Free tools and resources for Data Protection Officers!

Tag Archives for " regulation "

EDPB LIBE report on the implementation of GDPR

On February 26, the EDPB Chair and Vice-Chair addressed the European Parliament’s Civil Liberties, Justice and Home Affairs Committee (LIBE) presenting EDPB’s first report on implementation of EU General Data Protection Regulation (GDPR) and the roles and means of the national supervisory authorities.

You can read the full report here: EDPB LIBE Report

White Paper on Principles for a Revised U.S. Privacy Framework

The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has issued a white paper on Ten Principles for a Revised U.S. Privacy Framework.

CIPL believes that the use of personal information and privacy can most effectively be regulated at the federal level, and puts forward ten principles that should be included in any new federal privacy framework to ensure appropriate protection for consumers while facilitating the digital economy, innovation and the responsible use of data.

Download the full paper to read more about the principles and why these are essential for inclusion in a new federal U.S. privacy framework.

Source: CIPL Issues White Paper on Principles for a Revised U.S. Privacy Framework | Privacy & Information Security Law Blog

e-Privacy breaches can rise GDPR fines

Businesses face higher fines if their processing of personal data is found to breach both the General Data Protection Regulation (GDPR) and EU ‘e-Privacy’ rules, according to a new opinion issued by the European Data Protection Board (EDPB).

The EDPB’s opinion, issued earlier this month, concerns the interplay between the e-Privacy Directive and the GDPR.

Full article: GDPR: ‘e-Privacy’ breaches can be factored into fines

Year 1 of GDPR: Over 200,000 cases reported, firms fined €56 meeelli… Oh, that’s mostly Google

European data protection agencies have issued fines totalling €56m for GDPR breaches since it was enforced last May, from more than 200,000 reported cases – but watchdogs have said they’re just warming up. However, almost all of it comes from French data watchdog CNIL’s €50m fine for Google.

One thing that did change immediately under GDPR, if not the fines, was the number of incident reports. This was particularly so for companies turning themselves in over data breaches. In the first nine months, there were 206,326 cases reported under the new law from the supervisory authorities in the 31 countries in the European Economic Area.

Source: Year 1 of GDPR: Over 200,000 cases reported, firms fined €56 meeelli… Oh, that’s mostly Google • The Register

A Regulatory Tsunami Is Coming: Are You Prepared?

Compliance will be an increasingly challenging business issue in 2019. Consider the ‘Office of Compliance’ that Xerox already has to deal with the complexity.

We don’t yet know what form any new regulations might take or how they would affect individual companies. Luckily, the details are not necessary for businesses to begin building a better approach to compliance. The goal is to make managing compliance simultaneously easier and more consistent.

Full article: A Regulatory Tsunami Is Coming: Are You Prepared?

Look Past GDPR Into Data Privacy Rules of US

While all 50 states have breach notification laws in place where you must be notified if your data is stolen by a hacker, only a handful, most prominently California, have enacted or even framed formal data privacy legislation.

But the trend line is clearly established at the state and local level. A number of cities, such as New York with its Stop Hacks and Improve Electronic Data Security Act (SHIELD), have also instituted strong data privacy laws. A few Silicon Valley leaders themselves are looking ahead (most prominently Apple CEO Tim Cook), coming on board and calling for federal data privacy legislation. You’d be wise to look into the details of state and city data privacy policies for where you’re based and where you do business.

Full article: Look Past GDPR Into Data Privacy Rules on a State-by-State Basis – Adweek

EDPB clarifies the interaction between the GDPR and ePrivacy Directive

The European Data Protection Board (EDPB) met for their eighth plenary session on 12 and 13 March 2019. On the session EDPB adopted:

During session EDPS also adopted:

Privacy essential to innovation and prosperity

Privacy, innovation and prosperity go hand-in-hand. However, the underlying foundation of them all is freedom.

But let us begin by exploring what exactly we mean by freedom and how it is connected to privacy. Freedom is not about being able to act in any way that one wishes. That would be anarchy in the “chaotic” sense of the word. Freedom is all about structuring a society where aggression against others is forbidden by law.

Full article: OPINION: Privacy essential to innovation and prosperity | Toronto Sun

New US facial recognition bill would require consent before sharing data

A new bill introduced in the Senate today would prohibit commercial companies using facial recognition technology from collecting or sharing people’s data without their explicit consent.

Under the bill, users would need to be notified whenever their facial recognition data is used or collected. According to the lawmakers, it also would require third-party testing before the tech could be introduced into the market to ensure it is unbiased and doesn’t harm consumers.

Source: New facial recognition bill would require consent before sharing data – The Verge

Cybersecurity certification schemes backed by MEPs

Businesses could in future be forced to ensure their products, services or processes meet specified cybersecurity standards under proposed new EU rules that have been formally approved by the European Parliament.

According to the proposed new rules, cybersecurity standards could be mandated for certain ICT products, services and processes before the end of 2023.

Source: Cybersecurity certification schemes backed by MEPs

1 2 3 117
>