In Section 3.5 of Article 29 Working Party (WP29)’s Guidelines on Data Protection Officer (“DPOs”) (“Opinion”), the WP29 discusses the issue of conflict of interest for DPO. See here for more information on this opinion. The WP29 points out that while Article 38(6) GDPR allows a DPO to perform “other tasks and duties”, the organization […]
According to German data protection law, German data controllers must appoint a Data Protection Officer (“DPO“) in several cases, for example when ten or more people are involved in the automated processing of personal data. While an employee can be appointed as DPO, the appointee must be knowledgeable on data protection and must be reliable and independent. The […]
On December 13, 2016, EU Article 29 Data Protection Working Party “(WP29”) dealt with several critical matters with regards to the implementation of the General Data Protection Regulation (GDPR) and the Privacy Shield. It also dealt with the enforcement measures on cases having a cross-border effect. As for the GDPR’s implementation, the WP29 importantly adopted: […]
As of mid December 2016, around 1300 companies were active under the EU-US Privacy Shield, according to the US Department of Commerce official website. The Privacy Shield Framework has now been effective for almost 4 months and it replaced the Safe Harbor, which had around 5,500 participants by 2016. The US Department of Commerce, International Trade Administration (ITA), […]
On December 2, 2016, the Federal Communications Commission (FCC) published the Broadband Privacy Report and Order which requires broadband Internet Service Providers (ISPs) to protect users’ privacy. The rules implement the privacy requirements of Section 222 of the Communications Act for broadband ISPs, and aim at giving broadband customers more control over the use of their […]
Tags: DATA PROTECTION
On October 6, 2016, the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) (“Italian DPA”) issued an order denying the right to be forgotten to those involved in major crimes. A former city counselor involved in an investigation for corruption and fraud requested a de-indexation of some related articles. The events occurred […]
On September 19, 2016, the Oklahoma Supreme Court amended the Oklahoma Rules of Professional Conduct. Among the other amendments, a specific duty to remain “tech-savvy” was introduced as part of lawyers’ duty of competency. According to the approved text to maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law […]
On October 20, 2016, the European Data Protection Supervisor (EDPS) published Opinion 9/2016 on Personal Information Management Systems, PIMS. The opinion acknowledges that the recently adopted GDPR provides for increased transparency, powerful rights of access and data portability, giving individuals more control over their data. However, the EDPS highlighted how market conditions and business practices can […]
Tags: BIG DATA, DATA PROTECTION, INTERNATIONAL DATA PROTECTION
On October 27, 2016, the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) authorized the transfer of personal data to the U.S. according to the EU-US Privacy Shield. With its decision, the Italian DPA has aligned itself with to the European Commission’s decision of adequacy, which recognized the Privacy Shield as granting an adequate […]
On November 11, 2016, a court in Moscow upheld the decision of a lower court to block Russians from accessing LinkedIn. The court decision originated from a decision of the Russian data protection regulator (Roskomnadzor), which had found that LinkedIn had failed to maintain Russian data on Russian servers in breach of the Russian […]