UPDATE On Washington privacy Act March 2020 – Washington Privacy Act fails again It was almost given for granted that the Washington Privacy Act would have passed this time. The Washington State House and Senate were debating two similar bills. The major difference was in the enforcement mechanism: while in the House’s Bill both the […]
On March 14, 2019, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, DPA) published on Netherlands Official Gazette its own General Data Protection Regulation (GDPR) fining policy. It is the first European Union (EU) country to do so. Article 83, GDPR, provides that DPAs can issue to controllers and processors “effective, proportionate and dissuasive” administrative fines […]
The General Data Protection Regulation, GDPR (Regulation (EU) 2016/679) started to apply on May 25, 2018. See here. The GDPR sets forth the data subject’s right to compensation and liability for the damages caused by processing infringing the GDPR. Pursuant to Article 82, GDPR: “Any person who has suffered material or non-material damage as a result of an infringement […]
As announced (see here), on October 3, 2017, the Article 29 Working Party(WP29) published its Guidelines on the application and setting of administrative fines for the purposes of the Regulation 2016/679 (GDPR). Once a GDPR infringement is established, the competent supervisory authority (Article 5 1 GDPR) must identify the most appropriate corrective measure(s) to address the […]
On May 11, 2017, the Spanish Data Protection Agency (DPA), the Agencia Española de Protección de Datos (AEPD) and ISMS Forum Spain, a not for profit, published a Big Data privacy code of conduct, the Código de buenas prácticas en protección de datos para proyectos de Big Data. The Code refers to Regulation […]
On September 27, 2016, the Cloud Infrastructure Services Providers of Europe (CISPE) announced the publication of the Data Protection Code of Conduct for Cloud Infrastructures Services. The CISPE comprises several major European cloud infrastructure providers. The code of conduct provides that the certified cloud infrastructure providers: will process and store data exclusively within the EU/EEA […]
Tags: #C-SIG, CLOUD COMPUTING, DATA PROTECTION, INTERNATIONAL DATA PROTECTION
The Information Commissioner’s Office (ICO), i.e. the United Kingdom’s Data Protection Authority, has prepared a checklist with 12 steps that organization can take now to prepare for the General Data Protection Regulation (GDPR) which is expected to come into force in mid- 2018: Awareness: make sure that decision makers and key people in each organization must be […]
To establish common rules on data protection and to help implement the Digital Single Market Strategy, the European Union set forth two instruments to reform the 1995 data protection rules (see here): the General Data Protection Regulation (“GDPR”) the Data Protection Directive to ensure cross-border cooperation and protect personal data in the police and criminal […]
To establish common rules on data protection and to help implement the Digital Single Market Strategy, the European Union set forth two instruments to reform the 1995 data protection rules (see here): the Gen eral Data Protection Regulation (“GDPR”) the Data Protection Directive to ensure cross-border cooperation and protect personal data in the police and […]
On January 10, 2019, the Italian Garante per la Protezione dei Dati Personali, the Italian data protection authority, DPA, released an opinion according to which the deceased continues to enjoy the protections provided for by the data protection legislation. In a case of alleged malpractice, an individual asked a healthcare company to allow access […]