GDPR Temperature Tool: A new free resource for European SMEs to understand their risk of GDPR-related sanctions

«The GDPR came into force in May 2018 with a blaze of publicity but 18 months on, still many businesses are unclear on how at risk they are from GDPR-related sanctions. The vast majority of business leaders believe that it is essential to comply with the GDPR, especially as companies can risk crippling fines. Indeed, ...

European Data Protection Board adopts Guidelines on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects

The European Data Protection Board has published its updated Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects following public consultation. The Guidelines were adopted by the Board on 8 October 2019 and concern the "applicability of Article 6(1)(b) to ...

Irish Data Protection Commission publishes guidance on common online risks

The Irish Data Protection Commission has published Guidance for data subjects entitled "What should you be aware of online? Some common online risks". The document, directed towards consumers, provides a simple but thorough overview of data protection principles such as Transparency/purpose limitation and practical advice for how data subjects can understand the risks towards ...

Don’t use consent for the processing of employee data! Greek DPA issues first fine under GDPR

The Hellenic DPA in Decision no 26/2019 decided that for personal data to be processed in compliance with the GDPR, all the principles outlined in Article 5(1) GDPR should be met. The Decision came to light after the DPA received complaints concerning the processing of PriceWaterhouseCoopers employee data where employees were required to provide their ...

Věra Jourová: SCCs to be modernised

In her intervention at the "The General Data Protection Regulation one year on: Taking stock in the EU and beyond" event held on 13 June 2019, Commissioner Věra Jourová discussed the state of the art of the GDPR, also with the aim of providing input to the next Commission who "will have to start working ...

CSA Code of Conduct for GDPR Compliance Course to take place in Amsterdam 2-3 July 2019

Enterprises around the world are looking for ways to show their compliance to Europe’s General Data Protection Regulation (GDPR). The Cloud Security Alliance (CSA) has developed a Code of Conduct designed to offer both a tool for GDPR compliance and transparency guidelines regarding the level of data protection offered by the Cloud Service Provider. The purpose ...

Call for global agreement on Data Protection

I think that today is a good day to ask the future Members of the European Parliament and American Presidential Candidates to think about a global dimension of data protection and to commit themselves to develop international legislative instruments that have the power to truly enable world-wide digital citizenship.   Read my Letter addressed to the ...

The Legal Aspects of Blockchain Technology: Smart Contracts, Intellectual Property and Data Protection: Part I

This blog series is based on a chapter for the forthcoming book entitled "Essentials of Blockchain Technology".  The chapter was written together with Martim Taborda Barata, LL.M., Senior Associate at ICT Legal Consulting International, and  lawyer registered at the Portuguese Bar Association.  Blockchain is part of the future.  Some consider it a revolutionary technology and others see it ...

PERSONAL DATA PROTECTION AND THE USE OF INFORMATION TO FIGHT ONLINE-TERRORIST PROPAGANDA, RECRUITMENT, AND RADICALIZATION: PART III

In this third blog post of my exploration into the matter based on an upcoming publication for CRC Press, part of the Online Terrorist Propaganda, Recruitment, And Radicalization Book Project that I wrote together with Dr. Milda Macenaite, I will specifically explore the legal data protection framework. The primary legal instrument in the EU regulating personal data processing in the law enforcement, i.e., in ...