Category Archives for "Legislation"

Poland regulates workplace monitoring

CCTV in the workplace under the Polish law Until recently, the matter of video surveillance in the workplace has not been explicitly regulated by Polish law. However, the new changes to the employment law dated May 10, 2018, address the issue of the use of video surveillance in the workplace.

Source: Poland regulates workplace monitoring

Will Bulgaria get ePrivacy done in time?

Earlier this month the current Bulgarian Presidency of the European Council sent out a progress report on the draft ePrivacy regulation, and the question on everyone’s lips was whether there would be a general approach before Bulgaria gives up the presidency at the end of June.

Read full article: Will Bulgaria get ePrivacy done in time? Doesn’t look good

EU ministers to consider proposals on drone safety standards

On Tuesday, the European Parliament agreed draft regulations to create EU standards for manufacturers which must now be put before EU member states ministers for approval.

Maximum altitude and distance limits for drone flights will be set, alongside additional safety features, common certification and training rules. The draft EU rules are designed to be proportionate to the risk posed by drone flights. Privacy and data protection rights must be safeguarded and drone operators should have sufficient training to fly.

Source: EU ministers to consider proposals on drone safety standards

Implementing appropriate security under the GDPR

Security of processing is a foundational principle of the GDPR. Under Article 5(1)(f), personal data shall be “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).”

Read full article: Implementing appropriate security under the GDPR

Looking to Canada for input on the GDPR’s data retention requirements

One of the core principles of data processing set forth in Article 5(e) of the EU General Data Protection Regulation is that personal data shall be retained in a form that “permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.” Although this language is not complex, it raises critical questions not answered within the text, namely: What comprises a purpose and how does one determine whether the purpose is resolved?

Read full article: Looking to Canada for input on the GDPR’s data retention requirements

The California Consumer Privacy Act of 2018 is not at all like the GDPR

There seems to be a rise in fearmongering about the next big potential privacy legislation on the horizon after GDPR – the California Consumer Privacy Act of 2018. Consultants, bloggers, and, sadly, some well-respected law firms, have hyped the initiative as “very similar to the GDPR,” and a “sweeping, GDPR-like privacy regime.”

However,California Consumer Privacy Act of 2018 is not like GDPR. The Act is not an “act” at all – it is an initiative that may appear on the ballot in California during the November elections. And while the ballot initiative proposes some interesting, and arguably misguided, privacy requirements, few of those requirements have any analog within the GDPR. Furthermore equating the California initiative to the GDPR masks its real aim, purpose, and danger.

Read full article: Bryan Cave – Stop the hype! The California Consumer Privacy Act of 2018 is not at all like the GDPR

GDPR implementation bills: The election problem

It is by now no secret that a lot of EU countries won’t have implementing acts ready in time for the introduction of the General Data Protection Regulation this week. While this is unlikely to be the end of the world for most companies — the GDPR doesn’t need to be transposed into member states’ national laws to apply — it does create a level of confusion where the new regulation clashes with still-active national implementations of the old EU Data Protection Directive.

Read full article: GDPR implementation bills: The election problem

New French data protection law declared constitutional and ready for promulgation

The French Constitutional Council has issued its ruling on June 12 regarding the new data protection law implementing the EU General Data Protection Regulation (GDPR). It’s a PASS! Almost a month after Senators referred the newly adopted data protection law to the Constitutional Council, thus blocking its promulgation on time for the GDPR’s entry into application last May 25, the suspense comes finally to an end.

Source: FRANCE: New data protection law declared constitutional and ready for promulgation

Bulgarian Presidency Presents Progress Report and Points for Debate on ePrivacy

On January 10, 2017, the EU Commission adopted a proposal for a Regulation on Privacy and Electronic Communications. On June 8, 2018, the Council of the European Union’s Bulgarian Presidency presented a progress report on the draft ePR to the Transport, Telecommunications and Energy Council.

The Report reflects on the amendments presented in the May 2018 Examination of the Presidency text. The Report is split into two sections: Annex I, a progress report, and Annex II, questions for the policy debate.

Source: Bulgarian Presidency Presents Progress Report and Points for Debate on ePrivacy

1 2 3 82
>