Part 3. Core International Data Protection Principles: Openness Accountability, collection limitation, purpose specification, use limitation, security, data quality, access and correction, and openness - these are all core principles of data protection that are so fundamental, they are internationally recognised. Let's start with Openness. Data controllers must always be open and transparent with respect to their developments, practices, ...
Part 2. Legal compliance = primary enabler of Smart Data and Data protection by design and by default As stated in the introductory post in this blog series, my aim is to develop a sound legal methodology for the generation of #SmartData from #bigdata in order to allow us to successfully harness value in massive datasets ...
“The oil of the 21st century”, “the fuel of the digital economy”, the “data gold rush”. There’s no doubt that data is playing an ever-more important role in both the global society and the economy. The former Article 29 Working Party, renamed European Data Protection Board on 25 May 2018, when the GDPR became directly applicable ...
The European Data Protection Board (EDPD) recently published its Opinion 23/2018 on Commission proposals on European Production and Preservation Orders for electronic evidence in criminal matters (Art. 70.1.b) which was approved on 28 September 2018. The Opinion comes in light of the April 2018 Commission two complementary legislative proposals aiming to foster coordination among EU Member State authorities ...
The EDPS has published a new Opinion on the “A New Deal for Consumers” legislative package. The package consists of two proposals: one for a Directive as regards better enforcement and modernisation of EU consumer protection rules and for a Directive on representative actions for the protection of the collective interests of consumers. You can access the ...
On 3 October 2018 the Irish Data Protection Commission (DPC) commenced an investigation into the latest Facebook data breach examining the company's compliance with GDPR obligations concerning the implementation of technical and organisational measures to ensure the security and safeguarding of the personal data it processes. The breach was notified on 28 September 2018 and the investigation ...
Intervistato da Federprivacy, spiego gli scenari internazionali della data protection alla luce del nuovo D.lgs. 101/2018, durante una pausa della mia docenza al Master Privacy Officer e Consulente della Privacy. Guardate qui.
Following approval by the Brazilian Congress of the new "Brazilian GDPR" this past July, the President of Brazil has approved the Lei Geral de Proteção de Dados Pessoais or “LGPD”, aiming to improve privacy standards and personal data protection in the country. The new Brazilian privacy legislation, Law n. 13.709/2018, amends previous privacy-related legislation in the country, namely ...
A number of Supervisory Authorities have already mentioned that their investigations on GDPR compliance will start from the analysis of the Records of processing activities (Art. 30 GDPR). By having accurate and complete Records, organisations will be able to prove that they are taking the GDPR seriously by applying a systematic approach to mapping and ...
After the second plenary meeting of the European Data Protection Board, which took place on 4 and 5 July 2018, a substantial increase in the number of complaints received by Supervisory authorities has emerged. In fact, at present there are approximately 100 cross-border cases in the Internal Market Information System (IMI) under investigation. The first results ...
Top-tier ICT, privacy & data protection lawyer and Founding Partner of ICT Legal Consulting. Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity within the Maastricht University Faculty of Law. President of the European Privacy Association. Lead Auditor BS ISO/IEC 27001:2013 (IRCA Certified).
Read more
CONNECT