fbpx

Download free GDPR compliance checklist!

Category Archives for "Legislation"

Data protection boss vows she will use new powers to fine firms up to €20m

In the interview Irish Data Protection Commissioner Helen Dixon reveals intention to use powers given by new EU General Data Protection Regulation (GDPR) to issue fines of up to €20 million or 4% of a company’s annual turnover.

Source: Data protection boss vows she will use new powers to fine firms up to €20m

Singapore, Japan, Korea among least prepared for new EU data laws

More than half of firms in Singapore, Japan, and South Korea express concerns they will not be able to meet the May 25, 2018, deadline for GDPR compliance, while a quarter of their peers in Australia and US fear shutting down as a result.

Source: Singapore, Japan, Korea among least prepared for new EU data laws

New European Union Financial Rules to Give U.S. Consumers Protection as Well

Thanks to new set of regulations in the European Union, customers of U.S. financial institutions – banks, credit-card companies and insurance companies – soon will enjoy better protection of their personal data.

The General Data Protection Regulation (“GDPR”) will force companies to be more transparent about the type of data they collect on individuals, how that data is used and when personal information is exposed in a breach.

GDPR takes effect in May 2018 and will apply to all companies that process data on EU citizens, even if they are located outside EU. It is also expected that large multinational companies, including financial institutions, operating in multiple jurisdictions will adopt single set of rules throughout their operations, rather than try to enforce multiple sets of rules across locations.

Source: New European Union Financial Rules to Give U.S. Consumers Protection as Well

Preparing to Comply with the GDPR: Start Now, Plan to Invest

In May of 2018, Europe’s General Data Protection Regulation (“GDPR”) will take effect throughout the European Union. GDPR will set data protection standards for the EU and brings with it significant consequences for companies in EU or those who has business there. To understand the risk exposure, companies are currently in the process of assessing their compliance with the upcoming regulation in light of the potential maximum exposure.

Source: Preparing to Comply with the GDPR: Start Now, Plan to Invest

Article 29 Working Party Issues Guidance on Data Protection Impact Assessments

Article 29 Working Party has published draft guidance on data protection impact assessments (DPIA). Its full text of is available on the Working Party’s website. Comments to draft guidance can be submitted by 23 May 2017.

Source: Article 29 Working Party Issues Guidance on Data Protection Impact Assessments

Privacy watchdog: businesses that demand personal data in return for services run foul of new EU data protection laws

In his opinion on ePrivacy Regulation, European Data Protection Supervisor Giovanni Buttarelli indicated that businesses that require consumers to provide data about themselves in return for access to their services they offer will not have valid consent to process that information under GDPR.

Source: Privacy watchdog: businesses that demand personal data in return for services run foul of new EU data protection laws

European Commission, experts uneasy over WP29 data portability interpretation

The European Commission has written to EU privacy regulators to express concern over their interpretation of the data portability clause in the General Data Protection Regulation.

Specifically, the Commission appears to be worried that the regulators have interpreted too broad a scope for the GDPR’s Article 20. The Article 29 Working Party (WP29), the group that represents EU privacy regulators, issued guidelines earlier this month in which it said “the right to data portability covers data provided knowingly and actively by the data subject as well as the personal data generated by his or her activity.”

Source: European Commission, experts uneasy over WP29 data portability interpretation

Watchdog queries scope of rules on ‘profiling’ under the GDPR

The Information Commissioner’s Office (ICO) has identified an anomaly between the definition of profiling in the GDPR and how profiling is described in other parts of the Regulation. The ICO has published its findings in a new discussion paper (28-page / 390KB PDF).

Source: Watchdog queries scope of rules on ‘profiling’ under the GDPR

German DPA Publishes English Translation of Standard Data Protection Model

On April 13, 2017, the North Rhine-Westphalia State Commissioner for Data Protection and Freedom of Information published an English translation of the draft Standard Data Protection Model (“SDM”). The SDM was adopted in November 2016 at the Conference of the Federal and State Data Protection Commissioners.

Source: German DPA Publishes English Translation of Standard Data Protection Model : : Privacy & Information Security Law Blog

>