On June 8, 2017, Working Party 29 (WP29) issued Opinion 2/2017 on data processing at work, which makes a “new assessment of the balance between legitimate interests of employers and the reasonable privacy expectations of employees” also considering the new challenges to data protection created by new technologies. Opinion 2/2017 updates previousOpinion 08/2001 on the processing […]
On May 11, 2017, the Spanish Data Protection Agency (DPA), the Agencia Española de Protección de Datos (AEPD) and ISMS Forum Spain, a not for profit, published a Big Data privacy code of conduct, the Código de buenas prácticas en protección de datos para proyectos de Big Data. The Code refers to Regulation […]
In its plenary meeting held in April 2017, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the s.c. General Data Protection Regulation (GDPR). In that occasion, WP29 approved the Revised Guidelines on the right to “data portability”, wp242rev.01 (Revised Guidelines), substituting the Guidelines on the right to “data portability” (Guidelines). Data portability […]
In its plenary meeting held in April 2017, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the s.c. General Data Protection Regulation (GDPR). In that occasion, WP29 approved the Revised Guidelines on The Lead Supervisory Authority, wp244rev.01 (Revised Guidelines), which contain several differences compared to the Guidelines on identifying a data controller’s lead supervisory authority (Guidelines) previously published. […]
In its plenary meeting held in April 2017, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the s.c. General Data Protection Regulation (GDPR). In that occasion, WP29 approved the Revised Guidelines on DPOs (Revised Guidelines), which contain also the following highlights compared to the Guidelines on Data Protection Officer (Guidelines) previously published. Accountability principle. The […]
In its plenary meeting held in April 2017, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the s.c. General Data Protection Regulation (GDPR). Among other documents, WP29 also adopted Guidelines on Data Protection Impact Assessment (DPIA), wp248, which will be open for public consultation for 6 weeks before their […]
In its plenary meeting held in April 2017, Working Party 29 (WP29) examined certain critical matters regarding the implementation of Regulation 2016/679, the s.c. General Data Protection Regulation (GDPR). In that occasion, WP29 approved the Revised Guidelines on DPOs (Revised Guidelines), which contain also the following highlights compared to the Guidelines on Data Protection Officer (Guidelines) previously published. Accountability principle. The Revised Guidelines clarifies […]
On March 14, 2017, the European Data Protection Supervisor (EDPS) released Opinion 4/2017 on the 2015 Proposal for a Directive (1) on certain aspects concerning contracts for the supply of digital content (1) on certain aspects concerning contracts for the supply of digital content and (2) on certain aspects concerning contracts for the online and […]
What data controllers should do before receiving a possible subject access request As a data controller, you obviously know it: one day you may receive an access request from a data subject. Being available to promptly comply with the request when you receive it is far from being enough. Indeed, there is much more that […]
What data controllers should do before receiving a possible subject access request As a data controller, you obviously know it: one day you may receive an access request from a data subject. Being available to promptly comply with the request when you receive it is far from being enough. Indeed, there is much more that […]