The GDPR requires controllers to implement appropriate measures to be able to demonstrate compliance with the GDPR itself, taking into account among others the “the risks of varying likelihood and severity for the rights and freedoms of natural persons” (article 24 (1)). In line with the risk-based approach embodied by the GDPR, carrying out a […]
The Personal Data Protection Bill has been listed to be tabled in the Winter Session of the Indian Parliament which will begin on November 18, as published on Lok Sabha website. This Bill applies to the processing of consumer data by corporate entities. The businesses will be required to obtain consent from consumers to use […]
The Cayman Islands data protection law 2017 (“DPL”) came into effect on September 30, 2019 and applies to all organizations, businesses and public authorities that use personal data. The DPL is centered on the following principles: Fair and lawful use Purpose limitation Data accuracy Storage limitation Respect for the individual’s rights Security – integrity & confidentiality International transfers (i.e., Personal […]
Tags: DATA PROTECTION
On April 25, 2019, the Nigeria Data Protection Regulation 2019 entered into force. The Regulation was issued by the National Information Technology Development Agency, NITDA, and it mirrors the EU General Data Protection Regulation (GDPR). The Regulation’s scope of application is quite broad. It applies to all transactions intended for the processing of personal data […]
Bahrain. Bahrain enacted Law No. 30, 2018, the law protecting personal data (Data Protection Law), which goes into force on August 1, 2019. Bahrain has several other laws with provisions relating to data protection, including: Law No. 16, 2014, regarding the Protection of Information and State Documents; Law No. 2, 2017, for Ratifying the Arab Agreement in Combating […]
On March 25, 2019, Vienna’s higher Regional Court (Oberlandesgericht Wien) ruled that “every citizen can not only file a complaint with the data protection authority, but also submit a lawsuit in courts.” See here. The claims is complicated and concerns Facebook’s breach of EU privacy laws. See here for more info. The admissibility of […]
Update: In October 2019, the European Court of Justice held that in order to store cookies on user devices, the users must actively consent and that pre-checked checkbox that users must actively deselect is not a valid form of consent. The European Court of Justice also stated that all types of cookies require active consent, […]
On February 28, 2019, Thailand’s National Legislative Assembly passed the Personal Data Protection Act (PDPA). According to this source, the PDPA will be signed and endorsed by the monarch, and will then be published in the Government Gazette before to enter into force later this year. This article explains that the legislative text includes […]
The new article 2-terdecies, of the Italian Privacy Code (introduced by Legislative Decree 101/2018), expressly rules on the data protection rights of the deceased. According the Italian Privacy Code, the rights of access, rectification, cancellation, limitation, portability, opposition and the rights relating to fully automated decisions relating to personal data concerning deceased subjects may be […]
Having regard to Article 63, Article 64 (1a), (3) – (8) and Article 35 (1), (3), (4), (6) of the Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such […]