fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " regulation "

Global recall: How the GDPR impacts product recalls

Not all potential consequences of the GDPR (and similarly situated laws) are clearly evident quite yet, but companies nonetheless will encounter challenges in their dealings with consumers in the global marketplace, pursuant to the GDPR and other such regulations.

One of the hidden consequences this new proliferation of consumer data privacy measures throughout the world will affect product liability matters, specifically concerning product recalls.

Full article: Global recall: How the GDPR impacts product recalls

After Brexit, the EU must decide if UK data protection is adequate

After Brexit the European Commission will decide whether the UK provides equivalent data protection standards to GDPR and other EU legislation.

The adequacy assessment is going to be a key test of the UK’s data privacy standards and achieving adequacy will be far from straightforward. The UK has committed to maintaining GDPR standards post-Brexit but this is not the whole picture for data protection compliance, and when it comes to the protection of fundamental rights there are difficult questions to be addressed.

Full article: After Brexit, the EU must decide if UK data protection is adequate

European Commission urged to investigate Romanian GDPR implementation

Issue The Romanian law implementing the General Data Protection Regulation (GDPR) allows national political parties to process personal data, including sensitive data, in a manner that disregards citizen rights. Law no. 190/2018 excludes the need to acquire consent for processing personal data, including sensitive data.

Source: European Commission urged to investigate Romanian GDPR implementation

UK Issues Regulations on Post-Brexit Data Protection Law

Two sets of regulations aimed at readying UK data protection law for a post-Brexit world have been promulgated in recent weeks. These regulations, which were made pursuant to the EU (Withdrawal) Act 2018 (EUWA), will only come into force in most respects upon the UK’s withdrawal from the EU.

These regulations are intended to preserve the status quo post-Brexit by (1) amending certain provisions of the GDPR to allow it to be retained as UK domestic law and (2) transitionally adopting certain key decisions of the EU institutions that, collectively, would allow for the continued lawfulness of personal data flows out of the United Kingdom where currently permitted under EU law.

Source: UK Issues Regulations on Post-Brexit Data Protection Law

Jourová on first lessons 10 months after the application of the GDPR

European Commission Věra Jourová at the 9th Annual European Data Protection and Privacy Conference delivered a speech “What next for European and global data privacy?”

It her speech First Jourová discusses lessons 10 months after the application of the GDPR, Facebook / Cambridge Analytica scandal and globalised discussion about challenges to privacy.

Read full speech: Speech by European Commission Věra Jourová at the 9th Annual European Data Protection and Privacy Conference: What next for European and global data privacy?

Netherlands wants easier sharing of info about criminals

It has to become easier to share information about criminals, regardless of strict privacy rules, Minister Ferdinand Grapperhaus of Justice and Security said to the Telegraaf in an interview.

The Minister said that he will present a proposal to make the sharing of information about criminals and criminal activity a bit easier. While calling for a more intensified approach to drug trafficking earlier this week, Mayor Aboutaleb noted how difficult it is to share information about suspected criminals with other municipalities.

Source: Sharing info about criminals must be easier, Justice Min. says | NL Times

EDPB LIBE report on the implementation of GDPR

On February 26, the EDPB Chair and Vice-Chair addressed the European Parliament’s Civil Liberties, Justice and Home Affairs Committee (LIBE) presenting EDPB’s first report on implementation of EU General Data Protection Regulation (GDPR) and the roles and means of the national supervisory authorities.

You can read the full report here: EDPB LIBE Report

White Paper on Principles for a Revised U.S. Privacy Framework

The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has issued a white paper on Ten Principles for a Revised U.S. Privacy Framework.

CIPL believes that the use of personal information and privacy can most effectively be regulated at the federal level, and puts forward ten principles that should be included in any new federal privacy framework to ensure appropriate protection for consumers while facilitating the digital economy, innovation and the responsible use of data.

Download the full paper to read more about the principles and why these are essential for inclusion in a new federal U.S. privacy framework.

Source: CIPL Issues White Paper on Principles for a Revised U.S. Privacy Framework | Privacy & Information Security Law Blog

e-Privacy breaches can rise GDPR fines

Businesses face higher fines if their processing of personal data is found to breach both the General Data Protection Regulation (GDPR) and EU ‘e-Privacy’ rules, according to a new opinion issued by the European Data Protection Board (EDPB).

The EDPB’s opinion, issued earlier this month, concerns the interplay between the e-Privacy Directive and the GDPR.

Full article: GDPR: ‘e-Privacy’ breaches can be factored into fines

Year 1 of GDPR: Over 200,000 cases reported, firms fined €56 meeelli… Oh, that’s mostly Google

European data protection agencies have issued fines totalling €56m for GDPR breaches since it was enforced last May, from more than 200,000 reported cases – but watchdogs have said they’re just warming up. However, almost all of it comes from French data watchdog CNIL’s €50m fine for Google.

One thing that did change immediately under GDPR, if not the fines, was the number of incident reports. This was particularly so for companies turning themselves in over data breaches. In the first nine months, there were 206,326 cases reported under the new law from the supervisory authorities in the 31 countries in the European Economic Area.

Source: Year 1 of GDPR: Over 200,000 cases reported, firms fined €56 meeelli… Oh, that’s mostly Google • The Register

>