This week I attended the CSA EMEA Congress 2019 where I presented on the CSA Code of Conduct for GDPR Compliance, also in my quality of Co-Chair of the CSA PLA WG. My presentation covered the fundamentals of the GDPR and the CSA Code of Conduct and discussed the game-changers and pillars of the Code ...
The EDPS Guidelines provide instructions to EU institutions and bodies for compliance with Regulation 2018/1725 with respect to the concepts of controller, processor and joint controllership and examines responsibilities and obligations concerning data subject rights, specific case studies for controller-processor, separate controllership and joint controllership situations and are intended to aid managment in "supporting ...
Read the official statement from the ICO here. In 2017 ICO launched a formal investigation of the growing misuse of personal data in the context of political campaigns, after which in 2018, ICO fined Facebook for sum of GBP 500,000 for "suspected failings related to compliance with the UK data protection principles covering lawful ...
Oggi sono stato intervistato da Open, la testata online di Enrico Mentana, sul tema della registrazione tramite carta d’identità per accedere ai social network. Il mio parere segue quello di Luigi Marattin, economista e deputato di Italia Viva, l’autore della proposta che sta sollevando un grande dibattito in questi giorni in Italia. Marattin ha puntato l’attenzione ...
On 17 October 2019 The European Court of Human Rights (ECHR) issued its judgment in the López Ribalda and Others v. Spain case, ruling that there had been “no violation of Article 8 (right to respect for private and family life) of the European Convention on Human Rights, and, unanimously that there had been no ...
Today, 23 October 2019, the European Commission published its report on the EU-U.S. Privacy Shield, to which approximately 5,000 companies are participating. The results of the Report are largely positive and confirm that the US ensures an adequate level of protection for the data transferred to it from the EU. Furthermore, in the Report, ...
«The GDPR came into force in May 2018 with a blaze of publicity but 18 months on, still many businesses are unclear on how at risk they are from GDPR-related sanctions. The vast majority of business leaders believe that it is essential to comply with the GDPR, especially as companies can risk crippling fines. Indeed, ...
The European Data Protection Board has published its updated Guidelines 2/2019 on the processing of personal data under Article 6(1)(b) GDPR in the context of the provision of online services to data subjects following public consultation. The Guidelines were adopted by the Board on 8 October 2019 and concern the "applicability of Article 6(1)(b) to ...
The Sri Lanakan Personal Data Protection Legislation Bill has been finalized and will be implemented over three years from the date of certification by the Speaker, providing adequate time for both the public and private sectors to implement the legislation. A Sri Lankan Data Protection Authority will also be establihsed within 18 months. ...
The Irish Data Protection Commission has published Guidance for data subjects entitled "What should you be aware of online? Some common online risks". The document, directed towards consumers, provides a simple but thorough overview of data protection principles such as Transparency/purpose limitation and practical advice for how data subjects can understand the risks towards ...
Top-tier ICT, privacy & data protection lawyer and Founding Partner of ICT Legal Consulting. Professor of Privacy, Cybersecurity, and IT Contract Law at the European Centre on Privacy and Cybersecurity within the Maastricht University Faculty of Law. President of the European Privacy Association. Lead Auditor BS ISO/IEC 27001:2013 (IRCA Certified).
Read more
CONNECT