The CNIL, the French Data Protection Authority, has made available a software update to carry out a data protection impact assessment (DPIA). The software update can be downloaded at https://www.cnil.fr… The corresponding Italian version has been developed with the Garante per la protezione dei dati personali. See www.garanteprivacy.it… For more information on how […]
Essay on whether GDPR’s sanctions for violations are covered by Cyber-Insurance. The full text is available at https://www.culhanemeadows.com…
The Information Commissioner’s Office – ICO – published a resourceful page concerning the right to be informed. The right to be informed covers some of the key transparency requirements of the GDPR. It is about providing individuals with clear and concise information about how their personal data are processed. Among the answers to several questions concerning the right to […]
A guide to the insurability of GDPR fines across Europe DLA Piper has partnered with AON to provide insight into the insurability of GDPR fines across Europe ands the potential financial impact of a data breach. The report is available at https://www.dlapiper.com…
In its plenary meeting held in April 2018, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the s.c. General Data Protection Regulation (GDPR) and adopted several key documents for the preparation of its application on the 25th of May 2018 such as the guidelines on consent and the guidelines on transparency. […]
EU Data Protection Authorities released useful Data Protection Impact Assessment tools (DPIAS) Belgium: the Commission for the Protection of Privacy, Commissie voor de bescherming van de persoonlijke levenssfeer (CBPL) issued a Recommandation d’initiative concernant l’analyse d’impact relative à la protection des données (n° 01/2018) Cyprus: the Office of the Commissioner for Personal Data Protection, Γραφείου Επιτρόπου Προστασίας Δεδομένων […]
The Information Commissioner’s Office ICO published a resourceful page concerning the right to data portability. The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. Among the answers to several data portability related questions, the page contains a checklists for preparing for and complying with requests […]
Several DPAs have issued guidance on how individuals can exercise their rights as data subjects vis-a-vis social media platforms. See for example: – ICO – United Kingdom: https://ico.org.uk… – Data Protection Commissioner – Ireland: https://dataprotection.ie… – Croatian Data Protection Agency: request for the protection of rights request for removing personal data from social networks reporting […]
The Information Commissioner Officer (ICO) – the U.K. Data Protection Authority – published several useful resource to help getting ready for the GDPR. Here is a list: GDPR myth busting blogs Guide to the General Data Protection Regulation Getting ready for the GDPR self assessment checklist GDPR FAQs Lawful basis interactive tool Advice service for […]
In March 2018, the Garante per la Protezione dei Dati Personali, Italy’s Data Protection Authority, issued a fine of Euros 32,000 against the Rousseau association, controller of the processing of data of the website users of the Italian political party “5-Star” (Cinque Stelle). Federprivacy reports. After a data breach, the Italian DPA started investigating whether […]