Free tools and resources for Data Protection Officers!

Tag Archives for " regulation "

Russia, stung by intelligence leaks, plans to tighten data protection

Russia has drawn up draft legislation aimed at stopping leaks of personal information from state agencies, a step that follows publication of details of Russians allegedly involved in clandestine intelligence operations abroad.

The bill, produced by Russia’s communications ministry, bars unauthorized people from creating and publishing databases of personal data drawn from official sources, and fines anyone violating that rule.

Full article: Russia, stung by intelligence leaks, plans to tighten data protection | Reuters

EDPS calls for closer alignment between consumer and data protection rules in the EU

Consumer law and data protection can no longer afford to work in silos. The EU needs a big-picture approach to addressing systemic harms to individuals in digital markets, involving closer cooperation between enforcers in order to avoid legal uncertainty, the European Data Protection Supervisor (EDPS) said, as he published his Opinion on the legislative package A New Deal for Consumers.

Source: EDPS calls for closer alignment between consumer and data protection rules in the EU | European Data Protection Supervisor

Christmas spirit triumphs over GDPR in Germany

A German town managed to revive a children’s Christmas tradition after European data protection laws very nearly scrapped it.

In previous years up to 4,000 wishes to Father Christmas were placed on a tree at a Christmas market in the southern town of Roth and the city council would then attempt to fulfill those wishes, which included the names and addresses of the children who wrote them.

But the popular activity had to stop in 2016 because of Germany’s data privacy legislation and GDPR, as legislation requires parents of minors have to provide consent to the use of their kids’ data.

Local radio station Antenne Bayern found a solution by creating a wish list, which included a parental consent disclaimer, which can be printed from their website and put in the wishing box at the Christmas market.

Source: Christmas spirit triumphs over GDPR in German town of Roth – CNN

Irish watchdog clarifies record keeping and DPIAs interaction under GDPR

Ireland’s data protection authority has clarified how record keeping obligations under the General Data Protection Authority (GDPR) interact with the duties of businesses to carry out data protection impact assessments (DPIAs).

Full article: GDPR: Irish watchdog clarifies record keeping and DPIAs interaction

A timely raincheck on the GDPR: the law of unintended consequences

As we approach a six-month point since the full implementation date of the GDPR, it is interesting to see evidence of the legislation having much greater consequences and advantages than those for which it was originally intended.

GDPR in its most fundamental form can be seen as a beneficial facility for handling the core issue of risk management between data and people. In this instance, risk is both an opportunity to be exploited as well as a downside to be mitigated. To support this contention, one may cite recent instances of the GDPR having practical impacts way beyond that of its original draftsmen.

Full article: A timely raincheck on the GDPR: the law of unintended consequences

MEPs call for business GDPR ‘guarantee’ on using blockchain

Businesses should not begin using blockchain technology to process personal data until they can “guarantee compliance” with EU data protection laws, a committee of MEPs has said.

The Committee on Civil Liberties, Justice and Home Affairs (LIBE) said that businesses using blockchain must, in particular, be able to respect the rights of data subjects under the General Data Protection Regulation (GDPR) to the rectification and erasure of their data.

Full article: MEPs call for business GDPR ‘guarantee’ on using blockchain

New Spanish data law could undermine the integrity of democracy

On Wednesday, the Spanish senate gave the green light to an online data protection law which may enable political parties to hit voters with adverts based on profiling of internet search histories. The law was created as part of the Iberian nation’s efforts to align with the General Data Protection Regulation (GDPR) which came into force on May 25th of this year.

However, the recent adjustment made to the Spanish laws includes a caveat that enables political parties to “use personal data obtained from web pages and other publicly accessible sources to carry out political activities” throughout election campaigns.

Full article: New Spanish data law could undermine the integrity of democracy

Spanish Senate signs-off new GDPR-compliant Data Protection Act

After a very long delay and amidst rumors that the Spanish Parliament could be dissolved and early elections called, the Spanish Senate speedily dismissed all the proposals for further changes and approved the new GDPR-compliant Spanish Data Protection Act on Wednesday 21 November 2018.

Full article: Spanish Senate signs-off new GDPR-compliant Data Protection Act

Finland updates its data protectionlaw according to the GDPR

Finland finally adopted its new GDPR-style law on 13 November. The delay was partly caused by deliberations on the role of the Data Protection Ombudsman (equivalent of Privacy Commissioner) in imposing administrative fines. It was argued that to have one person decide on a very high level of sanctions did not fit in with Finland’s legislative tradition.

Source: Finland updates its DP law according to the GDPR – Privacy Laws & Business

GDPR Burdens Hinder M&A Transactions

An increasing number of mergers and acquisitions (M&A) transactions may be stalling because of concerns over EU General Data Protection Regulation (GDPR) compliance, according to a survey of EMEA M&A professionals conducted by Merrill Corporation.

The implementation of the EU’s General Data Protection Regulation (GDPR) stood out as a major hurdle for mergers and acquisitions, with more than half of respondents (55 percent) citing the compliance and data protection employed by the target company as a primary reason a transaction did not progress. Additionally, 66 percent of those surveyed believe that GDPR will increase acquirers’ scrutiny of the data protection policies and processes of target companies, further complicating the deal-making process.

Source: GDPR Burdens Hinder M&A Transactions in the EMEA Region, According to Merrill Corporation Survey | Business Wire

>