Cookies and trackers sat on a wall, cookies and trackers had a great fall…
Dutch data protection authority, Autoreitpersoonsgegevens (AP), holds that the practice of a cookie banner that does not allow you to enter a...more
Trending: #GDPR.
In 2018, the European General Data Protection Regulation (GDPR) received more media coverage than Mark Zuckerberg, and was searched on Google more often than either Beyonce or Kim Kardashian – say stats...more
Since May 25, 2018, 206,326(!) GDPR cases have been reported by Supervisory Authorities (SAs) from 31 European Economic Area (EEA) countries.
Of those, 94,622 were initiated by individual complaints and 64,684 due to data...more
To better position themselves for foreign trade, on the heels of the EU General Data Protection Regulation (GDPR), many countries in the Asia Pacific are tweaking, implementing or developing their own privacy laws....more
Privacy compliance as a competitive differentiator: 97% of 3,200 companies surveyed say they are receiving auxiliary benefits today from their data privacy investments, beyond just meeting compliance requirements....more
If you de-identify end user data, this may be a use compatible with the original purpose for which the data was provided and not require seeking consent from the individual.
So, that’s between you and the end user. What...more
Now serving complaint #6241…
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) has published guidelines on how it will prioritize the handling of complaints filed with it under the EU General Data...more
Data rights > data ownership?
That’s the position taken by Privacy International in its response to the recent editorial by artist wil.i.am in The Economist which called for tech giants to pay individuals for their data:...more
Are inferences the next frontier of data protection? Social media and other technology companies are increasingly making inferences from data collected from individuals....more
Companies conducting clinical trials in the EU have been grappling with many questions regarding how to conduct a clinical trial that complies with the requirements of the GDPR. Two key questions have arisen:
What is the...more
Forget me yes.
The Danish data protection authority has published a practical guide on data minimization and the right of erasure under GDPR:
If you use “soft delete,” a link is deleted but not the personal information...more
An unintended consequence of the EU General Data Protection Regulation (GDPR) are fake, or nefarious requests for access to or deletion of information.
Some points to note:
If you received a (badly worded) request for...more
Clinical trials and the EU General Data Protection Regulation (GDPR): The European Data Protection Board (EDPB) has issued a much-awaited opinion on the legal basis for processing clinical trial data....more
A total of 41 fines have reportedly been issued for GDPR violations across the various German states.
Violations included:
A clinic accidentally handed over a copy of a severely handicapped person’s ID card to the wrong...more
Forget me yes, part two.
Austrian Data Protection Authority holds that a data controller can meet its obligations to satisfy a data subject’s erasure request under GDPR by anonymizing personal data....more
If you offer goods or services to individuals in the European Union, have an establishment in the EU or monitor the behavior of individuals in the EU, now would be a good time to review your privacy notices, your process for...more
GDPR is here and is instrumental in bolstering individuals’ rights to their data.
The European Commission has issued a statement in honor of Data Protection Day which will be celebrated worldwide on January 28....more
Does your company have a processing agreement with each service provider that handles personal information for you as required by the EU General Data Protection Regulation (GDPR)?
If you don’t, it may cost you 5,000 EUR...more
A 50 Million Euro GDPR fine recently issued by French data protection authority CNIL provides actionable lessons for companies handling personal information for advertising purposes. First and foremost, refrain from block...more
Does your company have the data processing agreements required by the EU General Data Protection Regulation (GDPR) when it engages third parties to assist with its data processing activities?
The Dutch data protection...more
A medical center contracted by an insurance company to provide examinations and studies to individuals covered by insurance may be a “data controller” under the EU General Data Protection Regulation (GDPR) says the Commission...more
The IAPP: International Association of Privacy Professionals, reports on Spain’s new GDPR implementation law, which provides clarity to some gray areas.
Highlights include: -
The data processor may address a data subject’s...more
If you are a U.S.-based entity that is subject to the EU Data Protection Regulation (GDPR), and you store personal data of EU residents and personally identifiable information of U.S. residents in a commingled database, you...more
The UK Information Commissioner’s Office (ICO) has issued expanded guidance on “Personal Data” under the EU General Data Protection Regulation (GDPR).
Here are the highlights: -
Pseudonymization does not change the status...more
Does the EU General Data Protection Regulation (GDPR) apply to my brand? This is a question with which many U.S.-based franchisors have been grappling since the GDPR took effect on May 25th. Six months later, the European...more