Yesterday, 6 February 2020, the Data Protection as a Corporate Social Responsibility project kick-off meeting was held within the European Centre on Privacy and Cybersecurity (ECPC) within the Faculty of Law at Maastricht University. The project aims to trigger virtuous data protection competition between companies by creating an environment that identifies and promotes data protection as ...
There’s no better day than today, European Data Protection Day, to announce the 6 February kickoff meeting of the Data Protection as a Corporate Social Responsibility Research Project that I am leading at the European Centre on Privacy & Cybersecurity (ECPC) at Maastricht University. In our data-centric global economy businesses need to consider privacy and data protection as assets rather than simply ...
In a note from the Presidency to the Permanent Representatives Committee (Part 2)/Council, published on 19 December 2019, "Council position and findings on the application of the General Data Protection Regulation (GDPR)", the Presidency underlined the usefulness of Codes of Conduct, writing that: "Drafting sector-specific codes of conduct in accordance with Article 40 of ...
Article 26 GDPR on Joint controllers determines that, "Where two or more controllers jointly determine the purposes and means of processing, they shall be joint controllers. They shall in a transparent manner determine their respective responsibilities for compliance with the obligations under this Regulation, in particular as regards the exercising of the rights of the ...
The Italian DPA (Garante) has stated that it is not allowed for a company to keep the email account of a former employee active following termination of the employment relationship and to access the emails contained in the inbox. The Decision of the Garante follows a complaint from an individual who complained that their privacy ...
The Dutch DPA carried out an audit of approximately 175 websites including those of web shops, municipalities, and the media, in order to ascertain whether they comply with the requirements for the placing of tracking cookies. Almost half of the websites that use tracking cookies do not meet the consent requirements. The DPA found that “Virtually ...
On 28 November 2019 the European Data Protection Supervisor announced that "it is carrying out an investigation into the European Parliament’s use of a US-based political campaigning company to process personal data as part of its activities relating to the 2019 EU parliamentary election." In its press release the EDPS stressed that "Election campaigns are ...
The Italian Data Protection Supervisory Authority recently published the measure whereby it decided on the audit plan for this six-month period, citing one of the processing activities that could be inspected: “1. For the period from July to December 2019, the auditing activity initiated and carried out by the Data Protection Supervisory Authority, including through the Guardia di ...
Join me on Tue, Jan 21, 2020 5:00 PM - 6:00 PM CET! Register here. The nearly unlimited opportunities of present-day technologies grouped under the umbrella of ‘adtech’ – including cookies and other tracking technologies, programmatic advertising, and real-time bidding – also pose legal compliance challenges for businesses looking to take advantage of the ...
This week I attended the CSA EMEA Congress 2019 where I presented on the CSA Code of Conduct for GDPR Compliance, also in my quality of Co-Chair of the CSA PLA WG. My presentation covered the fundamentals of the GDPR and the CSA Code of Conduct and discussed the game-changers and pillars of the Code ...
Top-tier ICT, privacy & data protection lawyer and Founding Partner of ICT Legal Consulting. Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity within the Maastricht University Faculty of Law. President of the European Privacy Association. Lead Auditor BS ISO/IEC 27001:2013 (IRCA Certified).
Read more
CONNECT