fbpx

Download free GDPR compliance checklist!

Tag Archives for " opinion "

Reasonable Retention Of Personal Information: The Compliance Advantage Of Risk-Based Polices And Procedures For Information Governance

A recent privacy breach case in Canada offers practical guidance for organizations anywhere to avoid the over-retention of personal data. A May 2017 Order from the Office of the Information and Privacy Commissioner of Alberta provides new insight into the requirement under section 35 of the Personal Information Protection Act to retain personal information only as long as reasonably required.

Source: Reasonable Retention Of Personal Information: The Compliance Advantage Of Risk-Based Polices And Procedures For Information Governance

CIPL Issues Recommendations for Implementing Transparency, Consent and Legitimate Interest under the GDPR

Recently, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP issued a white paper on Recommendations for Implementing Transparency, Consent and Legitimate Interest under the GDPR (the “White Paper”). The White Paper sets forth guidance and recommendations on the key concepts of transparency, consent and legitimate interest under the EU General Data Protection Regulation (“GDPR”).

Source: CIPL Issues Recommendations for Implementing Transparency, Consent and Legitimate Interest under the GDPR

D.P.O. guidance: clear as M.U.D?

The newly codified position of data protection officer (” DPO “) is creating sleepless nights for many of our clients. Whilst data-savvy organisations may already have such an individual (or team), the GDPR makes it clear that it has a particular role in mind: compliance officer, expert, PR liaison and strategist.

Source: D.P.O. guidance: clear as M.U.D?

CIPL Submits Comments to the Working Party’s Proposed GDPR DPIA Guidelines

The Centre for Information Policy Leadership (CIPL) at Hunton & Williams recently submitted formal comments to the Article 29 Working Party’s Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of General Data Protection Regulation (GDPR).

Source: CIPL Submits Comments to the Working Party’s Proposed GDPR DPIA Guidelines : : Privacy & Information Security Law Blog

Why Teens Need Privacy Online

Parents have nosed around in their kids’ lives ever since the invention of the telephone, but these days, technology has taken the spying game to an entirely new level with multiple points of entry, from Facebook and Twitter to Instagram, Vine and Tumblr. While communicating via social media has made it easier for kids to stay connected with their friends, these largely public forums (and traceable activities) also give parents a new in to what their children may not be telling them.

Source: Why Teens Need Privacy Online | Psychology Today

Italian DPA’s adopts useful decision on legitimate interests

1 June 2017 The Italian data protection authority (‘Garante’) announced, on 25 May 2017, in its monthly newsletter, that it had ruled against the application of Belron Italia s.p.a. for a decision under Article 24(1)(g) of the Personal Data Protection Code, Legislative Decree No. 196/2003 (‘the Privacy Code’), on the balancing of the controllers’ interests with the rights of data subjects, in relation to the creation of a database that would record the personal data of customers who request a quote for the replacement of their car windows.

Source: Italy: Garante’s decision “provides useful elements to companies looking to rely on” legitimate interests

Courts Are Using AI to Sentence Criminals. That Must Stop Now.

Algorithms pervade our lives today, from music recommendations to credit scores to now, bail and sentencing decisions. But there is little oversight and transparency regarding how they work. Nowhere is this lack of oversight more stark than in the criminal justice system. Without proper safeguards, these tools risk eroding the rule of law and diminishing individual rights.

Source: Courts Are Using AI to Sentence Criminals. That Must Stop Now | WIRED

ENISA works together with European semiconductor industry on key cybersecurity areas

The EU Agency for Network and Information security (“ENISA”) together with industry recently published a common position on cybersecurity. Position reflects the concerns of industry and provides a set of suggestions for policy makers. The paper focuses on four main areas actively debated at the EU level: standardisation and certification, security processes and services, security requirements and implementation, and the economic dimensions.

Source: ENISA works together with European semiconductor industry on key cybersecurity areas — ENISA

>