US law firms – especially immigration lawyers – dealing with EU data subject be shall be mindful of future privacy changes

On May 2018, Regulation (EU) 2016/679, on the Protection of Natural Persons with Regard to the Processing of personal Data and on the Free Movement of Such Data, and repealing Directive 95/46/EC (General Data Protection Regulation, in short “GDPR”), will enter into force. The good thing is that starting from that date, the EU will […]

Tags: ,

WP29’s plenary meeting: final guidelines on DPIA and opening for comments on data breach notification and profiling

At its plenary meeting held in October 2017, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the so called General Data Protection Regulation (GDPR). WP29 approved the final version of the DPIA guidelines Guidelines on Data Protection Impact Assessment after having examined the comments received during the public consultation which ended […]

Tags: ,

UK publishes Data Protection Bill – data protection will get stricter

As anticipated (see here), a new Data Protection Bill was introduced to the House of Lords on September 13, 2017 and it officially entered Parliament on September 14, 2017. The new Bill aims at substituting the UK Data Protection Act 1998 and updating data protection laws in accordance with the GDPR. What will it change? […]

Belgian DPA publishes template to record processing activities

On August 30, 2017, the Belgian Data Protection Authority, Commissie voor de bescherming van de persoonlijke levenssfeer (CBPL) published a template to help organizations to meet their duty to record processing activities under Article 30, GDPR. The template is available in Dutch and French and can be downloaded here. In June 2017, the Belgian DPA had published a a recommendation […]

Tags: ,

Implementation of the data protection impact assessment according to the GDPR

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR). Regulation (EU) 2016/679, repeals Directive 95/46/EC and expands on […]

Tags: ,

ICO issues data protection self assessment toolkit

The United Kingdom DPA, the Information Commissioner Officer (ICO), published an interactive checklist fro organizations to assess  compliance with the Data Protection law and to explain how to comply the GDPR, The ICO’s toolkit includes the following topics: Data protection assurance Getting ready for the GDPR Information security Direct marketing Records management Data sharing and subject access CCTV […]

Tags: ,

Ardi Kolah, Cloud Service Providers under the GDPR

The author discusses how cloud service providers may be considered Data Processor under the EU General Data Protection Regulation (GDPR) if they provide “data processing services (e.g. storage) on behalf of the Data Controller without determining the purposes and means of processing (Art.4(7) and (8), GDPR).” The article draws a line between duties and responsibilities […]

Tags: , ,

Italian DPA issues 2016 annual activity report – some interesting (and perhaps unexpected) information

On June 6, 2017, the Italian Data Protection Authority (DPA), the Garante per la Protezione dei Dati Personali, issued the annual report on its activity for 2016. The DPA’s activity concentrated on computer crimes and cyber security; online profiling and social media; cyberbullying; fight against terrorism and mass surveillance; Big Data; use of new technologies […]

Tags: ,

1 2 3 18