You searched for:
gdpr in keywords.
Can't find what you are looking for? Try again with a
new or advanced search
65 articles matched. Most recent shown first. Showing first 10 results.
With two separate decisions, the Italian data protection authority (‘Garante’) issued two fines for overall €960,000 against Telecom Italia S.p.A. (‘TIM’), a large Italian telecommunication provider, over violations of its customers’ privacy, which included breaches of the principles of data quality and fair processing, the processing of large quantity of personal data without a legal basis and the unlawful communication of the same to third parties. Massimiliano Pappalardo, Partner at Studio Legale D&P, analyses the reasoning behind the decisions. /
read more
Judging by the number of calls and the intensity of the discussions about how to comply with the cookie consent requirement in a post-GDPR world, this issue has become a top worry for organisations and data protection officers. Partly due to the visibility of the mechanisms used to collect this consent, and partly due to the potential implications of operating a website without cookies, the dilemma around what solution to deploy has become a serious business decision. Different business stakeholders are often at odds with each other and matters are getting escalated to decision makers who had never been involved in the technically complex and largely misunderstood world of cookies. The tension is rising and yet, no approach has emerged as the preferred one among all involved. So everyone is getting anxious to find a way to do what they have always done and comply with the law. Is this panic justified? /
read more
The French Constitutional Council (‘the Constitutional Council’) ruled, on 12 June 2018, on the constitutionality of the provisions laid out in the draft Law on the Protection of Personal Data (‘the Draft Law’) implementing the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) and the Data Protection Directive with Respect to Law Enforcement (Directive (EU) 2016/680). In particular, the Constitutional Council found that the majority of the provisions of the Draft Law were in accordance with the Constitution, except for the wording ‘under the control of the public authority’ included in Article 13. Following the ruling, the Draft Law was published in the Official Gazette, on 21 June 2018, as Law No. 2018-493 of 20 June 2018 on the Protection of Personal Data, and is now fully in effect. /
read more
Guernsey and Jersey have recently reformed their respective national data protection laws in view of the entry into effect of the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’). Huw Thomas and Alexandra Gill, Counsel and Associate at Carey Olsen in the Channel Islands respectively, highlight the key areas of the reform. /
read more
With the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) upon us, Data Protection Leader spoke with Mark Webber, US Managing Partner at Fieldfisher LLP, regarding his views on how the data protection landscape has changed, his experiences in assisting clients with their GDPR compliance programmes, and what the future holds. /
read more
It has taken several years but we have finally made it… to the starting line. With the coming into effect of the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’), the modernisation of European data protection law has reached a critical milestone. New and wide-ranging accountability obligations, stronger rights for individuals and a renewed emphasis on safeguarding international data flows will lead the way in attempting to redress the balance between the use of personal data in the digital age and our fundamental right to privacy and data protection. The frenzied manner in which many organisations have approached their preparations for compliance is an indication of the complexity and the size of the task ahead. Time will tell whether the GDPR is truly effective in achieving its ambitious objective, but in the meantime we face a simple question: what should I do to get it right? /
read more
Artificial intelligence (‘AI’) and machine learning (‘ML’) technologies are entering a phase of early maturity, where human life is enhanced by computers in a symbiotic way, requiring a lot of thinking and discussion for privacy professionals. Today’s focus is on real-world implementation; serious prospects for advances in areas such as healthcare, self-driving cars and fraud prevention. /
read more
“European data protection rules will become a trademark people recognise and trust worldwide.” That is how, in January 2012, Viviane Reding - then Vice-President of the European Commission and EU Justice Commissioner - ended her announcement of the widest reform of privacy and data protection law ever attempted. Six years later, this ambitious aim is becoming a reality. Organisations from around the world and well beyond Europe are grappling with the new European General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) and its impact on their data activities. From Australian banks and South American insurers to US universities and Asian telecoms companies, determining the applicability of the GDPR to their operations has become a critical business decision. As many global companies ponder over the right strategy to privacy compliance, a key question has emerged: which organisations, and under which circumstances, are subject to the territorial scope of the GDPR? /
read more
Customer data are key in the gambling industry. The full applicability of the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) as of 25 May 2018 will oblige all gambling operators to rethink the way in which they handle one of their most valuable assets: their players’ personal data. Jenna Auwerx and Lidia Dutkiewicz, Senior Associate and Lawyer respectively at Pharumlegal, address three GDPR compliance issues that gambling operators of different sorts may be confronted with in relation to their players’ data, whether they are active in the organisation of lotteries, sports betting, or operate a casino or other games of chance. /
read more
Right from the start, EU data protection law has reserved special status for a list of particular data categories. Privacy professionals will be familiar with the concept that, when processing sensitive (or special categories) of personal data, a controller has to rely on an additional basis on top of the general requirement to rely on a lawful ground. These rules are now set out in Articles 6 and 9 of the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’). The starting point under the GDPR is that there is a general prohibition of any processing of these special categories of data under Article 9. A controller then has to argue that it can rely on one of the exceptions or derogations set out under the GDPR in order to use the data. Additionally, there is a degree of flexibility for each EU Member State to introduce its own variation of the rules permitting use of these special categories. But what makes these Article 9 categories so special? And do the stricter requirements around the use of these data categories in the GDPR make practical sense? Victoria Hordern, Head of Data Privacy at Bates Wells Braithwaite, explores. /
read more
