Category Archives for "Legislation"

GDPR Has Made Google Even More Dominant In Europe

Over the last few years, the EU has been screaming about the awfulness of evil large tech companies in the name of Google, Amazon, Facebook and Apple (sometimes called “GAFA”). However, EU law will mostly serve to lock in those companies as the dominant providers. That’s because they’re big enough to manage the regulatory burden, whereas startups and smaller competitors will not be able to and will suffer.

Full article: Just As Expected: GDPR Has Made Google Even More Dominant In Europe | Above the Law

Polish DPA’s guidance on data protection in the workplace partially “controversial”

The Polish data protection authority (‘UODO’) issued, on 4 October 2018, guidance for employers on data protection in the workplace, under the General Data Protection Regulation (‘GDPR’), following a public consultation on the same. In particular, the Guidance focuses on the processing of employee data during recruitment, selection and the employment period, as well as distinguishes between different types of employment contracts, such as those concerning temporary and permanent workers.

Full article: Poland: UODO’s guidance on data protection in the workplace partially “controversial”

Key Developments in Internet of Things Law

California Signs the First IoT Security Bill into Law, and the FTC Submits Comments to the Consumer Product Safety Commission Regarding the IoT California’s New IoT Law On September 28, 2018, California Governor Jerry Brown signed into law a cybersecurity bill governing Internet of Things (IoT) devices, the first law of its kind in the nation.

Source: Key Developments in Internet of Things Law

UK DPA releases data protection self-assessment checklist for sole traders

The ICO has launched a self-assessment checklist that will help sole traders and self-employed individuals to assess their compliance with new data protection laws. The checklist is aimed at improving understanding of data protection and making sure sole traders are keeping people’s personal data secure. It shows sole traders how compliant they are by generating a rating based on their responses and provides handy links to relevant ICO guidance and further information. It also includes practical suggestions of how to stay in line with the law.

Source: New data protection self-assessment checklist for sole traders | ICO

EDPB Adopts Opinions on National DPIA Lists in the EU

The European Data Protection Board (“EDPB”) recently published 22 Opinions on the draft lists of Supervisory Authority (“SAs”) in EU Member States regarding which processing operations are subject to the requirement of conducting a data protection impact assessment (“DPIA”) under the EU General Data Protection Regulation (“GDPR”).

Full article: EDPB Adopts Opinions on National DPIA Lists in the EU

EDPB: ICO too strict on data protection impact assessments

The opinion, issued by the European Data Protection Board (EDPB), differs from guidance the UK’s Information Commissioner’s Office (ICO) has issued on DPIAs. Businesses planning to process biometric, genetic or location data do not automatically have to carry out a data protection impact assessment (DPIA) first to comply with the General Data Protection Regulation (GDPR), an EU privacy watchdog has said.

The ICO is not bound to update its guidance in light of the EDPB’s opinion, but must justify its reasons for not doing so if “it does not intend to follow this opinion, in whole or in part”, the EDPB said

Source: EDPB: ICO too strict on data protection impact assessments

Finland parliament weakens constitutional privacy right to pass security law

Finland’s parliament voted on Wednesday to add new exceptions to a clause in the constitution that guarantees the right to privacy, to enable swift approval of an intelligence bill aimed at combating terrorism and spying by foreign governments. The new language would create another exception to give the police and security forces the authority to snoop on emails and other messages to gather information about “military or other activity that threatens national security”.

Source: Finland parliament weakens constitutional privacy right to pass security law | Reuters

What is the future of ePrivacy regulation?

ePrivacy’s advancement has been slower than initially promised by policymakers. Member state delegations had raised questions involving the scope of ePrivacy and its position vis-à-vis the GDPR, the fundamental rights of confidentiality with respect to data protection, GPS location data, and developments in artificial intelligence, the Internet of Things, and automated driving.

Full article: Can Austria align ‘diverging views’ with proposed ePrivacy amendments?

Google and Facebook join rights groups to fight Australia’s encryption bill

Google and Facebook have joined civil and digital rights groups in an unusual alliance aimed at defeating Australia’s planned encryption laws. The bill gives law enforcement new powers to conduct covert surveillance on electronic devices and compel technology companies to assist in decrypting private communications.

Source: Google and Facebook join rights groups to fight Australia’s encryption bill | Technology | The Guardian

Tech giants call for national data regulations that subvert California’s GDPR-style laws

US Tech giants have said they would back a nation data regulation provided that it came into force before California’s much tougher privacy legislation, in what’s being seen as an attempt to avoid GDPR-style data protection laws.

The representatives discussed three key points for a potential privacy legislation: a state law that pre-empts the California legislation; a promotion of privacy on their terms; and a block to the creation of a US version of the GDPR.

Source: Tech giants call for national data regulations that subvert California’s GDPR-style laws

1 2 3 90
>