Interesting Article on Marcus Hutchins

Schneier on Security

This is a good article on the complicated story of hacker Marcus Hutchins. bitcoin cybersecurity fraud hacking killswitch privacy ransomware

How to comply with Article 30 of the GDPR

IT Governance

What does Article 30 require? Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. What do you need to do to comply with Article 30?

My Latest Article Published at Today’s General Counsel

Getting Information Done

General Counsel Can Spur Legal Hold Success Check out my latest article which was published in the December/January 2017 digital edition of Today’s General Counsel titled: “General Counsel Can Spur Legal Hold Success” . Read the article here

My Latest Article Published at Document Strategy Magazine

Getting Information Done

How to Get Your Information Governance Projects Funded One of the big challenges for information governance professionals is getting buy-in from business stakeholders and sponsors for funding projects.

My Latest Article Published at Document Strategy Magazine

Getting Information Done

Creating a Culture of Information Management Excellence Last year, I wrote an article titled, “ What Does Culture Have to Do with Information Management? ” which made the case for addressing culture as a part of any successful information management implementation project. Today, I wanted to offer some practical advice on how to create or install a culture of information management excellence. So, how do we actually create this type of culture? Borrowing from John C.

Long Article on NSA and the Shadow Brokers

Schneier on Security

The New York Times just published a long article on the Shadow Brokers and their effects on NSA operations. Summary: it's been an operational disaster, the NSA still doesn't know who did it or how, and NSA morale has suffered considerably. This is me on the Shadow Brokers from last May.

The top 10 news articles for 2017

Information Management Resources

Data science, machine learning, artificial intelligence and big data were the topics that drew the most interest from Information Management readers. Data science Machine learning Artificial intelligence Analytics Big data

Head of Austrian DPA Appointed Chair of Article 29 Working Party

Hunton Privacy

On February 7, 2018, representatives of European Data Protection Authorities (“DPAs”) met in Brussels to appoint the new leader of the current Article 29 Data Protection Working Party (the “Working Party”). European Union International Article 29 Working Party Austria Data Protection Authority EU Member States EU Regulation Germany

Working party publishes draft of GDPR guidelines for Article 49 (export derogations)

Data Protection Report

On February 12, 2018, the Article 29 Working Party (WP29) published guidance regarding Article 49 of the General Data Protection Regulation (GDPR) for public comment. and (2) where the entity therein has committed to handle the Personal Data of European data subjects applying appropriate safeguards in accordance with Article 46 of the GDPR. The February 12 draft guidance for public comment addresses each of the exemptions specified in Article 49.

Article 29 Working Party Published Guidelines on Transparency under the GDPR

Hunton Privacy

On December 12, 2017, the Article 29 Working Party (“Working Party”) published its guidelines on transparency under Regulation 2016/679 (the “Guidelines”). Content of the notice : With respect to the content of information to be provided to data subjects, the Guidelines refer to Articles 13 and 14 of the GDPR and the Annex to the Guidelines, which list the categories of information that must be included in the notices.

Article 29 Working Party Releases Updated Standard Application Forms for BCRs

Hunton Privacy

On April 11, 2018, the Article 29 Working Party (the “Working Party”) adopted two Recommendations on the Standard Application for Approval of Data Controller or Processor Binding Corporate Rules for the Transfer of Personal Data (the “Recommendations”). These Recommendations, in the form of questionnaires, are intended to help BCR applicants demonstrate how they fulfill the requirements of Article 47 of the GDPR.

Learning Machine Learning? Six articles you don’t want to miss

IBM Big Data Hub

Digital disruption has revolutionized the way we live and do business — and machine learning is the latest wave of that revolution

Article 29 Working Party Publishes Guidance on Consent Under the GDPR

Hunton Privacy

Recently, the EU’s Article 29 Working Party (the “Working Party”) adopted guidelines (the “Guidance”) on the meaning of consent under the EU General Data Protection Regulation (“GDPR”). European Union Information Security International Article 29 Working Party Consent Data Controller Data Processor EU Regulation Privacy

Want to succeed as a CDO? 6 articles to read this week

IBM Big Data Hub

Learn more about the right way to approach your data governance governance strategy in 2018 by checking out our top performing articles

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Transparency

Hunton Privacy

On January 29, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Transparency (the “Guidelines”). CIPL believes Articles 13 and 14 of the GDPR already require sufficient information, and the risk-based approach gives organizations the opportunity to prioritize which information should be provided.

ARTICLE 29 WORKING PARTY GUIDANCE – DATA BREACH NOTIFICATIONS

DLA Piper Privacy Matters

Last week the Article 29 Data Protection Working Party released updated guidelines in relation to personal data breach notifications and automated individual decision-making and profiling under the General Data Protection Regulation. The significance of ‘awareness’ is that this concept triggered when the clock starts ticking to notify the relevant supervisory authority under Article 33(1) GDPR.

CIPL Submits Comments to Article 29 WP’s Updated BCR Working Documents

Hunton Privacy

On January 18, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its updated Working Documents, which include a table with the elements and principles found in Binding Corporate Rules (“BCRs”) and Processor Binding Corporate Rules (the “Working Documents”).

EUROPE: Article 29 Working Party publish draft Guidelines on Consent

DLA Piper Privacy Matters

On 12 December 2017, the Article 29 Working Party (WP29) published draft Guidelines on Consent under the General Data Protection Regulation (GDPR). The Guidelines begin with an overview of the elements of valid consent under Article 4(11), reiterating that consent must be (i) freely given, (ii) specific, (iii) informed, and (iv) unambiguously indicated. Article 7(3) requires controllers to ensure that consent can be withdrawn as easily it was given.

EUROPE: Article 29 Working Party publish draft Guidelines on Transparency

DLA Piper Privacy Matters

On 12 December 2017, the Article 29 Working Party (“WP29”) published draft guidance on the obligation of transparency , to be found here. In particular article 12, which cuts this principle into the following elements: 1. The post EUROPE: Article 29 Working Party publish draft Guidelines on Transparency appeared first on Privacy Matters.

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Consent

Hunton Privacy

On January 29, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Consent (the “Guidelines”). Centre for Information Policy Leadership European Union Article 29 Working Party Consent Data Controller Data Processor EU Data Protection Directive EU Regulation Privacy

Article 29 Working Party Releases Guidelines on Automated Individual Decision-Making and Profiling

Hunton Privacy

On October 17, 2017, the Article 29 Working Party (“Working Party”) issued Guidelines on Automated individual decision-making and Profiling for the purposes of Regulation 2016/679 (the “Guidelines”). When engaging in automated decision-making under the Article 22(2)(a) exception (necessary for the performance of a contract), necessity should be interpreted narrowly. European Union International Article 29 Working Party Data Controller

More articles about information management than any sane person should write

AIIM

Over 100 eBooks, Guest articles, and Tip Sheets from the past year or so -- 107 of them to be exact. Enjoy. E-books. A winning recipe: SaaS + Cloud Content Management + IaaS. Modern problems require modern solutions: Meeting the challenge of Big Content. 2017: A Digitally “Transformative” Year. Digital Preservation – Is Your Current Approach to Managing Long-Term Digital Information Failing the Business? Information Privacy and Security: GDPR is Just the Tip of the Iceberg.

Article 29 Working Party Meeting Sets Out State of Play on Privacy Initiatives

Hunton Privacy

Recently, the EU’s Article 29 Working Party (”Working Party”) held a plenary meeting to discuss, among other things, the implementation of the EU General Data Protection Regulation (“GDPR”) and the EU-U.S. Future work includes: developing a position on Article 3 of the GDPR, which pertains to the GDPR’s territorial scope; a new opinion on the proposal of the ePrivacy Regulation, which the European Commission aims to introduce alongside the GDPR.

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on ADM and Profiling

Hunton Privacy

On December 1, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Automated Individual Decision-Making and Profiling (the “Guidelines”). The meaning of “legal” effect and “similarly significant” effect must be interpreted strictly to ensure Article 22 only covers truly impactful ADM.

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Data Breach Notification

Hunton Privacy

On December 1, 2017, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Personal Data Breach Notification (the “Guidelines”). The definition of an “availability breach” used in the Guidelines does not fit the GDPR’s Article 4(12) definition of a “personal data breach.”

European Commission and Article 29 Working Party Urge Respect for International Law in Data Cases

HL Chronicle of Data Protection

Separately, Europe’s Article 29 Working Party issued a statement on data protection and privacy aspects of cross-border access to electronic evidence , warning that: “the adoption of an instrument compelling organizations not subject to the jurisdiction of an EU Member State would conflict with the applicable law and jurisdiction of the country where the organization is established. Territoriality will continue to be one of the most vexing problems for data regulation in 2018.

CMSWire Article: How Information Architecture Improves Customer Experience

JKevinParker

My latest CMSWire article is " How Information Architecture Improves Customer Experience ": Have you ever had a problem finding information on a website or app? If so, you were experiencing a poor information architecture (IA). Conversely, a great experience with a site or application is only possible with solid IA under the surface.

CMSWire Article: Why You Need a Unified Information Strategy

JKevinParker

Today my first CMSWire article was published: Why You Need a Unified Information Strategy. Information is one of the most important business assets, yet organizations continue to struggle with growing information chaos. Even with continuing advances in technology, buying more tech is not solving the problem. Yes, technology is part of the solution, but to get it right, you must get your information strategy right. Read more » I appreciate CMSWire for letting me be a contributor.

CIPL Submits Comments to Article 29 Working Party’s Draft Guidelines on the Accreditation of Certification Bodies under the GDPR

Hunton Privacy

On March 29, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its draft guidelines on the accreditation of certification bodies under the GDPR (the “Guidelines”). Centre for Information Policy Leadership European Union International Accountability Article 29 Working Party Compliance Data Protection Authority EU Regulation European Commission

Article 29 Working Party Sets Deadline to Address Privacy Shield Concerns

HL Chronicle of Data Protection

Privacy Shield framework, the Article 29 Working Party (Working Party) of EU data protection regulators has issued its own report on the matter. International/EU Privacy Article 29 Working Party automated decision-making CJEU Court of Justice of the European Union cross-border data transfer Department of Commerce Employee data EU-U.S. Hot on the heels of the European Commission’s official review of the functioning of the EU-U.S.

Articles and Presentations

ChiefTech

I'm still in the process of migrating content from my old blog - for a consolidated list of my articles, presentations and papers please see this page

GDPR Article 25 gets a boost with new software development methodology

Information Management Resources

This requirement outlines a number of controls that organizations must build into the systems that process any personal data. GDPR Compliance Compliance systems Data security Data privacy

Article 29 Working Party Releases GDPR Guidance on Consent and Transparency

Data Matters

On 28 November 2017, the Article 29 Working Party (the “ WP29 ”) published detailed draft guidelines on consent under the EU General Data Protection Regulation (the “ GDPR ”), which is to come into effect on 25 May 2018. The Consent Guidelines acknowledge that valid “informed” consent can exist, even when not all of the required information (as set out in Articles 13 and 14) are mentioned in the consent form assuming this information is provided elsewhere (e.g.

Article on Document-Level Redaction of Electronic Documents

Positively RIM

On June 30 online , KM World published an article I wrote on Document-Level Redaction of Electronic Documents. The article can be found at [link]. While this is not everyone's cup of tea, it is an important tool for many RIMmers. [As As it has fallen out of use a bit, I remind my gentle readers that RIM is an acronym for Records & Information Management.] As always, your comments are valued. Thanks for reading

Article 29 Working Party Publishes Final Guidance on Data Protection Impact Assessments

Data Matters

On 4 October 2017 the Article 29 Working Party (“ WP29 ”) published its final Guidelines on Data Protection Impact Assessment (“ DPIA ”) which were initially released in draft form in April 2017. Article 35 of the General Data Protection Regulation (“ GDPR ”) requires the use of DPIAs, or risk assessments of the proposed processing of personal data by an organisation, as part of regular business processes.

Article 29 Working Party Publishes Draft Guidelines on Notification of Personal Data Breaches Notification Under the GDPR

Data Matters

On October 3, 2017, the Article 29 Working Party (“ WP29 ”) adopted draft guidelines regarding notification of personal data breaches under the EU’s General Data Protection Regulation (“ GDPR ”) which will require breach notification within 72 hours of awareness of a breach. (“ Draft Guidelines ”) (The Draft Guidelines appear to have been released for public comment during the week of 16th October).

CIPL Submits Comments to EDPB’s Draft Guidelines on Certification and Identifying Certification Criteria in Accordance with Articles 42 and 43 GDPR

Hunton Privacy

On July 10, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP submitted formal comments to the European Data Protection Board (the “EDPB”) on its draft guidelines on certification and identifying certification criteria in accordance with Articles 42 and 43 of the GDPR (the “Guidelines”).

A Day in the Life of an SEO'd Blog Article, from the Local Washington DC SEO Provider's Perspective

Interactive Information Management

The SEO customer SAYS: "I'll write a Blog article, you SEO it, and we'll post it as part of our online marketing!" The SEO customer (hopefully) SAYS: "OK, let's get on with it, see the results, and post another Blog article as soon as possible. think Blogs are good for SEO.

SME article in Information World Review

Information Matters

Information World Review have just published my piece on how some UK SMEs are using Web services in their businesses. The online version here does not have the graphics - you will need the paper version for that

New CMSWire article: A Brief History of Social Intranets

ChiefTech

If you enjoyed my short history of intranets , you may also like to read my latest article on CMSWire, which looks specifically at the origins of social software in the enterprise : Lots of commentators point a dismissive finger at social intranets and enterprise social networks (ESNs), labeling them simply as vendor-driven hype.

Do You Suffer From Breach Optimism Bias?

Andrew Hay

Read my full article over at Forbes.com. Articles breach cyber cyber security cybersecurity optimism risk security

Couple of articles by Matt (and Keith)

ChiefTech

Matt Moore has been busy lately, writing articles for KM Review (with Keith De La Rue ), about KM for sales, and the The Australian Human Resources Institute , looking at social networking. Both articles can be downloaded from his blog. BTW I'm following Matt's advice here to " Nurture relationships with people over a period of time through small acts of generosity and trust building.

The complete Enterprise RSS Value Chain article

ChiefTech

Back in late September I mentioned I was working on an article about Enterprise RSS. To be fair to Image & Data Manager magazine subscribers I normally wait a little while before uploading a copy of the article to my online archive. The combined article also profiles two very different Enterprise RSS solutions ( Newsgator and Xenos ) and some case studies, including the now 'classic' Wallem shipping example from Attensa.