fbpx

Download free GDPR compliance checklist!

Category Archives for "Legislation"

Survey: 61 percent of companies have not started GDPR implementation

Is your company getting ready for the General Data Protection Regulation? If so, it might be in the minority. That’s because, according to research conducted by TrustArc, the answer is likely no.

In their survey, “Privacy and the EU GDPR,” TrustArc, formerly known as TRUSTe, polled 204 privacy professionals from companies across several industries that are subject to the GDPR.

Source: Survey: 61 percent of companies have not started GDPR implementation

Fieldfisher Publishes its GDPR App

On June 06, 2017, European law firm Fieldfisher launched mobile app: “A Complete Guide to the GDPR”. The app provides complete guide to Europe’s new General Data Protection Regulation (GDPR). Unfortunatelly, at the moment app is available only for iOS.

Source: Get ready for regulation – Download the Fieldfisher GDPR App – Fieldfisher

Italian DPA’s Annual Report previews future GDPR enforcement action

On June 6, the Italian Data Protection Authority, the Garante, presented its 2016 Annual Activity Report, focusing on several current data privacy issues and highlighting its efforts with regard to the upcoming entry into force of the General Data Protection Regulation in May 2018.

Source: Italian DPA’s Annual Report previews future GDPR enforcement action

CIPL Issues Recommendations for Implementing Transparency, Consent and Legitimate Interest under the GDPR

Recently, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP issued a white paper on Recommendations for Implementing Transparency, Consent and Legitimate Interest under the GDPR (the “White Paper”). The White Paper sets forth guidance and recommendations on the key concepts of transparency, consent and legitimate interest under the EU General Data Protection Regulation (“GDPR”).

Source: CIPL Issues Recommendations for Implementing Transparency, Consent and Legitimate Interest under the GDPR

D.P.O. guidance: clear as M.U.D?

The newly codified position of data protection officer (” DPO “) is creating sleepless nights for many of our clients. Whilst data-savvy organisations may already have such an individual (or team), the GDPR makes it clear that it has a particular role in mind: compliance officer, expert, PR liaison and strategist.

Source: D.P.O. guidance: clear as M.U.D?

EU ePrivacy Regulation Proposal Falls Short of Parliament’s Expectations

The European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs commissioned a study to assess the European Commission’s draft e-Privacy Regulation, which was published in January 2017. The e-Privacy Regulation aims to harmonise privacy rules across the EU in the area of electronic communications, but the study has found that the draft e-Privacy Regulation does not as far as the GDPR in some respects. This contrasts with many other views expressed publicly, which regarded the Commission’s draft as a tightening of the GDPR regime. A central theme of the study, which was carried out by academics of the IViR Institute for Information Law, University of Amsterdam, is the need to protect privacy of correspondence regardless of medium or any other factor. The EU legislative institutions are urged to pay extra attention to four areas in which it is felt that there is insufficient protection of the right to privacy and confidentiality of communications. We explore these issues in the following post.

Source: EU ePrivacy Regulation Proposal Falls Short of Parliament’s Expectations | HL Chronicle of Data Protection

EU Commission Issues Questionnaire in Preparation for Annual Review of Privacy Shield

On June 2, 2017, European Commission has sent questionnaires to trade associations and other groups to prepare for the first annual review of the EU-U.S. Privacy Shield framework.

Source: EU Commission Issues Questionnaire in Preparation for Annual Review of Privacy Shield

Preparing for the GDPR: A first look at the Irish Data Protection Bill

Last month, the Irish government published the General Scheme of the Data Protection Bill 2017 (the “Scheme”). This Scheme provides some insight into the Irish Government’s legislative intent and approach towards those provisions of the General Data Protection Regulation (“GDPR”) where Member States are afforded a margin of flexibility.

Source: Preparing for the GDPR: A first look at the Irish Data Protection Bill Mason Hayes Curran

CIPL Submits Comments to the Working Party’s Proposed GDPR DPIA Guidelines

The Centre for Information Policy Leadership (CIPL) at Hunton & Williams recently submitted formal comments to the Article 29 Working Party’s Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of General Data Protection Regulation (GDPR).

Source: CIPL Submits Comments to the Working Party’s Proposed GDPR DPIA Guidelines : : Privacy & Information Security Law Blog

Italian DPA’s adopts useful decision on legitimate interests

1 June 2017 The Italian data protection authority (‘Garante’) announced, on 25 May 2017, in its monthly newsletter, that it had ruled against the application of Belron Italia s.p.a. for a decision under Article 24(1)(g) of the Personal Data Protection Code, Legislative Decree No. 196/2003 (‘the Privacy Code’), on the balancing of the controllers’ interests with the rights of data subjects, in relation to the creation of a database that would record the personal data of customers who request a quote for the replacement of their car windows.

Source: Italy: Garante’s decision “provides useful elements to companies looking to rely on” legitimate interests

>