fbpx

Free tools and resources for Data Protection Officers!

Category Archives for "Legislation"

Mind the overlap between GDPR and ePrivacy

Organisations need to be aware of the overlaps between European data protection and privacy rules, and which takes precedence, a privacy lawyer warns.

Understanding the interplay between the European Union’s General Data Protection Regulation (GDPR) and ePrivacy Directive (ePD) is more difficult than most organisations realise, according to Eduardo Ustaran, partner and global co-head of the privacy and cyber security practice at law firm Hogan Lovells.

Full article: Mind the overlap between GDPR and ePD, warns privacy lawyer

New rules bring protections to personal data in EU political campaigns

On March 19, the European Union adopted new rules to “prevent misuse of personal data by European political parties.” The move comes ahead of the European Parliament elections, which will take place across the continent in May 2019.

New rules mean European political parties and foundations can be penalized up to 5 percent of their annual budget for “deliberately influencing, or attempting to influence, the outcome of elections by taking advantage of breaches of data protection rules.”

Source: New rules bring protections to personal data in EU political campaigns

GDPR continues to shine a light for US legislation

Washington DC is to introduce a new data privacy bill, in a further reminder of the GDPR’s power as a policy influencer for governments the world over.

The Whitehouse is now set to put regulations in place that are heavily modelled on the GDPR which came into being on May 25 th of last year. The rules will also galvanise requirements for data controllers’ handling of citizens within the District of Columbia.

Source: GDPR continues to shine a light for US legislation

After Brexit, the EU must decide if UK data protection is adequate

After Brexit the European Commission will decide whether the UK provides equivalent data protection standards to GDPR and other EU legislation.

The adequacy assessment is going to be a key test of the UK’s data privacy standards and achieving adequacy will be far from straightforward. The UK has committed to maintaining GDPR standards post-Brexit but this is not the whole picture for data protection compliance, and when it comes to the protection of fundamental rights there are difficult questions to be addressed.

Full article: After Brexit, the EU must decide if UK data protection is adequate

European Commission urged to investigate Romanian GDPR implementation

Issue The Romanian law implementing the General Data Protection Regulation (GDPR) allows national political parties to process personal data, including sensitive data, in a manner that disregards citizen rights. Law no. 190/2018 excludes the need to acquire consent for processing personal data, including sensitive data.

Source: European Commission urged to investigate Romanian GDPR implementation

UK Issues Regulations on Post-Brexit Data Protection Law

Two sets of regulations aimed at readying UK data protection law for a post-Brexit world have been promulgated in recent weeks. These regulations, which were made pursuant to the EU (Withdrawal) Act 2018 (EUWA), will only come into force in most respects upon the UK’s withdrawal from the EU.

These regulations are intended to preserve the status quo post-Brexit by (1) amending certain provisions of the GDPR to allow it to be retained as UK domestic law and (2) transitionally adopting certain key decisions of the EU institutions that, collectively, would allow for the continued lawfulness of personal data flows out of the United Kingdom where currently permitted under EU law.

Source: UK Issues Regulations on Post-Brexit Data Protection Law

Netherlands wants easier sharing of info about criminals

It has to become easier to share information about criminals, regardless of strict privacy rules, Minister Ferdinand Grapperhaus of Justice and Security said to the Telegraaf in an interview.

The Minister said that he will present a proposal to make the sharing of information about criminals and criminal activity a bit easier. While calling for a more intensified approach to drug trafficking earlier this week, Mayor Aboutaleb noted how difficult it is to share information about suspected criminals with other municipalities.

Source: Sharing info about criminals must be easier, Justice Min. says | NL Times

White Paper on Principles for a Revised U.S. Privacy Framework

The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has issued a white paper on Ten Principles for a Revised U.S. Privacy Framework.

CIPL believes that the use of personal information and privacy can most effectively be regulated at the federal level, and puts forward ten principles that should be included in any new federal privacy framework to ensure appropriate protection for consumers while facilitating the digital economy, innovation and the responsible use of data.

Download the full paper to read more about the principles and why these are essential for inclusion in a new federal U.S. privacy framework.

Source: CIPL Issues White Paper on Principles for a Revised U.S. Privacy Framework | Privacy & Information Security Law Blog

e-Privacy breaches can rise GDPR fines

Businesses face higher fines if their processing of personal data is found to breach both the General Data Protection Regulation (GDPR) and EU ‘e-Privacy’ rules, according to a new opinion issued by the European Data Protection Board (EDPB).

The EDPB’s opinion, issued earlier this month, concerns the interplay between the e-Privacy Directive and the GDPR.

Full article: GDPR: ‘e-Privacy’ breaches can be factored into fines

A Regulatory Tsunami Is Coming: Are You Prepared?

Compliance will be an increasingly challenging business issue in 2019. Consider the ‘Office of Compliance’ that Xerox already has to deal with the complexity.

We don’t yet know what form any new regulations might take or how they would affect individual companies. Luckily, the details are not necessary for businesses to begin building a better approach to compliance. The goal is to make managing compliance simultaneously easier and more consistent.

Full article: A Regulatory Tsunami Is Coming: Are You Prepared?

>