GDPR Data minimization in action. Danish Data Protection Authority (Datatilsynet) finds cab company Taxa 4×35’s records retention practices in violation of the GDPR data minimization principle.
The cab company removed names...more
EDPB on the ePrivacy Directive and GDPR:
In situations where the ePrivacy Directive renders more specific the rules of the GDPR, the provisions of the ePrivacy Directive take precedence over the provisions of the GDPR....more
A pre-ticked checkbox is not valid consent for placing cookies under the EU eprivacy directive – says the Advocate General to the Court of Justice of the EU in the Planet49 case....more
GDPR does NOT:
prohibit a hairdresser from telling a customer what hair color they used on their hair -
prevent the fire department from telling a property management company whether there had been a fire in one of its...more
The European Data Protection Board (EDPB) has weighed in on the ePrivacy Regulation:
EU legislators should intensify efforts towards the adoption of an ePrivacy Regulation, which is necessary to complete the EU’s framework...more
Since May 25, 2018, 206,326(!) GDPR cases have been reported by Supervisory Authorities (SAs) from 31 European Economic Area (EEA) countries.
Of those, 94,622 were initiated by individual complaints and 64,684 due to data...more
Local data protection representative – the South Korea version.
“South Korea updated its Act on the Promotion of IT Network Use and Information Protection (Network Act) in December 2018. Starting March 19, the law will...more
If you de-identify end user data, this may be a use compatible with the original purpose for which the data was provided and not require seeking consent from the individual.
So, that’s between you and the end user. What...more
The Romanian Presidency of the Council of the EU has proposed a compromise on issues that are in the way of the EU e-Privacy Regulation.
Highlights:
A user’s consent to cookies should NOT be required for technical...more
Now serving complaint #6241…
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) has published guidelines on how it will prioritize the handling of complaints filed with it under the EU General Data...more
Are inferences the next frontier of data protection? Social media and other technology companies are increasingly making inferences from data collected from individuals....more
Companies conducting clinical trials in the EU have been grappling with many questions regarding how to conduct a clinical trial that complies with the requirements of the GDPR. Two key questions have arisen:
What is the...more
Forget me yes.
The Danish data protection authority has published a practical guide on data minimization and the right of erasure under GDPR:
If you use “soft delete,” a link is deleted but not the personal information...more
Key takeaways from the European Commission (EC) decision holding Japan as providing adequate protection to personal data:
Japan ensures an adequate level of protection for personal data transferred from the EU Japan...more
An unintended consequence of the EU General Data Protection Regulation (GDPR) are fake, or nefarious requests for access to or deletion of information.
Some points to note:
If you received a (badly worded) request for...more
GDPR is here and is instrumental in bolstering individuals’ rights to their data.
The European Commission has issued a statement in honor of Data Protection Day which will be celebrated worldwide on January 28....more
Japan is the latest country to be recognized by the European Union as providing adequate protection to data. The decision is one of mutual adequacy and creates the world’s largest area of safe data flows....more
Does your company have a processing agreement with each service provider that handles personal information for you as required by the EU General Data Protection Regulation (GDPR)?
If you don’t, it may cost you 5,000 EUR...more
In its second annual review, the European Commission notes that the Privacy Shield scheme provides adequate protection for personal data but improvements are still in order.
...more
For your GDPR compliance: Have a plan. Try your best. Embrace privacy.
UK Information Commissioner Elizabeth Denham spoke recently in New Zealand about data breaches and the state of the EU General Data Protection...more
The European Parliament Committee on Civil Liberties, Justice and Home Affairs has weighed in on blockchain with the following key points:...more
Does the EU General Data Protection Regulation (GDPR) apply to me? This is a question with which many U.S.-based companies have been grappling since the GDPR took effect on May 25. Six months later, the European Data...more