at the end of July and early August, the company has now told EU privacy regulators that roughly 50 Europeans in 14 countries were caught up in the activity, as they had sent audio messages on its online platforms to U.S. users who were involved in the transcription trial.

Source: EU data caught in Facebook audio transcribing – POLITICO

EU-US launch talks on e-evidence access

EU member states have approved a mandate for the European Commission to launch international negotiations with the U.S. to speed and streamline cross-border access to electronic evidence in criminal investigations.

EU Commission Spokesperson Christian Wigand said the new legislation and getting agreement with the U.S. is incredibly important because e-evidence “is needed in around 85% of criminal investigations, and in two-thirds of these investigations there is a need to obtain evidence from online service providers based in another jurisdiction.”

Full article: EU-US launch talks on e-evidence access

Commission urges member states to allocate resources to DPAs

In July, the European Commission urged European countries to allocate sufficient human, financial and technical resources to national data protection authorities.

That’s because the introduction of the EU General Data Protection Regulation has placed an increased burden on already-stretched authorities.

Full article: Commission urges member states to allocate resources to DPAs

How GDPR changes the rules for scientific research?

The implementation of the General Data Protection Regulation (GDPR) raises a series of challenges for scientific research, especially regarding research that is dependent on data.

The EU Parliament’s study investigates the promises and challenges associated with the implementation of the GDPR in the scientific domain and examines the adequacy of the GDPR exceptions for scientific research in terms of safeguarding scientific freedom and technological progress.

Access report: How the General Data Protection Regulation changes the rules for scientific research

Businesses race to keep data flowing under a no-deal Brexit

Brexit might mean the United Kingdom is no longer a member of the European Union, but that does not mean it will escape the long arm of the bloc’s data protection.

Alternative arrangements include implementing binding corporate rules or signing contracts that include EU-approved clauses. The latter option of implementing standard contractual clauses is for now the simplest way to go, especially for most small and medium-sized enterprises. However, for large organisations, they can be costly to implement.

Full article: Businesses race to keep data flowing under a no-deal Brexit, Europe News & Top Stories – The Straits Times

>