While Australia’s privacy law has made a good start in encouraging better security hygiene, it may not go far enough to get all Australian and partner businesses in line.
With eight months until the introduction of the General Data Protection Regulations (GDPR), the countdown is well and truly on but businesses are not ready, writes Mike Cherry.
The review of artificial intelligence argues a new AI council should be created but it wouldn’t be in charge of regulating systems.
Given the extraordinary boom of the digital economy, Europeans’ data protection should be a priority, according to Director General for Justice and Consumers Tiina Astola.
Businesses will be considered ‘aware’ of data breaches under GDPR when their data processors notice the breach
Businesses that outsource the processing of personal data to other companies will be said to be aware of data breaches experienced by those processors as soon as the processors themselves recognise the breach, according to proposed new guidance.
On October 19, 2017, the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs narrowly voted to approve an amended version of the e-Privacy Regulation. The committee vote is an important step in the process within the European Parliament.
There’s no question the GDPR has anyone who’s paying attention “on their feet.” Talk to any privacy consultant or vendor and they’ll tell you: Business is good these days. But there’s one group in particular that’s got both a lot at stake and a lot of unknowns to contend with ahead of May 2018, and that’s the ad tech industry. That was clear at yesterday’s session, “What Third-Party Compliance Will Look Like for Ad Tech” at the IAPP’s PSR conference in San Diego, California. The disruption the new privacy regimes in Europe will cause is largely triggered by the ad tech space’s heavy reliance on third-party data sharing.
The Article 29 Working Party has published this week its “last revised” guidelines on data protection impact assessments and determining whether processing is “likely to result in a high risk” for the purposes of the GDPR.
The Office of the Australian Information and Privacy Commissioner has published draft resources for the Notifiable Data Breaches scheme, asking for public comment.
Data Protection Impact Assessment (DPIA) is a useful tool that can help organizations to understand the risks related to processed data . DPIA helps to find the right balance and proportions, identify risks, assess the necessity and proportionality and generally help with risk management.