fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " guidance "

Irish DPA Examines Right to Rectification

In light of increased awareness of the rights granted to individuals under the new data protection legislation, Ireland’s data protection authority (DPA) – Data Protection Commission – has published a note to clarify aspects of the right to rectification of personal data.

In particular, it examines the case of recording of names of individuals that contain diacritical marks (for example, fadas in the Irish language).

Read note: Examination of Right to Rectification complaints | 30/04/2019 | Data Protection Commission

ICO issues draft code of practice on designing online services for children

Earlier this month, the UK’s Information Commissioner’s Office published a draft code of practice (“Code”) on designing online services for children. The Code is now open for public consultation until May 31, 2019.

The Code sets out 16 standards of “age appropriate design” with which online service providers should comply when designing online services (such as apps, connected toys, social media platforms, online games, educational websites and streaming services) that children under the age of 18 are likely to access.

Source: ICO issues draft code of practice on designing online services for children

Dutch DPA Issues Guidelines on Privacy Policies Following Investigation

On April 17, 2019, the Dutch Data Protection Authority, the Autoriteit Persoonsgegevens (the “Dutch DPA”) issued six recommendations (in Dutch) for companies, to be taken into account when drafting privacy policies.

The published recommendations follow the Dutch DPA’s investigation of companies’ privacy policies. The investigation focused on companies that process sensitive personal data, including health data and data related to individuals’ political beliefs.

Source: Dutch DPA Issues Guidelines on Privacy Policies Following Investigation

ICO Blog Post on AI and Solely Automated Decision-Making

The ICO has published a blog post on the role of “meaningful” human reviews in AI systems to prevent them from being categorised as “solely automated decision-making” under Article 22 of the GDPR.

That Article imposes strict conditions on making decisions with legal or similarly significant effects based on personal data where there is no human input, or where there is limited human input (e.g. a decision is merely “rubber-stamped”).

Source: ICO Blog Post on AI and Solely Automated Decision-Making

Pilot promised for new EU ethical guidelines for AI

Businesses in Europe exploring the use of artificial intelligence (AI) will be given a chance this summer to pilot the use of new ethical guidelines for AI, the European Commission has said.

Companies, public administrations and organisations can participate by signing up to the European AI Alliance.

Source: Pilot promised for new EU ethical guidelines for AI

How To Avoid Bias In Data Collection

Data collection is the most crucial part of machine learning models as the working of the model will completely depend on the data which we push as training.

Knowing what you really want to do with your data and more basically its purpose to serve your specific project is a very crucial part. You should develop a clear understanding of the data requirements before you take any further step of collecting data.

Full article: How To Avoid Bias In Data Collection

EDPB Publishes Guidelines on the Contractual Legal Basis for Data Processing of Online Services

On April 12, 2019, the European Data Protection Board (EDPB) published draft guidelines 2/2019 on the processing of personal data in the context of the provision of online services to data subjects.

The Guidelines discuss how the “contract” legal basis applies in the context of online services or “information society services,” defined as “any service normally provided for remuneration, at a distance, by electronic means and at the individual request of a recipient of services.”

Source: EDPB Publishes Guidelines on the Contractual Legal Basis for Data Processing of Online Services

EDPB seeks comments on its Guidelines on the processing of personal data for online services 

The European Data Protection Board welcomes comments on the Guidelines 2/2019 on on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects. Such comments should be sent to EDPB by 24/05/2019 at the latest.

More infoemation: Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects | European Data Protection Board

European Commission Issues Updated Q&A on Interplay between the GDPR and the Clinical Trials Regulation

On April 10, 2019, European Commission Directorate-General for Health and Food Safety issued a revised Q&A analyzing the interplay between the EU Clinical Trials Regulation (“CTR”) and the EU General Data Protection Regulation (“GDPR”).

The revised Q&A takes into account the opinion of the European Data Protection Board (“EDPB”) issued on January 23, 2019, on the same topic.

Full article: European Commission Issues Updated Q&A on Interplay between the GDPR and the Clinical Trials Regulation

Privacy UX: Better Cookie Consent Experiences

With the advent of the EU General Data Protection Regulation (GDPR) in May 2018, the web has turned into a vast exhibition of consent pop-ups, notifications, toolbars, and modals.

While the intent of most cookie-related prompts is the same — to get a user’s consent to keep collecting and evaluating their behavior the same ol’ way they’ve been doing for years — implementations differ significantly, often making it ridiculously difficult or simply impossible for customers to opt out from tracking.

Full article: Privacy UX: Better Cookie Consent Experiences

>