fbpx

Download free GDPR compliance checklist!

Category Archives for "Legislation"

EU Commission Issues Questionnaire in Preparation for Annual Review of Privacy Shield

On June 2, 2017, European Commission has sent questionnaires to trade associations and other groups to prepare for the first annual review of the EU-U.S. Privacy Shield framework.

Source: EU Commission Issues Questionnaire in Preparation for Annual Review of Privacy Shield

Preparing for the GDPR: A first look at the Irish Data Protection Bill

Last month, the Irish government published the General Scheme of the Data Protection Bill 2017 (the “Scheme”). This Scheme provides some insight into the Irish Government’s legislative intent and approach towards those provisions of the General Data Protection Regulation (“GDPR”) where Member States are afforded a margin of flexibility.

Source: Preparing for the GDPR: A first look at the Irish Data Protection Bill Mason Hayes Curran

CIPL Submits Comments to the Working Party’s Proposed GDPR DPIA Guidelines

The Centre for Information Policy Leadership (CIPL) at Hunton & Williams recently submitted formal comments to the Article 29 Working Party’s Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of General Data Protection Regulation (GDPR).

Source: CIPL Submits Comments to the Working Party’s Proposed GDPR DPIA Guidelines : : Privacy & Information Security Law Blog

Italian DPA’s adopts useful decision on legitimate interests

1 June 2017 The Italian data protection authority (‘Garante’) announced, on 25 May 2017, in its monthly newsletter, that it had ruled against the application of Belron Italia s.p.a. for a decision under Article 24(1)(g) of the Personal Data Protection Code, Legislative Decree No. 196/2003 (‘the Privacy Code’), on the balancing of the controllers’ interests with the rights of data subjects, in relation to the creation of a database that would record the personal data of customers who request a quote for the replacement of their car windows.

Source: Italy: Garante’s decision “provides useful elements to companies looking to rely on” legitimate interests

GDPR Matchup: The APEC Privacy Framework and Cross-Border Privacy Rules

This article looks at how Asia Pacific Economic Cooperation (“APEC”) Cross-Border Privacy Rules system (“CBPR”) matches up against General Data Protection Regulation (“GDPR”).

The CBPR program is analogous to the EU-U.S. Privacy Shield in that they both provide a means for self-assessment, compliance review, recognition/acceptance and dispute resolution/enforcement.

Source: GDPR Matchup: The APEC Privacy Framework and Cross-Border Privacy Rules

Publishers call for rethink of proposed changes to online privacy laws

An alliance of news publishers has called on European regulators to rethink proposed changes to online privacy laws, arguing that they will potentially kill their digital businesses and give Google, Apple and Facebook too much control of advertising and personal data.

Source: Publishers call for rethink of proposed changes to online privacy laws | Media | The Guardian

Privacy Shield First Annual Joint Review to Take Place in September 2017

EU Commissioner for Justice, Věra Jourová, in her speech on March 31, announced that the joint review of EU-U.S. Privacy Shield will take place in September 2017.

Source: Privacy Shield First Annual Joint Review to Take Place in September 2017 : : Privacy & Information Security Law Blog

Why Cross-Border Government Requests for Data Will Keep Becoming More Important

As explained in this post, technological developments are driving fundamental changes in the importance of cross-border government requests for data. There are multiple institutional mechanisms for possible reform, entirely apart from the traditional approach of Mutual legal Assistance Treaties (MLATs).

Source: Why Cross-Border Government Requests for Data Will Keep Becoming More Important – Lawfare

Bavarian DPA Tests GDPR Implementation of 150 Companies

On May 24, 2017, the Bavarian Data Protection Authority (“DPA”) published a questionnaire to help companies assess their level of implementation of the EU General Data Protection Regulation (“GDPR”). The DPA announced that it has sent the questionnaire to 150 randomly selected Bavarian companies.

Source: Bavarian DPA Tests GDPR Implementation of 150 Companies

>