Article and Exercises - Information Management Today

GDPR Article 17: What Is the Right to Erasure?

IT Governance

MARCH 30, 2023

Article 17 of the GDPR (General Data Protection Regulation) plays a distinctive yet essential role in data protection law. These rights can be exercised by first submitting a DSAR (data subject access request). A request is deemed unfounded if the individual has not provided a clear reason why they are exercising their right.

GDPR

GDPR Personal data Compliance Government

Article 28 Standard Contractual Clauses

DLA Piper Privacy Matters

JUNE 10, 2021

However, it shouldn’t be overlooked that another set of standard clauses has been issued by the EU, namely the Article 28 Standard Clauses. These are contained in Article 28 of the GDPR. The EU has published a new set of Article 28 Standard Clauses. The EU has published a new set of Article 28 Standard Clauses.

Personal data

Personal data GDPR Compliance Data breaches

Privacy notices – the ICO follows the lead of the EU data protection authorities in their interpretation of Article 13 UK GDPR

Data Protection Report

JUNE 6, 2023

Whilst a significant part of the MPN is focussed on TikTok’s non compliance with the rules around processing children’s personal data, the MPN also clarifies how the ICO interprets the requirements in Article 13 of the UK GDPR more generally. This is not the case for most companies and so some of the MPN should be read with that in mind.

Privacy

Privacy GDPR Personal data Compliance

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

UK Defence Secretary jet hit by an electronic warfare attack in Poland

Security Affairs

MARCH 15, 2024

” reads the article published by The SUN. ” Steadfast Defender 2024 is NATO’s largest military exercise since the Cold War aimed at testing the alliance’s readiness and ability to defend itself across multiple domains. The exercise is held from January 22nd to May 31st, 2024.

Communications

Communications Military Risk IT

How to comply with Article 30 of the GDPR

IT Governance

JUNE 21, 2018

What does Article 30 require? Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. What do you need to do to comply with Article 30? But data flow maps are about more than being organised and efficient.

GDPR

GDPR Personal data Risk Cloud

I think, therefore I modernize: introducing Enterprise Suite 6.0

Micro Focus

JUNE 25, 2020

I need to change – IT needs to change Rapid and large-scale IT change is a very costly exercise. View Article. Worse still, it is fraught with risk, the IT world beset with uncomfortable stories of failed transformational programs. CIOs can ill-afford such risk.

Risk

Risk IT

Laying the Path for a Successful IT Modernization Exercise

Micro Focus

JANUARY 28, 2019

View Article. Nevertheless, any big transformation can have a wide-ranging impact on the organization. So, it needs to be well thought out. Primarily, enterprises are looking to modernize for two main reasons. One, they are keen to futureproof their business by.

IT

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Transparency

Hunton Privacy

FEBRUARY 2, 2018

On January 29, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Transparency (the “Guidelines”). The Guidelines were adopted by the Working Party on November 28, 2017, for public consultation.

GDPR

GDPR Privacy Paper Archiving

“Staying Current” is Not Just a Fashion Statement

Micro Focus

SEPTEMBER 20, 2021

Keeping up with the latest fashion trends can be an uncomfortable and costly exercise. View Article. Having mistakenly perceived the wisdom of flared trousers, twice, I am fully aware of such risks. In the software world, too, being addicted to new and shiny objects is a fool’s errand. Tech trends do come and go and only time.

Risk

Article 29 Working Party Publishes Final Guidance on Data Protection Impact Assessments

Data Matters

OCTOBER 20, 2017

On 4 October 2017 the Article 29 Working Party (“ WP29 ”) published its final Guidelines on Data Protection Impact Assessment (“ DPIA ”) which were initially released in draft form in April 2017. The post Article 29 Working Party Publishes Final Guidance on Data Protection Impact Assessments appeared first on Data Matters Privacy Blog.

GDPR

GDPR Personal data Risk Data collection

CIPL Submits Comments to Article 29 WP’s Updated BCR Working Documents

Hunton Privacy

FEBRUARY 5, 2018

The Working Party should clarify that companies with approved BCR-C do not have to implement additional controller-processor contracts reiterating the processors’ obligations under Article 28(3) of the GDPR with respect to internal transfers between controllers and processors within the same group of companies. General BCR Recommendations.

GDPR

GDPR Paper Compliance Access

Working party publishes draft of GDPR guidelines for Article 49 (export derogations)

Data Protection Report

MARCH 5, 2018

On February 12, 2018, the Article 29 Working Party (WP29) published guidance regarding Article 49 of the General Data Protection Regulation (GDPR) for public comment. The February 12 draft guidance for public comment addresses each of the exemptions specified in Article 49. See Nowak, Khan and Kessler Article. the U.S.);

GDPR

GDPR Personal data e-Discovery Risk

North Korea-linked Konni APT uses Russian-language weaponized documents

Security Affairs

NOVEMBER 24, 2023

Upon enabling the macro, the embedded VBA displays a Russian article titled “Western Assessments of the Progress of the Special Military Operation.” “As this malware continues to evolve, users are advised to exercise caution with suspicious documents.” The Word document seems to be in the Russian language.

Encryption

Encryption Military Phishing Communications

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Consent

Hunton Privacy

FEBRUARY 2, 2018

On January 29, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party (the “Working Party”) on its Guidelines on Consent (the “Guidelines”). The Guidelines were adopted by the Working Party on November 28, 2017, for public consultation.

GDPR

GDPR Paper Risk IT

The Netherlands – DPA imposes EUR 830,00 fine for access request fees

DLA Piper Privacy Matters

JULY 8, 2020

Article 12(2) GDPR states that the controller shall facilitate the exercise of, inter alia, the right of access (Article 15 GDPR). The Dutch DPA concluded that the barriers imposed by BKR to exercise the right of access were too high and as such constitute a breach of the GDPR.

Access

Access GDPR Personal data IT

EDPB Adopts Guidelines on the Processing of Health Data During COVID-19

Hunton Privacy

APRIL 22, 2020

The aim of the Guidelines is to provide clarity on the most urgent matters relating to health data, such as legal basis for processing, the implementation of adequate safeguards and the exercise of data subject rights. Researchers should keep in mind that study participants must be able to withdraw their consent at any time.

GDPR

GDPR Personal data IT Privacy

UK: Lloyd v Google LLC – data protection class action claims

DLA Piper Privacy Matters

JULY 13, 2021

If the “same interest” test is satisfied, should the Court exercise its discretion and disallow the representative action proceeding in any event? An article on the Judgment will be posted on the day of its release.

Privacy

Privacy IT

Dutch DPA Issues Record Fine for Violating GDPR Data Subject Rights

HL Chronicle of Data Protection

JULY 7, 2020

Under the European Union’s General Data Protection Regulation (GDPR), individuals have the right to access personal data collected about them, and to exercise that right easily and at reasonable intervals. The controller shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request.

GDPR

GDPR Personal data Data collection Access

Dutch DPA Fines Company 525,000 EUR for Failure to Designate EU Representative

Hunton Privacy

MAY 19, 2021

On May 12, 2021, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , the “Dutch DPA”) imposed a €525,000 fine on Locatefamily.com for failure to comply with the obligation imposed under Article 27 of the EU General Data Protection Regulation (“GDPR”) to appoint a representative in the EU.

Personal data

Personal data GDPR Risk IT

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

DLA Piper Privacy Matters

SEPTEMBER 6, 2021

Notably, the Hamburg supervisory authority ordered a ban on Facebook processing WhatsApp user data for its own purposes in Germany, on the basis of Article 66(1) GDPR which allows for provisional legal measures to be taken where there is an urgent need to protect data subjects in a specific territory. The Decision.

GDPR

GDPR Personal data Communications e-Delivery

Article 29 Working Party Publishes Guidance on Consent Under the GDPR

Hunton Privacy

DECEMBER 15, 2017

Recently, the EU’s Article 29 Working Party (the “Working Party”) adopted guidelines (the “Guidance”) on the meaning of consent under the EU General Data Protection Regulation (“GDPR”). In this Guidance, the Working Party has confirmed that consent should be a reversible decision where a degree of control must remain with the data subject.

GDPR

GDPR Personal data Risk Compliance

Article 29 Working Party Issues Statement on Consequences of Safe Harbor Ruling

Hunton Privacy

OCTOBER 16, 2015

On October 16, 2015, the Article 29 Working Party (the “Working Party”) issued a statement on the consequences of the recent ruling of the Court of Justice of the European Union (the “CJEU”) invalidating the European Commission’s Safe Harbor Decision. that respect EU citizens’ fundamental rights.

Personal data

Personal data Risk IT

Belgium: Belgian data protection authority clarifies the public interest legal basis in the context of decision on a vehicle tracking system

DLA Piper Privacy Matters

MARCH 6, 2023

The decision not only sets out the conditions for the use of such systems, but also includes interesting considerations of the Litigation Chamber on the interpretation of the ‘public interest’ legal basis of article 6.1(e) First, it rejects legitimate interest (article 6.1(f) It refers to article 6.1 It refers to article 6.1

GDPR

GDPR Personal data Compliance IT

China Issues Second Version of the Draft Personal Information Protection Law for Public Comments

Hunton Privacy

MAY 4, 2021

Article 13 adds one legal basis for processing personal information. Article 15 provides a higher standard to process a minor’s personal information. Article 16 requires the data processor to provide a convenient way for data subjects to withdraw consent. Article 22 provides more conditions for data processing by a third party.

Personal data

Personal data IT Information Security Privacy

Article 29 Working Party Releases Opinion on EU-U.S. Privacy Shield

Hunton Privacy

APRIL 13, 2016

On April 13, 2016, the Article 29 Working Party (the “Working Party”) published its Opinion on the EU-U.S. Alternatively, [the Privacy Shield] should contain specific jurisdiction clauses entitling data subjects to exercise their rights in Europe. Privacy Shield (the “ Privacy Shield ”) draft adequacy decision.

Privacy

Privacy Personal data Healthcare GDPR

Ireland / Europe: DPC’s Record Fine Raises Expectations on Standards Applicable for Processing Children’s Data

DLA Piper Privacy Matters

OCTOBER 17, 2022

Following its investigation, in December 2021, the DPC circulated its draft decision (the “ Draft Decision ”) to Concerned Supervisory Authorities (“ CSA ”) under Article 60 of the GDPR. As these could not be resolved, Article 65 of the GDPR (Dispute resolution by the Board) was triggered. Analysis of Article 6(1).

GDPR

GDPR Personal data Risk Compliance

Weekly Update 186

Troy Hunt

APRIL 10, 2020

(this was just super good fun, it's now all hooked up to Alexa too) Pwned Passwords is getting bigger and bigger (more than half a billion queries in a month now) I hate spam and I hate being asked to link to spammy articles (but I love the outcome of this blog post!)

Passwords

Passwords Security IT

Europe: CJEU decision – Right of access to individual recipients of personal data

DLA Piper Privacy Matters

JANUARY 19, 2023

On 12 January 2023, the European Court of Justice (“ CJEU ”) delivered its judgment regarding the right of access to personal data under Article 15 GDPR. The CJEU held that when exercising their right of access under the GDPR, data subjects must be provided with the individual data recipients of their personal data.

Personal data

Personal data Access GDPR Privacy

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

Hunton Privacy

NOVEMBER 7, 2022

The investigation was initiated following a breach report submitted by the DfE regarding the unauthorized access to the LRS database, a breach which the DfE only became aware of following an article in the press.

Education

Education Personal data Access IT

New Research: "Privacy Threats in Intimate Relationships"

Schneier on Security

JUNE 5, 2020

Abstract: This article provides an overview of intimate threats: a class of privacy threats that can arise within our families, romantic partnerships, close friendships, and caregiving relationships. Those closest to us know the answers to our secret questions, have access to our devices, and can exercise coercive power over us.

Privacy

Privacy Paper Cybersecurity Risk

Article 29 Working Party Discusses Guidelines for Search Engines in the Context of Costeja

Hunton Privacy

JUNE 10, 2014

On June 3 and 4, 2014, the Article 29 Working Party held a meeting to discuss the consequences of the European Court of Justice’s May 13, 2014 judgment in Costeja , which is widely described as providing a “right to be forgotten.” Read the Working Party’s press release.

Personal data

Personal data IT Information Security Privacy

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 13, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Data breaches Cybersecurity

EU: European Court confirms journalism exception for citizen-journalists, but not in France?

DLA Piper Privacy Matters

FEBRUARY 15, 2019

The second – and more interesting – question was whether Mr Buivids could rely on the derogation for journalistic purposes as provided by Article 9 of Directive 95/46 (of which Article 85 GDPR is a rough equivalent – see below ). Balancing exercise.

GDPR

GDPR Personal data Privacy Compliance

Security Affairs newsletter Round 408 by Pierluigi Paganini

Security Affairs

FEBRUARY 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Military Ransomware Insurance

ICO Issues First Enforcement Action Under the GDPR

Hunton Privacy

SEPTEMBER 25, 2018

While not established in the EU, the ICO has determined that as long as AIQ’s processing activities relate to the monitoring of data subjects’ behavior when that behavior takes place within the EU, then AIQ is subject to the GDPR, under its territorial scope provisions at Article 3(2)(b).

GDPR

GDPR Personal data Analytics IT

Data Protection: Whither the EU’s SCCs …

Data Protector

AUGUST 17, 2020

Whatever tweaks are proposed by the European Commission will invariably require EU-based organisations to undertake an absolutely enormous repapering exercise. Many of my privacy colleagues are only now recovering from the repapering rigmarole that was required to meet the GDPR Article 28 requirements. It could take years to complete.

GDPR

GDPR Personal data Government Privacy

Editorial Judgement

OpenText Information Management

APRIL 1, 2019

In a BBC article, editing was described as “an exercise in selection and judgement: what to put in and – just as important – what to leave out.” For anyone who writes, an editor helps make the final product better. A good editor is not just spell-check and grammar police (although still essential).

Customer Experience

Pending Updates to Regulations of Archives in Colombia

AIIM

MAY 30, 2023

This article was written by AIIM Florida Chapter Board Member Alvaro Arias Cruz , District Director of Archives of Bogotá. It was originally published in the AIIM Florida Chapter Newsletter in April 2023. Learn more about the AIIM Florida Chapter at [link].

Archiving

Archiving Search queries Digital preservation Big data

Article 29 Working Party Issues Opinion on the Implementation of the CJEU Ruling in Costeja

Hunton Privacy

DECEMBER 3, 2014

On November 26, 2014, the Article 29 Working Party (the “Working Party”) published an Opinion (the “Opinion”) on the Guidelines on the Implementation of the Court of Justice of the European Union Judgment on “Google Spain and Google Inc. Most national data protection laws provide for flexibility in how data subjects may exercise their rights.

Compliance

Compliance Communications Access Personal data

Europe: Advocate General delivers Opinion on the right of access for purposes unrelated to data protection

DLA Piper Privacy Matters

APRIL 25, 2023

In its reasoning, the Court stated that the right of access under Article 15(3) of the GDPR was not excluded by the fact that the patient requested the information in order to examine medical liability claims. Data subjects are therefore able to exert considerable pressure on companies by exercising their right of access. 15(3) GDPR.

Access

Access GDPR Personal data IT

The Belgian Data Protection Authority Publishes Recommendation Concerning Data Processing for Direct Marketing Purposes

HL Chronicle of Data Protection

MARCH 5, 2020

The Belgian DPA advises all those engaging in direct marketing to clearly define their processing purposes, in order to ensure that they have a legal basis for pursuing processing as required under Article 6 of the GDPR. Fulfilment of Transparency Obligations and making sure that Data Subjects can exercise their rights.

Marketing

Marketing GDPR Personal data Healthcare

EDPB Publishes Guidelines on the Right to Be Forgotten in Search Engine Cases

Hunton Privacy

DECEMBER 13, 2019

The right to be forgotten is now recognized in Article 17 of the GDPR, which grants individuals the right to request, on certain grounds, erasure of their personal data and requires all data controllers to erase the personal data when those grounds are met, subject to exceptions.

Personal data

Personal data GDPR Privacy IT

Processing of riders’ personal data ? The Italian Data Protection Authority sanctions a food delivery company

Privacy and Cybersecurity Law

JULY 26, 2021

The Company was found guilty of infringing the following provisions of Regulation EU 2016/679 (“ GDPR ”): Information provided to the riders pursuant to Article 13 of the GDPR. The Garante also assessed the infringement of Article 5(1)(e) with respect to the retention of personal data. Retention period. Security measures in place.

Personal data

Personal data GDPR e-Delivery Communications

Spanish DPA Publishes Report on Data Processing Activities in Relation to COVID-19

Hunton Privacy

MARCH 25, 2020

In particular, pursuant to Article 14 of Spanish Law 31/1995 of November 8, 1995 on the Prevention of Occupational Risks, employers have a duty to protect employees against occupational risks, and to guarantee the safety and health of all their employees in work-related aspects. the data subject) or other individuals.

Personal data

Personal data GDPR Risk Insurance

GDPR Article 17: What Is the Right to Erasure?

Article 28 Standard Contractual Clauses

Webinars

Trending Sources

Privacy notices – the ICO follows the lead of the EU data protection authorities in their interpretation of Article 13 UK GDPR

Webinars

UK Defence Secretary jet hit by an electronic warfare attack in Poland

How to comply with Article 30 of the GDPR

I think, therefore I modernize: introducing Enterprise Suite 6.0

Laying the Path for a Successful IT Modernization Exercise

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Transparency

“Staying Current” is Not Just a Fashion Statement

Article 29 Working Party Publishes Final Guidance on Data Protection Impact Assessments

CIPL Submits Comments to Article 29 WP’s Updated BCR Working Documents

Working party publishes draft of GDPR guidelines for Article 49 (export derogations)

North Korea-linked Konni APT uses Russian-language weaponized documents

CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Consent

The Netherlands – DPA imposes EUR 830,00 fine for access request fees

EDPB Adopts Guidelines on the Processing of Health Data During COVID-19

UK: Lloyd v Google LLC – data protection class action claims

Dutch DPA Issues Record Fine for Violating GDPR Data Subject Rights

Dutch DPA Fines Company 525,000 EUR for Failure to Designate EU Representative

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

Article 29 Working Party Publishes Guidance on Consent Under the GDPR

Article 29 Working Party Issues Statement on Consequences of Safe Harbor Ruling

Belgium: Belgian data protection authority clarifies the public interest legal basis in the context of decision on a vehicle tracking system

China Issues Second Version of the Draft Personal Information Protection Law for Public Comments

Article 29 Working Party Releases Opinion on EU-U.S. Privacy Shield

Ireland / Europe: DPC’s Record Fine Raises Expectations on Standards Applicable for Processing Children’s Data

Weekly Update 186

Europe: CJEU decision – Right of access to individual recipients of personal data

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

New Research: "Privacy Threats in Intimate Relationships"

Article 29 Working Party Discusses Guidelines for Search Engines in the Context of Costeja

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

EU: European Court confirms journalism exception for citizen-journalists, but not in France?

Security Affairs newsletter Round 408 by Pierluigi Paganini

ICO Issues First Enforcement Action Under the GDPR

Data Protection: Whither the EU’s SCCs …

Editorial Judgement

Pending Updates to Regulations of Archives in Colombia

Article 29 Working Party Issues Opinion on the Implementation of the CJEU Ruling in Costeja

Europe: Advocate General delivers Opinion on the right of access for purposes unrelated to data protection

The Belgian Data Protection Authority Publishes Recommendation Concerning Data Processing for Direct Marketing Purposes

EDPB Publishes Guidelines on the Right to Be Forgotten in Search Engine Cases

Processing of riders’ personal data ? The Italian Data Protection Authority sanctions a food delivery company

Spanish DPA Publishes Report on Data Processing Activities in Relation to COVID-19

Stay Connected