What does no Brexit deal mean for data protection?

The ICO has prepared a guide accessible on its website outlining the key points to be considered by UK-based entities should the UK exit the European Union without a deal on 29 March 2019. The Guidance, highlights of which are illustrated below, it relevant to UK-based businesses to which the GDPR currently applies and that send ...

Provisional agenda: ePrivacy to be discussed in June 7 Telecoms Council

The Romanian Presidency's provisional agendas for Council meetings, during the first semester of 2019 (from 1 January to 30 June) have been published.  Both the General Approach of the Regulation on ePrivacy and Electronic Communications (aka the #ePrivacy Regulation) and the Proposal for a Regulation establishing the European Center for competences and research in cybersecurity and the network ...

Welcoming Regulation (EU) 2018/1725 and new data protection rules for EU institutions

By No tags Permalink 0

The new rules governing the protection of personal data in EU institutions and the formal duties of the EDPS are established in Regulation (EU) 2018/1725 which replaces Regulation (EC) No 45/2001.  As the EDPS pointed out in it's recent press release, the adoption of this regulation represents a fundamental step in the completion of the EU data protection framework. What's ...

Cloud Security Alliance Announces 2018 Ron Knode Service 
Award

I am extremely honoured to share the news that I have been recognised by the Cloud Security Alliance (CSA) as a recipient of the seventh annual Ron Knode Service Award along with five other members for excellence in volunteerism and dedication in furthering cloud security best practices that help ensure a secure cloud computing environment. The Cloud Security Alliance us the world’s leading organization dedicated ...

The New Frontier of Competition in the Digital Market: Personal Data Protection, My Lecture for the Maastricht University Star Lecture in Brussels

13 lectures in 13 different cities and 5 countries on the same day at the same time, the UM Star Lectures.  On 7 February 2019, I will lecture as part of this traditional series of lectures for alumni.  The event is organised to reach out to and inspire alumni, share academic insights, experiences and memories and to create ...

5th EDPD Plenary Session: EU-Japan draft adequacy decision, DPIA lists, Artile 43 GDPR

The 5th EDPD Plenary Session took place last week on 4 and 5 December 2018.  Main points of the agenda included the EU-Japan draft adequacy decision, the adoption of opinions on the Data Protection Impact Assessment (DPIA) lists submitted by Denmark, Croatia, Luxembourg and Slovenia, and the revision of the Article 29 Working Party guidelines on accreditation. ...

4th EDPB Plenary session recap

On 16 November the European Data Protection Authorities gathered for the 4th plenary session of the European Data Protection Board and yesterday, 19 November, a summary of some of the most important aspects discussed at the meeting was published providing an update on the EU-Japan draft adequacy decision, Clinical Trials Regulation and territorial scope. Here are the main ...

Garante Privacy: “Taking Stock Of The First 4 Months Of Implementing The GDPR”

According to the Italian DPA, the Garante Privacy, as of 28 September 2018, four months after the GDPR became fully applicable in Italy: 40,738 appointed DPO's contact information was communicated 2,547 complaints and reports were received 305 data breach notifications were made 7,200 requests to the Garante's font office were made These numbers show a significant ...

Agenda of the 4th EDPB meeting

By No tags Permalink 0

The 4th meeting of the EDPB takes place today on 16 November 2018. The Agenda for the meeting is available for consultation here. Topics for discussion and/or adoption included reorganisation of the EDPB subgroups, Brexit, the Consultation on COM’s draft question and answer document on interplay between Clinical Trial Regulation and GDPR: attribution of the topic ...

My contribution at ENISA’s Security of Personal Data Processing Event

Last month I attended ENISA's Security of Personal Data Processing Event in Athens, Greece. The event was organised together with the Digital SME Alliance and the Hellenic Data Protection Authority. During the day experts in the field, including myself, shared their advice and journey of complying with the General Data Protection Regulation with a focus ...