Category Archives for "Legislation"

Is GDPR recharging cookie notice popups?

Will soon all websites greet users with interrupting and blocking pop-ups requiring to read a consent form and click “I agree” – prior to allowing the actual using of a website? Will we all be expected click in tons ? Let’s look at the worst scenario , and how we may be arriving there.

European regulations mandate that most sites need to inform their users if user data is processed. In most commonly understood and practical terms this means that websites need to seek consent prior to setting browser cookies. This requirement is de facto universal in European Union and allows “doing something” about consent for data processing.

Source: Is GDPR recharging cookie notice popups?

ICO’s Denham: May 25 is not doomsday

As the opening act for the sold-out Data Protection Intensive here in London today, U.K. Information Commissioner Elizabeth Denham set to rest some of the common misconceptions she knows privacy professionals are losing sleep over as the countdown to the General Data Protection Regulation slinks near single-digits.

The approach to data protection, and the enforcement of it, should and will be the same 36 days from now as it ever was: Following the rules is the way to go. But if you fail there, yeah, there are going to be some problems.

Source: ICO’s Denham: May 25 is not doomsday

EU proposes shorter deadlines for cross-border handover of communications evidence

The European Commission has proposed new rules aimed at making it quicker and easier for law enforcement officials to gain access to communications in another EU state.

Under the proposal, communication service providers would be required to respond within 10 days to a request for evidence, or six hours in the event of an emergency. That compares to 120 days under the current European Investigation Order.

Source: EU proposes shorter deadlines for cross-border handover of communications evidence – Telecompaper

GDPR: Opportunities and challenges

The main challenge of GDPR for corporations will be assessing their current information collection and storage systems against the new regulations and ensuring compliance before the deadline. Accountability is critical, and concepts such as pseudonymisation will become commonplace under the new regulations.

In addition, the cross-border transfer of EU residents’ data outside the region will be become much harder. The EU Commission will assess third countries’ level of protection by carrying out “adequacy” assessments binding to all member states. They will then carry out reviews every four years to ensure continued compliance.

Source: Countdown to GDPR: Part 2 — Opportunities and challenges

What’s new in WP29’s final guidelines on transparency?

The Article 29 Data Protection Working Party has published its “last revised” guidelines on transparency under the General Data Protection Regulation.

When the WP29 released its proposed guidelines last December offering “practical guidance and interpretive assistance” regarding transparency obligations, IAPP analyzed the key issues. In addition to a brief summary of the transparency requirements, IAPP’s analysis of the proposed guidelines focused on the meaning of phrases such as “concise, transparent, intelligible and easily accessible” and “in writing or by other means,” as well as what information should be provided and when and how to provide this information to data subjects.

Source: What’s new in WP29’s final guidelines on transparency?

DPAs to pros: There’s no grace period, folks

While privacy professionals and companies have been working to get their processes in order, so too have the regulators who are tasked with watching over those processes.

What that’s meant for the Irish, French and U.K. data protection authorities has been an increase in staff and budget across the board.

Source: DPAs to pros: There’s no grace period, folks

EU Commission proposes making fingerprints mandatory in ID cards

Identity cards held by EU citizens will be required to include digital images of the holder’s fingerprints as part of a crackdown on fraudulent documents used by criminals and extremists, the European Commission has proposed.

In a proposal likely to make waves in countries such as Germany, whose history has made data privacy a guarded asset, the Commission wants to do away with paper-based identity documents that are easy to falsify and can be used to enter the bloc from non-EU countries.

Source: EU Commission proposes making fingerprints mandatory in ID cards

Denmark considers ‘data ethics council’ in wake of Facebook scandal

Minister for employment Troels Lund Poulsen has backed suggestions that an ethics council for the use of data could be established by the Danish state.

The idea has been raised by environmentalist party Alternative, which has proposed that areas such as privacy, data protection, artificial intelligence and data laws could come under the remit of the ethics council.

A similar ethics body, the Danish Council of Ethics (Det Etiske Råd), already exists for healthcare matters.

Source: Denmark considers ‘data ethics council’ in wake of Facebook scandal – The Local

Essential structures for GDPR compliance

The European Union’s new General Data Protection Regulation will go into force May 25, after six years of preparation. The main challenge for corporations will be assessing their current information collection and storage systems against the new regulations and ensuring compliance before the deadline.

Nine data protection experts from Germany, Belgium, The Netherlands, Italy, U.K., U.S., Luxembourg, Sweden and France discuss how they are helping their clients reach GDPR compliance and emphasize some of the structures businesses should put in place to avoid a crippling fine.

Source: Countdown to GDPR: Part 1 — Essential structures for GDPR compliance

With GDPR in the Background, Digital Protectionism Is on the Rise

A protectionist mindset that’s been brewing politically worldwide for quite some time is suddenly at the doorstep of every digital platform and global brand. Marketing players are now making locally-minded data moves that stand to hurt companies of all types; though the business ramifications have yet to be appropriately recognized.

Certain governments already have data localization laws in place. Russia, for example, enforces data localization laws so that citizens’ datasets have to remain in the country. Enforcing its laws, Russia has banned access to LinkedIn since 2016 and threatens to block Facebook in 2018 unless it agrees to comply with the data localization laws.

Source: With GDPR in the Background, Digital Protectionism Is on the Rise – Adweek

1 2 3 72
>