So let’s be clear. Consent is one way to comply with the GDPR, but it’s not the only way.
Civil libertarians tell Ars they’re worried about “mass surveillance expansion.”
A decision of the Italian privacy authority on the illegal collection of data on criminal convictions of employees raised the issue on a practice that is quite common. We are running a number of privacy audit on companies that need to get compliant with the General Data Protection Regulation and we can verify that the practice of collecting a police clearance report (in Italian the “casellario giudiziale “) of employees is quite common, regardless of the role to be taken by such employees, just because this is a standard practice adopted with anyone hired by the company and in absence of a regulatory obligation.
Hunton Privacy Team Publishes Several Chapters in International Comparative Legal Guide to Data Protection
Recently, the fourth edition of the book, The International Comparative Legal Guide to: Data Protection 2017, was published by the Global Legal Group. Hunton & Williams’ Global Privacy and Cybersecurity lawyers prepared several chapters in the guide, including the opening chapter on “All Change for Data Protection: The European Data Protection Regulation,” co-authored by London partner Bridget Treacy and associate Anita Bapat.
Amid the noise about the introduction of data privacy reforms under Europe’s General Data Protection Regulation, the GDPR, less attention has been paid to the Network and Information Systems Directive . The NIS Directive calls on EU member states to introduce cyber-security requirements for “Operators of Essential Services” (OESs), with a less stringent set of obligations for certain groups of “Digital Services Providers” (DSPs).
Ireland’s Data Protection Commissioner published guidance on appropriate qualifications for a Data Protection Officers (DPOs) under General Data Protection Regulation (GDPR).
Subject access requests (SARs) are viewed either as an essential right or a huge administrative burden, depending on whether you are the requestor or responder. Recent Court of Appeal case law has made the Information Commissioner’s Office (ICO) update its Subject access code of practice.
In June of this year, I started an internship at the IAPP as the University of Maine School of Law’s inaugural Privacy Fellow. My goal was to spend the summer helping the IAPP’s Data Protection Officer, Rita Heimes, CIPP/US, CIPM, work toward IAPP compliance with the upcoming General Data Protection Regulation (effective May 2018).
Source: The GDPR in 20 Minutes
Australia’s Prime Minister recently suggested a proposal that would allow access to information protected by encryption. Access Now’s US Policy Manager Amie Stepanovich tells why that’s a bad idea.