background preloader

GDPR

Facebook Twitter

EU Regulation 2016/679 (the General Data Protection Regulation, or "GDPR")

GDPR new text

The regulations's text. From the Privacy experts corner. Press Reports. Safe Habor ECJ decision. Draft EU Data Protection Regulation - progress update and urgent. Privacy.

Future-Proofing Privacy: New and Stronger Rights. Agreement on Commission's EU data protection reform will boost Digital Single Market. The European Commission put forward its EU Data Protection Reform in January 2012 to make Europe fit for the digital age (IP/12/46).

Agreement on Commission's EU data protection reform will boost Digital Single Market

Today, an agreement was found with the European Parliament and the Council, following final negotiations between the three institutions (so-called 'trilogue' meetings). British supermarket chain faces group litigation action in the UK based on data breach - Data Protection Report. In November of 2015, the English High Court in London approved a Group Litigation Order (“GLO”) allowing employees of one of the United Kingdom’s largest supermarket chains to join the pending action.

British supermarket chain faces group litigation action in the UK based on data breach - Data Protection Report

The action arises out of a data security breach that occurred in March of 2014 when a disgruntled former employee stole and published payroll details for approximately 100,000 employees. We believe it may be the first GLO approved for claims arising out of a data breach. The former employee, who was sentenced to an eight year term of imprisonment, uploaded employee “salaries, National Insurance numbers, dates of birth and bank account details” to data-sharing websites. Enforcement tracker 2015. 2015, the year when the final alarm was sounded: change, or be changed Welcome to the second annual PwC Privacy and Security Enforcement Tracker, where we review the previous year’s key regulatory enforcement cases in the UK and in twenty other countries.

Enforcement tracker 2015

Twelve months ago we published the 2014 Tracker, calling that year the year of citizen, regulator and judicial activism. Our key message was that privacy and security breaches were being subjected to increasingly adverse, active scrutiny. Your%20Guide%20to%20Data%20Protection%20in%20CEE. Julie Brill: Why the EU-U.S. Privacy Shield will work - The Digital Post. The Digital Post speaks with FTC Commissioner Julie Brill about the new ‘Safe Harbour’, the implications of the EU privacy reform, and privacy issues arising from the boom of the Internet of Thing.

Julie Brill: Why the EU-U.S. Privacy Shield will work - The Digital Post

The Digital Post: The European Union and the United States of America have reached an agreement on a new Safe Harbour data treaty. What are in your view the main achievements of the deal? What would have been the concrete risks if an agreement weren’t signed? Julie Brill: The main achievement of Privacy Shield is that it provides strong privacy protections for European consumers and creates a framework for more parties to engage in active supervision and stronger enforcement cooperation. With respect to commercial data practices, Privacy Shield will provide stronger privacy protections than Safe Harbor did – through beefed up onward transfer requirements, and in other ways. Of course, Privacy Shield still has many steps to take before it receives approval. Picture Credits: Josh Hallett. Createsend. What privacy regulations should enterprises follow? - Ki Design Magazine.

Article posted on : link to source The U.S. government has come under fire lately for having outdated and obsolete privacy regulations and laws that… Privacy regulations in the United States have long come under fire by privacy advocates.

What privacy regulations should enterprises follow? - Ki Design Magazine

Unlike European Union countries, the U.S. does not have an overarching privacy regulation that comprehensively protects personally identifiable information. Instead, the U.S. takes the approach of regulating specific industries and categories of information with a patchwork of overlapping privacy regulations. For example, HIPAA governs healthcare information, but only when it is used by healthcare providers, health insurers, health information clearinghouses or the business associates of any of those entities. Dropbox gears up for new EU data protection rules. Cloud file storage provider Dropbox is preparing to help organisations comply with the European Union’s General Data Protection Regulation (GDPR), which is expected to come into effect in 2018.

Dropbox gears up for new EU data protection rules

“We have sweated the details already, which means organisations don’t have to worry about compliance,” said Mark Crosbie, head of trust and security for Dropbox in Europe. Dropbox is one of the first organisations to be certified as compliant with the new ISO27018 code of practice for protection of personally identifiable information (PII) in public clouds. “The processes we have had to go through to get this certification – which is reassessed annually – has put us in really good place for being ready for the GDPR as well as the Privacy Shield data transfer framework,” he told Computer Weekly. Although Dropbox is US-based, more than 70% of its claimed 500 million users are outside the US, and so the company has already put a lot of effort into security and privacy in a global context. Banning teenagers from social media would be an attack on their human rights. The European commission’s General Data Protection Regulation, voted on last week, aims to give consumers more control over their personal information and more transparency on how their information is used by companies and governments.

Banning teenagers from social media would be an attack on their human rights

As far as adult internet users are concerned, the reforms presented in these new regulations are mostly empowering. But, whether intentional or not, they could wind up disempowering and disenfranchising millions of young internet users. When first drafted, the regulations generally reflected the status quo in most of Europe, the US and other regions, by requiring parental consent before commercial services could process personal information from children under 13. But, at the last minute, the age was raised to 16, effectively banning children from accessing Facebook, Snapchat, Instagram and other services without parental consent. Legal and moral issues aside, there are also practical considerations. Questions and Answers – Data protection reform. Author: European Commission.

Questions and Answers – Data protection reform

Strade - Europe at the forefront of data protection legislation. The long-awaited European data protection reform has nearly reached the finish line in this whirlwind third week of December.

Strade - Europe at the forefront of data protection legislation

On Tuesday, 15 December, the European Commission, Council, and Parliament reached a political agreement under pressure from the Council to wrap up the reform before the end of the year. On Thursday, just two days later, the compromise text was confirmed at an extraordinary Civil Liberties Committee (LIBE) session in Strasbourg, and on Friday, 18 December, the Permanent Representatives Committee confirmed the compromise texts of the data protection reform agreed upon with the Parliament. All in all, it’s been quite a week for a reform that’s been in the making for nearly four years. Download. EDRi - Protecting digital freedom. No more social networking for young teens? Following the announcement that the EU has finally agreed updated data protection legislation after four years of protracted discussions, Professor Sonia Livingstone discusses the impact the legislation will have on children and, in particular, on how children interact with social networking platforms.

No more social networking for young teens?

It’s been an extraordinary week for policy and research folk concerned about teenage social networking. The Final Draft of Europe's "Right to Be Forgotten" Law. The probably-really-almost-totally final 2016 General Data Protection Regulation (GDPR) is here! Lawyers around the world have been hunkered down, analyzing its 200-plus pages. In the “Right to Be Forgotten” (RTBF) provisions, not much has changed from prior drafts. The law still sets out a notice and takedown process that strongly encourages Internet intermediaries to delete challenged content, even if the challenge is legally groundless. The problems I identified in earlier drafts could have been avoided with simple changes – putting procedural checks on invalid erasure requests, while giving effect to valid ones. Those changes would not have diminished any gains for online privacy rights under the GDPR, or affected Internet users’ ability to delete data collected by companies and held in back-end logs, accounts, or profiling systems.

Welcome. The relevant text – and age verification puts in an appearance. The relevant text – and age verification puts in an appearance The text that was agreed last night reads as follows Article 8Conditions applicable to child’s consent in relation to information society services ….. in relation to the offering of information society services directly to a child, the processing of personal data of a child below the age of 16 years, or if provided for by Member State law a lower age which shall not be below 13 years, shall only be lawful if and to the extent that such consent is given or authorised by the holder of parental responsibility over the child. 1a.

The controller shall make reasonable efforts to verify in such cases that consent is given or authorised by the holder of parental responsibility over the child, taking into consideration available technology. UK law will be changed. EU data protection reform: Council confirms agreement with the European Parliament. General data protection regulation The general data protection regulation aims at enhancing the level of data protection for individuals whose personal data is processed and increasing business opportunities in the digital single market including through reduced administrative burden. Political agreement reached on the EU DP Regulation and Directive - Privacy Laws & Business. eMeeting. Back EN - English LIBE - Civil Liberties, Justice and Home Affairs 🔦Agenda: Adoption of agenda Documents. "Important step towards a level playing field" Dec 16, 2015 In this interview, Thomas Kremer explains what has changed this year as regards data protection and security.

EU privacy law to require opt-in and make data processors share in responsibility. The shape of future European Union privacy legislation is becoming clearer, as lawmakers closed in on an agreement late Tuesday. Companies will have to obtain customers' consent before collecting and processing their personal data, and could be fined as much as 4 percent of annual revenue for breaches of the rules. Data Protection Package - The bare essentials appear to have been salvaged from the lobby storm. By Joe McNamee. EU Gives Thumbs-Up On Stricter Data Privacy Laws. Arcades_teaching_handbook_final_EN.