Search

The Guidelines on Data Protection Impact Assessment (DPIA) and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679, wp248rev.01, are available at here.   The GDPR requires controllers to implement appropriate measures to be able to demonstrate compliance with the GDPR itself, taking into account among others […]

  As anticipated (see here), a new Data Protection Bill was introduced to the House of Lords on September 13, 2017 and it officially entered Parliament on September 14, 2017. The new Bill aims at substituting the UK Data Protection Act 1998 and updating data protection laws in accordance with the GDPR. What will it […]

On August 30, 2017, the Belgian Data Protection Authority, Commissie voor de bescherming van de persoonlijke levenssfeer (CBPL) published a template to help organizations to meet their duty to record processing activities under Article 30, GDPR. The template is available in Dutch and French and can be downloaded here. In June 2017, the Belgian DPA had published a a recommendation […]

On June 8, 2017, Working Party 29 (WP29) issued Opinion 2/2017 on data processing at work, which makes a “new assessment of the balance between legitimate interests of employers and the reasonable privacy expectations of employees” also considering the new challenges to data protection created by new technologies. Opinion 2/2017 updates previousOpinion 08/2001 on the processing […]

  The United Kingdom DPA, the Information Commissioner Officer (ICO), published an interactive checklist fro organizations to assess  compliance with the Data Protection law and to explain how to comply the GDPR, The ICO’s toolkit includes the following topics: Data protection assurance Getting ready for the GDPR Information security Direct marketing Records management Data sharing and subject access […]

On June 6, 2017, the Italian Data Protection Authority (DPA), the Garante per la Protezione dei Dati Personali, issued the annual report on its activity for 2016. The DPA’s activity concentrated on computer crimes and cyber security; online profiling and social media; cyberbullying; fight against terrorism and mass surveillance; Big Data; use of new technologies […]

  On May 11, 2017, the Spanish Data Protection Agency (DPA), the Agencia Española de Protección de Datos (AEPD) and ISMS Forum Spain, a not for profit, published a Big Data privacy code of conduct, the Código de buenas prácticas en protección de datos para proyectos de Big Data.   The Code refers to Regulation […]

    The Second Circuit affirmed the dismissal of a data breach class action for failing to sufficiently allege an injury to support standing. By way of background. Plaintiff made purchases via credit card at a Michaels store. Later on, Michaels issued a press release saying that there had been a possible data breach of its […]

The SC Bar International Law Committee, in conjunction with Trident Technical College, sponsored a free legal clinic for entrepreneurs in North Charleston on Thursday, May 18. The clinic, titled Technology and International Issues for Entrepreneurs, included information on general corporate issues, cybersecurity, cloud computing, websites, social media, contractual clauses to protect entrepreneurs, data protection, data […]

On April 24, 2017, the European Data Protection Supervisor (EDPS) released Opinion 6/2017 on the Proposal for a Regulation on Privacy and Electronic Communications (ePrivacy Regulation Proposal). The EDPS welcomes the Proposal for the Regulation. There is a need of “a specific legal tool to protect the right to private life guaranteed by Article 7 […]