fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " law "

EU ePrivacy Regulation Proposal Falls Short of Parliament’s Expectations

The European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs commissioned a study to assess the European Commission’s draft e-Privacy Regulation, which was published in January 2017. The e-Privacy Regulation aims to harmonise privacy rules across the EU in the area of electronic communications, but the study has found that the draft e-Privacy Regulation does not as far as the GDPR in some respects. This contrasts with many other views expressed publicly, which regarded the Commission’s draft as a tightening of the GDPR regime. A central theme of the study, which was carried out by academics of the IViR Institute for Information Law, University of Amsterdam, is the need to protect privacy of correspondence regardless of medium or any other factor. The EU legislative institutions are urged to pay extra attention to four areas in which it is felt that there is insufficient protection of the right to privacy and confidentiality of communications. We explore these issues in the following post.

Source: EU ePrivacy Regulation Proposal Falls Short of Parliament’s Expectations | HL Chronicle of Data Protection

EU Commission Issues Questionnaire in Preparation for Annual Review of Privacy Shield

On June 2, 2017, European Commission has sent questionnaires to trade associations and other groups to prepare for the first annual review of the EU-U.S. Privacy Shield framework.

Source: EU Commission Issues Questionnaire in Preparation for Annual Review of Privacy Shield

Preparing for the GDPR: A first look at the Irish Data Protection Bill

Last month, the Irish government published the General Scheme of the Data Protection Bill 2017 (the “Scheme”). This Scheme provides some insight into the Irish Government’s legislative intent and approach towards those provisions of the General Data Protection Regulation (“GDPR”) where Member States are afforded a margin of flexibility.

Source: Preparing for the GDPR: A first look at the Irish Data Protection Bill Mason Hayes Curran

CIPL Submits Comments to the Working Party’s Proposed GDPR DPIA Guidelines

The Centre for Information Policy Leadership (CIPL) at Hunton & Williams recently submitted formal comments to the Article 29 Working Party’s Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of General Data Protection Regulation (GDPR).

Source: CIPL Submits Comments to the Working Party’s Proposed GDPR DPIA Guidelines : : Privacy & Information Security Law Blog

UK ICO Stresses Importance of Preparing for the GDPR and Addresses the ICO’s Role Post-Brexit

With just under one year to go before the EU General Data Protection Regulation (“GDPR”) becomes law across the European Union, the UK Information Commissioner’s Office (“ICO”) has continued its efforts to help businesses prepare for the new law.

Source: UK ICO Stresses Importance of Preparing for the GDPR and Addresses the ICO’s Role Post-Brexit

Italian DPA’s adopts useful decision on legitimate interests

1 June 2017 The Italian data protection authority (‘Garante’) announced, on 25 May 2017, in its monthly newsletter, that it had ruled against the application of Belron Italia s.p.a. for a decision under Article 24(1)(g) of the Personal Data Protection Code, Legislative Decree No. 196/2003 (‘the Privacy Code’), on the balancing of the controllers’ interests with the rights of data subjects, in relation to the creation of a database that would record the personal data of customers who request a quote for the replacement of their car windows.

Source: Italy: Garante’s decision “provides useful elements to companies looking to rely on” legitimate interests

GDPR Matchup: The APEC Privacy Framework and Cross-Border Privacy Rules

This article looks at how Asia Pacific Economic Cooperation (“APEC”) Cross-Border Privacy Rules system (“CBPR”) matches up against General Data Protection Regulation (“GDPR”).

The CBPR program is analogous to the EU-U.S. Privacy Shield in that they both provide a means for self-assessment, compliance review, recognition/acceptance and dispute resolution/enforcement.

Source: GDPR Matchup: The APEC Privacy Framework and Cross-Border Privacy Rules

You’re thinking about adopting a strategy of paper compliance? Think again

As the deadline to comply with the requirements of the EU’s General Data Protection Regulation fast approaches, there are a growing number of companies pushing ahead with a strategy of “paper compliance” to meet the voluminous requirements of the new regulation.

Source: You’re thinking about adopting a strategy of paper compliance? Think again

As landscape changes, law firm offers ‘CPO on Demand’

If the amount of information privacy pros are consuming via IAPP.org on the General Data Protection Regulation is any indication, companies are scrambling to get ready for May 2018. Part of that preparation will be, for many companies, establishing a data protection officer.

Source: As landscape changes, law firm offers ‘CPO on Demand’

Publishers call for rethink of proposed changes to online privacy laws

An alliance of news publishers has called on European regulators to rethink proposed changes to online privacy laws, arguing that they will potentially kill their digital businesses and give Google, Apple and Facebook too much control of advertising and personal data.

Source: Publishers call for rethink of proposed changes to online privacy laws | Media | The Guardian

>