On December 13, 2016, EU Article 29 Data Protection Working Party “(WP29”) dealt with several critical matters with regards to the implementation of the General Data Protection Regulation (GDPR) and the Privacy Shield. It also dealt with the enforcement measures on cases having a cross-border effect. As for the GDPR’s implementation, the WP29 importantly adopted: […]
As of mid December 2016, around 1300 companies were active under the EU-US Privacy Shield, according to the US Department of Commerce official website. The Privacy Shield Framework has now been effective for almost 4 months and it replaced the Safe Harbor, which had around 5,500 participants by 2016. The US Department of Commerce, International Trade Administration (ITA), […]
On October 20, 2016, the European Data Protection Supervisor (EDPS) published Opinion 9/2016 on Personal Information Management Systems, PIMS. The opinion acknowledges that the recently adopted GDPR provides for increased transparency, powerful rights of access and data portability, giving individuals more control over their data. However, the EDPS highlighted how market conditions and business practices can […]
Tags: BIG DATA, DATA PROTECTION, INTERNATIONAL DATA PROTECTION
On October 27, 2016, the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) authorized the transfer of personal data to the U.S. according to the EU-US Privacy Shield. With its decision, the Italian DPA has aligned itself with to the European Commission’s decision of adequacy, which recognized the Privacy Shield as granting an adequate […]
On September 27, 2016, the Cloud Infrastructure Services Providers of Europe (CISPE) announced the publication of the Data Protection Code of Conduct for Cloud Infrastructures Services. The CISPE comprises several major European cloud infrastructure providers. The code of conduct provides that the certified cloud infrastructure providers: will process and store data exclusively within the EU/EEA […]
Tags: #C-SIG, CLOUD COMPUTING, DATA PROTECTION, INTERNATIONAL DATA PROTECTION
On October 25, 2016, the UK Information Commissioner’s Office (ICO) issued a revised code of practice and checklist on privacy notices, transparency and control. The code helps organizations required by the Data Protection Act 1998 (DPA) to “collect information about people, whether directly or indirectly” to provide transparent and accessible “privacy notices” to data subjects. The […]
The authors highlight the main innovations brought by Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) to Directive 95/46/EC. The full text is available at http://www.whitecase.com…
Cookie regulation in Europe is quite strict. In a previous blog we discussed the cookie law of France, Germany, Italy and the UK, focusing on information to users, user consent and consequences of violations. However, cookies are not the only method to track users. There are cookie-free tracking methods that are similarly invasive, for example […]
Thanking CORDERY, we gladly publish the EU Data Protection – glossary (originally published by Cordery at http://www.corderycompliance.com/eu-data-protection-regulation-glossary/) We’ve put together this glossary to help explain some of the terms used in data protection and in the GDPR. If there’s a term you think we should add let us know. Agencia de Proteccción de Datos = the Spanish […]
On July 22, 2016, the European Data Protection Supervisor (EDPS) released Opinion 5/2016 on the review of the ePrivacy Directive (2002/58/EC). This Opinion focuses on the issues specifically requested by the EU Commission. Particularly, the EDPS suggested that “a new proposal on ePrivacy should guarantee confidentiality of communications, offer clarity and complement the General Data […]