background preloader


Facebook Twitter

Tara Taubman-Bassirian

Privacy, Data Protection, Information Law, eCommerce, IP Law, internet Security consuting. will be back soon.


Entrepôts de données de santé : la CNIL lance une consultation publique sur un projet de référentiel. Qu’est-ce qu’un référentiel ?

Entrepôts de données de santé : la CNIL lance une consultation publique sur un projet de référentiel

Instruments de régulation « souple » essentiels, les référentiels ont vocation à donner davantage de sécurité juridique aux organismes. Élaborés en concertation avec les acteurs concernés, ces référentiels peuvent notamment actualiser les anciens cadres de références adoptés avant l’entrée en vigueur du RGPD, tels que les autorisations uniques (AU) et les actes réglementaires uniques (RU).

Un référentiel répond à deux objectifs principaux : guider les professionnels dans leurs démarches de mise en conformité ;constituer une aide à la réalisation d’une analyse d’impact relative à la protection des données (AIPD) dans le cas où celle-ci est nécessaire. A noter : les cadres de référence pour le secteur santé sont notamment constitués de référentiels ainsi que de méthodologies de référence permettant aux responsables de traitements conformes de remplir une déclaration de conformité : dans ce cas, ils ne sont pas soumis à une autorisation préalable de la CNIL.


Christophe Grassin on LinkedIn: #DPO #CEPD #donnéespersonnelles. Use of images of public audience. Covid passport. Employée privacy at work. Brexit and GDPR. Facebook post as proof. Jice gdpr enforcement. International Privacy Law Library. About the Library This project aims to make searchable from one location all of the databases specialising in data protection, privacy and surveillance law available on any of the Legal Information Institutes (LIIs) that collaborate with AustLII in relation to WorldLII.

International Privacy Law Library

The databases currently made searchable are listed above. For more details, see Greenleaf, G; Chung, P and Mowbray, A "Supporting and influencing data privacy practice: the free access International Privacy Law Library" (2015) 31(2) Computer Law & Security Review 221-233 Professor Graham Greenleaf, AustLII co-founder and Senior Researcher, is General Editor of the Library. A/Prof Philip Chung, AustLII Executive Director, supervises technical development. Suggestions for additional databases, or additional database content, may be sent to . Video.corriere.


Vidéoconferencing. Virtual court hearing. What We Learned From Apple’s New Privacy Labels. We all know that apps collect our data.

What We Learned From Apple’s New Privacy Labels

Yet one of the few ways to find out what an app does with our information involves reading a privacy policy. Let’s be real: Nobody does that. So late last year, Apple introduced a new requirement for all software developers that publish apps through its App Store. Apps must now include so-called privacy labels, which list the types of data being collected in an easily scannable format. The labels resemble a nutrition marker on food packaging. These labels, which began appearing in the App Store in December, are the latest attempt by tech designers to make data security and digital privacy, which are linked, easier for all of us to understand. ICO and Article 27 representative liability.

The ever-entertaining (but more importantly, ever-illuminating) Tim Turner has made available a recording of a webinar he did recently on the subject of representatives under Article 27 of the EU GDPR and the UK GDPR.

ICO and Article 27 representative liability

Such representatives are required to be designated by controllers or processors who are outside the relevant jurisdiction, but who are subject to the extra-territorial provisions of Article 3(2) of EU GDPR or UK GDPR (thus, under Article 27 EU GDPR, a company outside the EU but offering goods or service to, or monitoring the behaviour of, data subjects in the EU, must appoint a representative in the EU, and under Article 27 UK GDPR, a company outside the UK but offering goods or service to, or monitoring the behaviour of, data subjects in the UK, must appoint a representative in the UK).

I describe this as remarkable, because it seems to completely misrepresent the guidance (of the European Data Protection Board) to which it refers (and links). How to avoid consent fatigue. One of the most common elements of compliance in data privacy laws and regulations around the world is a mandatory consent requirement.

How to avoid consent fatigue

Clearly, given the legislative landscape, the consent requirement is growing and trending toward increasing stringency and complexity.


CLUBHOUSE. GDPR ENFORCEMENT DATA. CLASS ACTION. Data in law firms. Privacy v freedom of expression. Data flow outside the EEA. Autonomous arms attacks. Automated decision making and Art 22 GDPR. Artificial Intelligence. Facial recognition. Recent eu data initiatives in context infographic.

Cyber Security Infographics - The First Global Cybersecurity Observatory. EDPB Publishes Draft Recommendations on Supplementary Measures for Data Transfers. HACKMAGEDDON – Information Security Timelines and Statistics. Security and privacy laws, regulations, and compliance: The complete guide. This directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements.

Security and privacy laws, regulations, and compliance: The complete guide

Each entry includes a link to the full text of the law or reg as well as information about what and who is covered. Click on a link to skip to information and resources on that law: Broadly applicable laws and regulations Industry-specific guidelines and requirements US state laws International laws. DataRainbow – After the Storm Here Comes the Data Compliance Rainbow.

Does Facebook Still Sell Discriminatory Ads? – The Markup. In May, a Wisconsin health care agency, Tenderness Health Care, posted a job ad on Facebook looking for personal care workers.

Does Facebook Still Sell Discriminatory Ads? – The Markup

According to Facebook’s “Why am I seeing this ad” pop-up, when the agency purchased the ad, it asked Facebook to not show it to anyone over 54 years of age. And they asked Facebook to show it specifically to people who have “African American multicultural affinity.” Facebook, apparently, complied. The problem? Federal law prohibits employers from discriminating on the basis of age and race, including in advertising open jobs. Consider Personal Data as a Hot Potato. Zoom's Privacy and Security Concerns Is A Wake Up Call for GDPR.

ZOOM VIDEOCONFERENCING PRIVACY AND LIABILITY. A Proposition for A More Effective GDPR Enforcement. Schrems II Invalidation of the Privacy Shield by the ECJ. Why Privacy Matters – DataRainbow. By Tara Taubman-Bassirian In “Delete : The Virtue of Forgetting in the Digital Age”, Viktor Mayer-Schonberger from the Berkman Klein Centre of Internet and Society, exposes the permanent shadow that follows us online for ever.

Why Privacy Matters – DataRainbow

The issues of privacy and freedom that results and his suggested solution : auto-delete files or information expiry date. Changing back the default setting from remembering to forgetting. The crumbs of information left behind, get aggregated and build a picture, sometimes distorted, that follows us. Cognate Top 50 Global Experts. Since 1987, Kingston has been known for the highest quality memory and storage products available.

Cognate Top 50 Global Experts

We recognise the important role memory and storage play in computing productivity and take the necessary steps to guarantee a reliable product. Superior quality, guaranteed compatibility, convenience, stability and reliability are just a few of the values we instil in our products and staff. How to Understand the GDPR Legitimate Interest. Facebook Saga. Consent and Direct Marketing. AutonomOus cars. DRONE. Biometrics. By Tara Taubman-Bassirian LLM. UK ICO. CLASS ACTIONS. GDPR Enforcement. Employment HR. Vicarious liability. European Court of Human Rights. Coronavirus_geotracking. ZOOM_VIDEO-CONFERENCING. File transfer and GDPR compliance. BYOD. FOI. RTB-Adtech. Record of calls. Caselaw 2001 2015 en. Rights related to automated decision making. Privacy and algorithm. Privacy and algorithm.

Artificial Intelligence. EDPB Publishes Finalised Guidelines on Territorial Scope. On 15 November 2019, the European Data Protection Board ('EDPB') published its finalized Guidelines on the Territorial Scope of the GDPR.

EDPB Publishes Finalised Guidelines on Territorial Scope

The revisions to the Guidelines - highlighted in bold below - followed a period of open public consultation which ran until 18 January 2019. The GDPR applies to: European Economic Area (‘EEA’) established organizations (pursuant to Article 3(1) GDPR); and on a long-arm, extraterritorial basis to organizations which are not established in the EEA but which offer to sell goods or services to or who monitor individuals in the EEA (pursuant to Article 3(2) GDPR).

These principles, while clear on paper, are not always easy to apply in practice, and the finalization of the EDPB’s guidance will be welcomed by those grappling with this. It's time for Europe to take private data from the hands of powerful tech monopolies and give it back to the people. Infographic – Recent EU Data Initiatives in Context.