WP29 issues Opinion to balance employers’ legitimate interests and employees’ reasonable privacy expectations

On June 8, 2017, Working Party 29 (WP29) issued Opinion 2/2017 on data processing at work, which makes a “new assessment of the balance between legitimate interests of employers and the reasonable privacy expectations of employees” also considering the new challenges to data protection created by new technologies. Opinion 2/2017 updates previousOpinion 08/2001 on the processing […]

Tags:

Guidelines for practical implementation of the GDPR issued by the Italian DPA

The Italian Data Protection Authority, Garante per la privacy issued Guidelines for the implementation of Regulation EU/2016/679 on Personal Data Protection (GDPR). The DPA suggests some actions that can be carried out right away to comply with the GDPR and provides a general overview of the major innovations introduced by the legislation. The guidelines are […]

Tags: ,

Consent to data processing should not be consideration for a free service, EDPS says

On March 14, 2017, the European Data Protection Supervisor (EDPS) released Opinion 4/2017 on the 2015 Proposal for a Directive (1) on certain aspects concerning contracts for the supply of digital content  (1) on certain aspects concerning contracts for the supply of digital content and  (2) on certain aspects concerning contracts for the online and other […]

Tags: ,

Conflict of interest under the recently issued WP29’s opinion on DPO

Francesca Giannoni-Crystal and Cristina Vicarelli In Section 3.5 of Article 29 Working Party (WP29)’s Guidelines on Data Protection Officer (“DPOs”) (“Opinion”), the WP29 discusses the issue of conflict of interest for DPO. See here for more information on this opinion. The WP29 points out that while Article 38(6) GDPR allows a DPO to perform “other tasks and duties”, […]

Tags: ,

Cyber Insurance: ENISA’s report on the last four years’ developments

The European Union Agency for Network and Information Security (ENISA) released an interesting report “to raise awareness for the most impactful market advances, by shortly identifying the most significant cyber insurance developments for the past four years – during 2012 to 2016 – and to capture the good practices and challenges during the early stages […]

Tags:

Bavarian DPA sanctions appointment of IT manager of company as DPO

According to German data protection law, German data controllers must appoint a Data Protection Officer (“DPO“) in several cases, for example when ten or more people are involved in the automated processing of personal data. While an employee can be appointed as DPO, the appointee must be knowledgeable on data protection and must be reliable and independent. The […]

Tags: ,

WP29 issues guidelines on data portability, DPO, and lead authority (and lays foundation for much more)

On December 13, 2016, EU Article 29 Data Protection Working Party “(WP29”) dealt with several critical matters with regards to the implementation of the General Data Protection Regulation (GDPR) and the Privacy Shield. It also dealt with the enforcement measures on cases having a cross-border effect. As for the GDPR’s implementation, the WP29 importantly adopted: Guidelines […]

Tags: ,

Privacy Shield update: around 1300 active participants after over 4 months from start

As of mid December 2016, around 1300 companies were active under the EU-US Privacy Shield, according to the US Department of Commerce official website. The Privacy Shield Framework has now been effective for almost 4 months and it replaced the Safe Harbor, which had around 5,500 participants by 2016. The US Department of Commerce, International Trade Administration (ITA), […]

Tags: ,

EU Digital Clearing House to protect privacy in the age of big data

On September 23, 2016, the European Data Protection Supervisor (EDPS) announced the intention to set up a Digital Clearing House to promote a more coherent enforcement of EU privacy rules. With Opinion 8/2016, Coherent enforcement of fundamental rights in the age of big data, the EDPS drew attention to the “concentration of market power and […]

Tags: ,

1 2 3 11