A Cautionary Tale for GDPR Article 5 Compliance

InfoGoTo

Recent enforcement actions by data protection authorities in the European Union demonstrate that they’re more than willing to enforce GDPR Article 5. What Does GDPR Article 5 Require? GDPR Article 5 details the standards organizations have to follow when processing personal data.

Test article

CILIP

TITLE. LOREM IPSUM DOLOR SIT AMET, CONSECTETUR ADIPISCING ELIT. DUO REGES: CONSTRUCTIO INTERRETE. PRODEST, INQUIT, MIHI EO ESSE ANIMO. SEQUITUR DISSERENDI RATIO COGNITIOQUE NATURAE; IN QUA QUID EST BONI PRAETER SUMMAM VOLUPTATEM, ET EAM SEMPITERNAM? NOS QUIDEM VIRTUTES SIC NATAE SUMUS, UT TIBI SERVIREMUS, ALIUD NEGOTII NIHIL HABEMUS. QUI AUTEM DE SUMMO BONO DISSENTIT DE TOTA PHILOSOPHIAE RATIONE DISSENTIT. AVARITIAMNE MINUIS?

Interesting Article on Marcus Hutchins

Schneier on Security

This is a good article on the complicated story of hacker Marcus Hutchins. bitcoin cybersecurity fraud hacking killswitch privacy ransomware

How to comply with Article 30 of the GDPR

IT Governance

What does Article 30 require? Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. What do you need to do to comply with Article 30?

My Latest Article Published at Today’s General Counsel

Getting Information Done

General Counsel Can Spur Legal Hold Success Check out my latest article which was published in the December/January 2017 digital edition of Today’s General Counsel titled: “General Counsel Can Spur Legal Hold Success” . Read the article here

The top 10 news articles from Information Management in 2018

Information Management Resources

A look back at the 10 top news articles, features and slideshows that were the most popular with Information Management readers. MDM Analytics Machine learning Business intelligence Artificial intelligence Big data Industry salaries Data security Data governance

My Latest Article Published at Document Strategy Magazine

Getting Information Done

Creating a Culture of Information Management Excellence Last year, I wrote an article titled, “ What Does Culture Have to Do with Information Management? ” which made the case for addressing culture as a part of any successful information management implementation project. Today, I wanted to offer some practical advice on how to create or install a culture of information management excellence. So, how do we actually create this type of culture? Borrowing from John C.

The top 10 news articles for 2017

Information Management Resources

Data science, machine learning, artificial intelligence and big data were the topics that drew the most interest from Information Management readers. Data science Machine learning Artificial intelligence Analytics Big data

Long Article on NSA and the Shadow Brokers

Schneier on Security

The New York Times just published a long article on the Shadow Brokers and their effects on NSA operations. Summary: it's been an operational disaster, the NSA still doesn't know who did it or how, and NSA morale has suffered considerably. This is me on the Shadow Brokers from last May.

My MEDIUM Article: Deepfakes and Deep Video Portraits?—?What are they and what is the difference?

Architect Security

Check out my latest article on MEDIUM: Deepfakes and Deep Video Portraits?—?What Media MEDIUM Articles Privacy Social Media TechWhat are they and what is the difference? link].

Article from a Former Chinese PLA General on Cyber Sovereignty

Schneier on Security

Interesting article by Major General Hao Yeli, Chinese People's Liberation Army (ret.), a senior advisor at the China International Institute for Strategic Society, Vice President of China Institute for Innovation and Development Strategy, and the Chair of the Guanchao Cyber Forum.

My MEDIUM Article: Is it even possible to be “completely secure”?

Architect Security

Check out my latest article on MEDIUM: Is it even possible to be “completely secure”? Business Defense Devil's Advocate Humans MEDIUM Articles Mobile and Device Personal Security Privacy Softwarelink].

Blog Recap: The Web Data Extraction Articles You Liked Most in 2018

Connotate

As 2018 is coming to a close, we at Connotate are looking back at the blog posts we published this year to see which ones you responded to the most. In case you missed some of the posts and only have time to read the most popular ones — here are the top five most […].

Illinois BIPA Suit Dismissed for Lack of Article III Standing

Hunton Privacy

The cases subsequently were consolidated, and on December 29, 2018, the Northern District of Illinois dismissed the case on standing grounds, finding that despite the existence of statutory standing under BIPA, neither plaintiff had claimed any injury that would support Article III standing. Robins , the Supreme Court held that Article III standing requires a concrete and particularized injury even in the context of a statutory violation.

Article 29 Working Party Releases GDPR Action Plan for 2017

Hunton Privacy

On January 16, 2017, the Article 29 Working Party (“Working Party”) published further information about its Action Plan for 2017 , which sets forth the Working Party’s priorities and objectives in the context of implementation of the EU General Data Protection Regulation (“GDPR”) for the year ahead. International Article 29 Working Party Data Protection Authority Data Transfer EU Regulation

Want to succeed as a CDO? 6 articles to read this week

IBM Big Data Hub

Learn more about the right way to approach your data governance governance strategy in 2018 by checking out our top performing articles

Head of Austrian DPA Appointed Chair of Article 29 Working Party

Hunton Privacy

On February 7, 2018, representatives of European Data Protection Authorities (“DPAs”) met in Brussels to appoint the new leader of the current Article 29 Data Protection Working Party (the “Working Party”). European Union International Article 29 Working Party Austria Data Protection Authority EU Member States EU Regulation Germany

Learning Machine Learning? Six articles you don’t want to miss

IBM Big Data Hub

Digital disruption has revolutionized the way we live and do business — and machine learning is the latest wave of that revolution

Article 29 Working Party Published Guidelines on Transparency under the GDPR

Hunton Privacy

On December 12, 2017, the Article 29 Working Party (“Working Party”) published its guidelines on transparency under Regulation 2016/679 (the “Guidelines”). Content of the notice : With respect to the content of information to be provided to data subjects, the Guidelines refer to Articles 13 and 14 of the GDPR and the Annex to the Guidelines, which list the categories of information that must be included in the notices.

Working party publishes draft of GDPR guidelines for Article 49 (export derogations)

Data Protection Report

On February 12, 2018, the Article 29 Working Party (WP29) published guidance regarding Article 49 of the General Data Protection Regulation (GDPR) for public comment. and (2) where the entity therein has committed to handle the Personal Data of European data subjects applying appropriate safeguards in accordance with Article 46 of the GDPR. The February 12 draft guidance for public comment addresses each of the exemptions specified in Article 49.

Article 29 Working Party Publishes Guidance on Consent Under the GDPR

Hunton Privacy

Recently, the EU’s Article 29 Working Party (the “Working Party”) adopted guidelines (the “Guidance”) on the meaning of consent under the EU General Data Protection Regulation (“GDPR”). European Union Information Security International Article 29 Working Party Consent Data Controller Data Processor EU Regulation Privacy

ARTICLE 29 WORKING PARTY GUIDANCE – DATA BREACH NOTIFICATIONS

DLA Piper Privacy Matters

Last week the Article 29 Data Protection Working Party released updated guidelines in relation to personal data breach notifications and automated individual decision-making and profiling under the General Data Protection Regulation. The significance of ‘awareness’ is that this concept triggered when the clock starts ticking to notify the relevant supervisory authority under Article 33(1) GDPR.

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Transparency

Hunton Privacy

On January 29, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Transparency (the “Guidelines”). CIPL believes Articles 13 and 14 of the GDPR already require sufficient information, and the risk-based approach gives organizations the opportunity to prioritize which information should be provided.

Article 29 Working Party Releases Updated Standard Application Forms for BCRs

Hunton Privacy

On April 11, 2018, the Article 29 Working Party (the “Working Party”) adopted two Recommendations on the Standard Application for Approval of Data Controller or Processor Binding Corporate Rules for the Transfer of Personal Data (the “Recommendations”). These Recommendations, in the form of questionnaires, are intended to help BCR applicants demonstrate how they fulfill the requirements of Article 47 of the GDPR.

EUROPE: Article 29 Working Party publish draft Guidelines on Consent

DLA Piper Privacy Matters

On 12 December 2017, the Article 29 Working Party (WP29) published draft Guidelines on Consent under the General Data Protection Regulation (GDPR). The Guidelines begin with an overview of the elements of valid consent under Article 4(11), reiterating that consent must be (i) freely given, (ii) specific, (iii) informed, and (iv) unambiguously indicated. Article 7(3) requires controllers to ensure that consent can be withdrawn as easily it was given.

EUROPE: Article 29 Working Party publish draft Guidelines on Transparency

DLA Piper Privacy Matters

On 12 December 2017, the Article 29 Working Party (“WP29”) published draft guidance on the obligation of transparency , to be found here. In particular article 12, which cuts this principle into the following elements: 1. The post EUROPE: Article 29 Working Party publish draft Guidelines on Transparency appeared first on Privacy Matters.

Article 29 Working Party Releases Opinion on Data Processing at Work

Hunton Privacy

The Article 29 Working Party (“Working Party”) recently issued its Opinion on data processing at work (the “Opinion”). The Opinion considers data protection by design, data protection impact assessments and Article 88 with respect to processing employee data.

CIPL Submits Comments to Article 29 WP’s Updated BCR Working Documents

Hunton Privacy

On January 18, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its updated Working Documents, which include a table with the elements and principles found in Binding Corporate Rules (“BCRs”) and Processor Binding Corporate Rules (the “Working Documents”).

Article 29 Working Party Releases GDPR Implementation Guidance and Announces Privacy Shield Developments

Hunton Privacy

On December 15, 2016, the Article 29 Working Party (“Working Party”) issued a press release announcing its December 13, 2016, adoption and release of three sets of guidelines and FAQs on key implementation issues under the EU General Data Protection Regulation (“GDPR”): Guidelines and FAQs on the Right to Data Portability; Guidelines and FAQs on Data Protection Officers (DPO); and.

GDPR Article 25 gets a boost with new software development methodology

Information Management Resources

This requirement outlines a number of controls that organizations must build into the systems that process any personal data. GDPR Compliance Compliance systems Data security Data privacy

CMSWire Article: How Information Architecture Improves Customer Experience

JKevinParker

My latest CMSWire article is " How Information Architecture Improves Customer Experience ": Have you ever had a problem finding information on a website or app? If so, you were experiencing a poor information architecture (IA). Conversely, a great experience with a site or application is only possible with solid IA under the surface.

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Consent

Hunton Privacy

On January 29, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Consent (the “Guidelines”). Centre for Information Policy Leadership European Union Article 29 Working Party Consent Data Controller Data Processor EU Data Protection Directive EU Regulation Privacy

Article 29 Working Party Releases Guidelines on Automated Individual Decision-Making and Profiling

Hunton Privacy

On October 17, 2017, the Article 29 Working Party (“Working Party”) issued Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679 (the “Guidelines”). When engaging in automated decision-making under the Article 22(2)(a) exception (necessary for the performance of a contract), necessity should be interpreted narrowly. European Union International Article 29 Working Party Data Controller

CMSWire Article: Why You Need a Unified Information Strategy

JKevinParker

Today my first CMSWire article was published: Why You Need a Unified Information Strategy. Information is one of the most important business assets, yet organizations continue to struggle with growing information chaos. Even with continuing advances in technology, buying more tech is not solving the problem. Yes, technology is part of the solution, but to get it right, you must get your information strategy right. Read more » I appreciate CMSWire for letting me be a contributor.

My MEDIUM Article, “Cybersecurity Trends for 2019?—?The Good and The Bad?”

Architect Security

Check out my latest article on MEDIUM: Cybersecurity Trends for 2019?—?The The Good and The Bad

Article 29 Working Party Meeting Sets Out State of Play on Privacy Initiatives

Hunton Privacy

Recently, the EU’s Article 29 Working Party (”Working Party”) held a plenary meeting to discuss, among other things, the implementation of the EU General Data Protection Regulation (“GDPR”) and the EU-U.S. Future work includes: developing a position on Article 3 of the GDPR, which pertains to the GDPR’s territorial scope; a new opinion on the proposal of the ePrivacy Regulation, which the European Commission aims to introduce alongside the GDPR.

GDPR 43

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on ADM and Profiling

Hunton Privacy

On December 1, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Automated Individual Decision-Making and Profiling (the “Guidelines”). The meaning of “legal” effect and “similarly significant” effect must be interpreted strictly to ensure Article 22 only covers truly impactful ADM.

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Data Breach Notification

Hunton Privacy

On December 1, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Personal Data Breach Notification (the “Guidelines”). The definition of an “availability breach” used in the Guidelines does not fit the GDPR’s Article 4(12) definition of a “personal data breach.”

Articles and Presentations

ChiefTech

I'm still in the process of migrating content from my old blog - for a consolidated list of my articles, presentations and papers please see this page

European Commission and Article 29 Working Party Urge Respect for International Law in Data Cases

HL Chronicle of Data Protection

Separately, Europe’s Article 29 Working Party issued a statement on data protection and privacy aspects of cross-border access to electronic evidence , warning that: “the adoption of an instrument compelling organizations not subject to the jurisdiction of an EU Member State would conflict with the applicable law and jurisdiction of the country where the organization is established. Territoriality will continue to be one of the most vexing problems for data regulation in 2018.