Register today for our online course 17 – 20 November 2020 (from 15:00-19:00 CEST) Become a qualified Code of Conduct (CoC) auditor and gain an in-depth understanding of how the CSA Code of Conduct for GDPR Compliance works! Are you a professional wanting to guide organisations toward GDPR compliance? Do you have knowledge about the inner workings of a Code of ...
This is true not only in monetary terms, but information security could even be a question of life and death. In September 2020, a breaking article confirmed the inevitable - the first death caused by a ransomware attack. The alleged victim is a woman who necessitated urgent medical care and had to be re-rerouted to another hospital as a ...
I just attended today’s online LIBE meeting on possible solutions following the CJEU’s “Schrems II” decision, where it was recognized that the question of data transfers to third countries is fundamentally a geopolitical matter before being a legal one. In this way, legal certainty should be re-established as soon as possible – but such an achievement ...
I was recently interviewed by Tax Analysts journalist William Hoke. Read more of what I had to say about malware and the importance of carrying out adequate cybersecurity risk assessments and analyses on software before implementing such technologies within organizations. Read the entire article here.
Council of the European Union, 30 July 2020 This past July, the Council of the European Union announced Council Decision (CFSP) 2020/1127 of 30 July 2020 amending Decision (CFSP) 2019/797 concerning restrictive measures against cyber-attacks threatening the Union or its Member States. For the first time, the Council used the "options available in the EU’s cyber diplomacy toolbox to ...
After the official statements of the European Data Protection Board (EDPB) and several Supervisory Authorities (SAs), it is clear that at the moment there is no practical way for data to lawfully flow from the EU to the US. The reasoning in 5 steps: On 16 July 2020 the Court of Justice of the European Union (CJEU) invalidated the European ...
Today the European Data Protection Board published its Frequently Asked Questions on the judgment of the Court of Justice of the European Union in Case C-311/18 - Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems, adopted on 23 July 2020. The FAQ, which "will be developed and complemented along with further analysis, as ...
This blog is part of a multi-part series, “A new age of data transfers”, which will explore the practical implications of the Court of Justice of the European Union’s judgement in Case C-311/18 “Schrems II”. Following the invalidation of the Privacy Shield on 16 July 2020 by the Court of Justice of the European Union, the situation ...
The Italian Data Protection Authority has continued its investigation into telephone operators following a significant number of complaints related to marketing activities, fining Wind Tre Spa approximately 17 million Euro for unlawful data processing. In the course if its investigation, the authority found that users had been contacted by SMS, email, fax, phone and automated calls in absence of having ...
Last week Apple announced an important strategic step forward in the protection of the privacy and data protection rights of its users by way of an enhanced privacy feature that it has called a "Privacy Nutrition label". Using icons in combination with clear and simple language, the information provided by way of Apple’s pop-up "label" ...
Top-tier European ICT, Privacy & Cybersecurity lawyer. Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity (ECPC) within the Maastricht University Faculty of Law. Founding Partner of ICT Legal Consulting. Lead Auditor BS ISO/IEC 27001:2013.
Read more
CONNECT