Free tools and resources for Data Protection Officers!

Category Archives for "Legislation"

Draft data protection law submitted to Parliament of Georgia

The State Inspector presented the legislative proposal to the Parliament of Georgia aimed at bringing the Georgia’s personal data protection law to in line with EU legislation.

The Draft Law includes provisions on the principles of data processing, data subject rights, child consent, deceased persons data processing, monitoring, direct marketing, data controller and data processor’s obligations, data transfers, enforcement and penalties for non-compliance.

Source: Personal Data Protection Inspector’s Office

Consumer contract law in the age of data

As part of its 2015 Digital Single Market Strategy, the European Commission proposed modernising the rules applicable to sales of goods and introducing similar rules for the supply of digital content (such as digital films, music, e-books, applications) and digital services (such as social media platforms, on-line games, pay-per-view access to films, cloud computing, etc.).

After more than 3 years of negotiations, the EU adopted a package comprising a directive on contracts for the supply of digital content and services and a directive on contracts for the sale of goods, both applicable in B2C relations.

Full article: The EU makes B2C contract law enter the age of data

UK’s DPA Publishes Report on Impact of GDPR

On 30 May 2019, the United Kingdom’s data protection authority – Information Commissionner’s Office (ICO) – released a report, “GDPR: One Year On”, discussing the impact of the GDPR and its associated learnings after one year following its implementation.

Report provides valuable insight into the enforcement practices, EU-wide cooperation, support functions, innovative practices and further growth plans of the ICO.

Source: ICO Publishes Report on Impact of GDPR

EU Council adopts conclusions on data retention to fight crime

The Council adopted conclusions on the way forward with regard to the retention of electronic communication data for the purpose of fighting crime.

It noted that data retention is an essential tool for investigating serious crime efficiently, but one whose use should be guided by the need to protect fundamental rights and freedoms.

The Council tasked the Commission to gather further information and organise targeted consultations as part of a comprehensive study on possible solutions for retaining data, including the consideration of a future legislative initiative.

Source: Data retention to fight crime: Council adopts conclusions – Consilium

Hungarian GDPR amendments act enters into force

On 26 April 2019, the Act XXXIV of 2019 on the Legislative Amendments Implementing the European Union Data Protection Reform (‘the Act’) entered into force.

The Act aims to amend national legislation in line with the General Data Protection Regulation (GDPR). Hungary is one of last EU countries to adopt GDPR implementation act.

Access Act here (in Hungarian).

France enacts Decree on application of data protection

On 1 June 2019 Decree No. 2019-536 of 29 May 2019 Enacted For the Application of Act No. 78-17 of 6 January 1978 on Data Processing, Files and Individual Liberties came into force.

The Decree clarifies procedural rules of the French data protection authority, including its control and sanctions, and further specifies data subject rights. It also brings Act on Data Processing, Files and Individual Liberties in line with the General Data Protection Regulation (GDPR) and the Data Protection Directive with Respect to Law Enforcement.

Read the Decree here (in French).

Cybersecurity certification gets an EU revamp

A new EU Regulation on cybersecurity promises a more coordinated approach across Europe. The new law will set up a framework for the establishment of European cybersecurity certification schemes.

The intention is to prevent “certification shopping” based on different levels of stringency among member states. Certification will be voluntary initially, but regular assessments will be carried out to determine whether certification of particular products or services should become compulsory.

Source: Cybersecurity certification gets an EU revamp

US data privacy law talks break down

Debate to create uniform data privacy law across the US has broken down due to senators failing to decide how hard-line the new rules should be.

Politicians in America are in disagreement over the wording of key aspects of the new bill. After months of discussion in the Senate Commerce Committee, the bill is still not ready for publication. Insiders say talks between Democrats and Republicans have ground to a halt.

Tech firms, however, hope for the bill to be passed before the end of 2019, when the California Consumer Privacy Act (CCPA) will also come into being.

Source: US data privacy law talks break down

Europe seeks to lead a new world order on data

Brussels is pulling its weight as the world’s top trade bloc to export its privacy rules.

Ahead of a G20 ministerial meeting this weekend in Japan, EU officials are pushing to cement the region’s dominance over new standards about how companies send data between trading blocs. Europe’s goal is to establish the right to privacy — enshrined as a fundamental right in the region — in the way that data is exchanged between global businesses ranging from banks and insurers to hotels and online retailers.

Source: Europe seeks to lead a new world order on data – POLITICO

1 2 3 113