CNIL publishes analysis of blockchain in light of the GDPR

In September 2018, the French Data Protection Agency, the Commission Nationale de l’informatique et des Libertés (CNIL) published a report explaining how Blockchain relates to the GDPR (“Report”). In particular the Report highlights the following. WHO IS THE CONTROLLER IN A BLOCKCHAIN TRANSACTION. Users of the web who decide to submit a transaction to the validation […]

Tags: ,

A closer look to damages under the GDPR

The General Data Protection Regulation, GDPR (Regulation (EU) 2016/679) started to apply on May 25, 2018. See here. The GDPR sets forth the data subject’s right to compensation and liability for the damages caused by processing infringing the GDPR. Pursuant to Article 82, GDPR: “Any person who has suffered material or non-material damage as a result of an infringement […]

ICO served GDPR enforcement notice on a non resident organization (Canadian company)

     On July 6, 2018, the UK Data Protection Authority, the Information Commissioner Officer (ICO), served what looks like the first enforcement notice regarding the processing of UK individuals’ personal data by a nonresident organization. The notice was directed to Aggregate IQ (AIQ), a digital advertising, web and software development company based in Canada. […]

Tags: ,

Italian GDPR harmonization law is now in force

On September 19, 2018, Legislative Decree n. 101/2018 harmonizing the Italian privacy law with the General Data Protection Regulation (GDPR) entered into force. Legislative Decree was published on the Official Italian Gazette (Gazzetta ufficiale n. 205 04-09-2018) on September 4, 2018. More on the Legislative Decree and the Italian Privacy Code (Legislative Decree 196/2003) is available […]

Tags: ,

Italian GDPR harmonization law is published on the Official Gazette

On September 4, 2018, Legislative Decree n. 101/2018 harmonizing the national privacy law with the General Data Protection Regulation (GDPR) was published on the official Italian journal (Gazzetta ufficiale n. 205 04-09-2018). The Legislative Decree does not abrogate the Italian Privacy Code (Legislative Decree 196/2003), which therefore remains in force, but that Code is harmonized with […]

Tags: ,

Multiple ways in which the GDPR will be “enforced” abroad (spoiler alert: market is one of those)

The GDPR (the General Data Protection Regulation) has started its application on May 25, 2018[i]and applies “extraterritorially. Privacy practitioners and EU regulators alike have highlighted the advantages of GDPR compliance for organizations, such as better data management, enhanced protection against cyber-risks, competitive advantages, etc. Many companies share the same positive view. Some others see the GDPR […]

WP29 issues guidelines aiming at GDPR implementation

In its plenary meeting held in April 2018, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the s.c. General Data Protection Regulation (GDPR) and adopted several key documents for the preparation of its application on the 25th of May 2018 such as the guidelines on consent and the guidelines on transparency. […]

Tags: ,

Users’ guidance on DPIA under the GDPR published by EU Data Protection Authorities

EU Data Protection Authorities released useful Data Protection Impact Assessment tools (DPIAS) Belgium: the Commission for the Protection of Privacy, Commissie voor de bescherming van de persoonlijke levenssfeer (CBPL) issued a Recommandation d’initiative concernant l’analyse d’impact relative à la protection des données (n° 01/2018)   Cyprus: the Office of the Commissioner for Personal Data Protection, Γραφείου Επιτρόπου Προστασίας Δεδομένων […]

Tags: ,

1 2 3 4 5 21