Věra Jourová: SCCs to be modernised

In her intervention at the "The General Data Protection Regulation one year on: Taking stock in the EU and beyond" event held on 13 June 2019, Commissioner Věra Jourová discussed the state of the art of the GDPR, also with the aim of providing input to the next Commission who "will have to start working ...

Does Privacy Shield provide adequate protections?

On May 31st the Supreme Court of Ireland denied Facebook’s appeal to avoid referral of its recent case concerning the international transfer of personal data to the European Court of Justice.  You most likely remember the case brought forth by privacy activist and lawyer Max Schrems which questions whether the methods used by technology companies, and ...

The Dutch DPA’s rules for determining administrative fines

By No tags Permalink 0

The Dutch DPA's policy rules for determining administrative fines Co-authored with ICTLC Senior Associate Caroline Poerbodipoero The Dutch Data Protection Authority (‘DPA’), ‘Autoriteit Persoonsgegevens’, has issued policy rules on the establishment of administrative fines for GDPR infringements (as well as for infringements of Dutch data protection law). The Dutch DPA categorized the different possible GDPR infringements, ranging from ...

What does no Brexit deal mean for data protection?

The ICO has prepared a guide accessible on its website outlining the key points to be considered by UK-based entities should the UK exit the European Union without a deal on 29 March 2019. The Guidance, highlights of which are illustrated below, it relevant to UK-based businesses to which the GDPR currently applies and that send ...

BIG DATA, SMART DATA, MY DATA, YOUR DATA: SMART DATA PROTECTION BY DESIGN (PART 5)

Part 5. Core International Data Protection Principles: Purpose specification Another core principle of data protection is purpose specification, a primary instrument of international data protection that is closely related to the principles of data quality and use limitation.  The purposes for which personal data are collected need to be specified before or at the latest, at the time ...

Cloud Security Alliance Issues Code of Conduct Self-Assessment and Certification Tools for GDPR Compliance

SEATTLE, WA and LONDON – JUNE 5, 2018 – InfoSecurity Europe Conference – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today released the CSA Code of Conduct (CoC) Self-Assessment. An essential tool for those charged with General Data Privacy Requirements (GDPR) ...

Il video di Sicurezza 2017: servizio sul Convegno GDPR di Federprivacy

Convegno sul GDPR a Fiera Milano Rho in occasione di Sicurezza 2017. Il servizio sulla giornata organizzata da Ethos Media Group con il patrocinio di Federprivacy. Parlano Nicola Bernardi, Presidente di Federprivacy, Francesco Pizzetti, giurista ed ex Garante Privacy, Paolo Balboni, presidente della European Privacy Association, e Massimo Montanile, Delegato Federprivacy di Roma e DPO di Elettronica Spa.

Italy approves 6 year data retention

On 19 July 2017, during a session dedicated to the fulfilment of obligations resulting from EU membership, the Italian Chamber of Deputies approved an amendment which extends the period of retention of telephone and electronic communication traffic data to 6 years with a view of detecting and suppressing criminal offences and terrorism. The amendment still has to ...