Category EU General Data Protection Regulation

July 26, 2015,  Council of Ministers, data protection, EU General Data Protection Regulation, European Commission, European Parliament, News  No comments

For Working Party 29 (WP29), the role of the Data Protection Officer (DPO) under the forthcoming EU General Data Protection Regulation (GDPR) is the cornerstone of accountability as well as being a real tool of competitiveness for companies.

Tasked with the implementation of accountability tools that include the policies, procedures documentation, data protection impact assessments as well as internal training for all employees entrusted with handling customer data, the DPO is more like a ‘compliance orchestrator’ in much the same way as a conductor of a symphony orchestra, such as Parsee-born Zubin Mehta, conductor of the Israeli Philharmonic Orchestra.

In its advice not...

July 12, 2015,  Council of Ministers, EU General Data Protection Regulation, European Commission, European Parliament, Legal update  No comments

Companies and organisations that use data at the centre of their sales and marketing activities – and that’s just about everyone reading this blog – will be impacted by the forthcoming EU General Data Protection Regulation (GDPR).

Agreement between the European Parliament, Council of Ministers and European Commission now looks like a distinct possibility in November/December 2015 after which there’ll be a two-year transition period before sanctions begin to bite.

How the GDPR fits into an overall framework of changes within the European Union

EU Charter of Fundamental Rights

The Charter is an important development as it’s the first formal EU document to combine and d...

July 12, 2015,  data protection, EU General Data Protection Regulation, European Commission, European Parliament, Legal update  No comments

It’s no exaggeration to claim but when the history of data protection and privacy is written 10 years from now, one company will be credited with having had the most influence over the shape of data protection and privacy across the European Union (EU).

And it’s Google.

No week goes past without some reference to one of the most powerful digital companies on the planet. And this week just gone has been no exception.

On Thursday 9 July, Google was forced to revise its privacy policy after the Dutch Data Protection Authority (DPA) threatened to fine company €15m. Google will now have to seek new users’ permission to combine their personal data throughout its services...

June 24, 2015,  Council of Ministers, data protection, EU General Data Protection Regulation, European Commission, European Parliament, Events  No comments

Speaking after the first Trilogue meeting today, Jan Philipp Albrecht, Rapporteur for the European Parliament said that agreement between the European Commission, Parliament and Council of Ministers may be achievable by the end of 2015 alongside the Data Protection Directive for law enforcement – the so-called EU Police Directive.

Speaking to reporters, Albrecht said: “The Trilogue (negotiations) today showed very clearly that agreement is feasible if all parties are open to compromise. All parties are committed to the timetable. The texts are actually a lot closer to each other now than we thought a few months ago.”

He was referring to the versions of GDPR that each si...

June 15, 2015,  Council of Ministers, EU General Data Protection Regulation, European Parliament, Legal update, News  No comments

Speaking at a news conference a few hours ago, Věra Jourová, the European Union’s Commissioner for Justice, Consumers and Gender Equality announced that an “historic step” had been taken today as the European Council of Ministers reached agreement on the general approach on the General Data Protection Regulation (GDPR).

Latvia’s minister for justice Dzintars Rasnačs added: “We have moved a great step closer to modernised and harmonised data protection framework for the European Union...

June 9, 2015,  Banks, Council of Ministers, data protection, EU General Data Protection Regulation, European Commission, European Parliament  No comments

According to Varonis (Nasdaq:VRNS), a leading provider of software solutions for unstructured, human-generated enterprise data, banks will be among the first to be hit with massive fines for falling foul of the EU’s General Data Protection Regulation (GDPR).

In a poll conducted at Cebit – Europe’s largest IT show – the company revealed the level of how unprepared the financial services sector is to life under GDPR. Notably, 50% of all respondents that took part in the survey worked within the European banking sector.

According to Varonis, despite the small sample size of 145 respondents, its survey reflects a much wide degree of how under prepared the financial servic...

May 13, 2015,  EU General Data Protection Regulation, European Commission, European Parliament  No comments

In the last couple of weeks the blogosphere has gone into overdrive regarding the final text of the EU General Data Protection Regulation (GDPR) that’s on track to emerge before the end of the year. Agreement between the European Parliament, Council of Ministers and European Commission now looks like a distinct possibility in November 2015 after which there’ll be a two-year transition period before sanctions begin to bite.

As GDPR watchers will have already clocked, there’s been a leak on the first reading of EU Regulation by the Council of Ministers. The document runs into 630 pages and can be accessed here.

Fortunately, the fog that’s surrounded the details of the fi...

April 25, 2015,  EU General Data Protection Regulation, European Commission, European Parliament  No comments

In the media this week there’s been a fair amount of speculation as to when the EU General Data Protection Regulation (GDPR) is likely to see the light of day. Some commentators are speculating that sign-off by the European Parliament, Council of Ministers and the European Commission won’t happen until Spring 2016.

Earlier this year, a joint statement by EC vice president Andrus Ansip and EU Commissioner Věra Jourová indicated that GDPR could become law by the end of 2015. Perhaps this was wishful thinking?

And this week, some 60 pressure groups including the UK’s Open Rights Group, Liberty, the Dutch Consumer Council and US Electronic Privacy Information Centre have wr...

March 29, 2015,  EU General Data Protection Regulation  No comments

As many data protection, compliance, human resources and legal experts speculate as to the consequences that will be wrecked on all organisations as a result of the forthcoming EU General Data Protection Regulation (GDPR), there is widespread confusion across the web as to whether Bring Your Own Devices (BYOD) is still acceptable or whether organisations need to radically undertake a data protection impact assessment (DPIA) and change their internal policies as a result.

“Even though the law in this area hasn’t changed today, it would be foolhardy in the extreme for organisations not to carry out a DPIA as a precautionary measure given the massive data protection and security...

March 1, 2015,  EU General Data Protection Regulation, News  No comments

Guenther Oettinger, Europe’s digital economy chief and the German representative on the European Commission has delivered a stark warning to Google and Facebook that they must either comply with the principles of the forthcoming EU General Data Protection Regulation (GDPR) or face being thrown out of the single market.

Oettinger accused the tech giants of using “an electronic vacuum cleaner” to collect and then target advertising using detailed information of users often without their knowledge or consent.

Speaking to the Wall Street Journal, Oettinger said: “The Americans are in the lead, they’ve got the data, the business models and so the power.”

He predicted t...