Information Management Today

Is it still necessary for data protection laws to have particular processing rules for specific types pf personal data?

Data Protector

OCTOBER 16, 2020

European laws have special rules for the processing of “sensitive data” or “special category data” regardless of the context within which the data will be processed. If asked, many people might argue that such information was far more sensitive than information relating to their trade union membership, ethnic origin or religion.

Personal data

Personal data GDPR IT Privacy

Reuters: Russia-linked APT behind Brexit leak website

Security Affairs

MAY 28, 2022

”” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. .”” ”” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. ” reported the Reuters.

Cybersecurity

Cybersecurity Authentication Security IT

CJEU Rules on Processing of Sensitive Data and Compensation Under the GDPR

Hunton Privacy

JANUARY 5, 2024

On December 21, 2023, the Court of Justice of the European Union (“CJEU”) issued its judgment in the case of Krankenversicherung Nordrhein (C-667/21) in which it clarified, among other things, the rules for processing special categories of personal data (hereafter “sensitive personal data”) under Article 9 of the EU General Data Protection Regulation (..)

GDPR

GDPR Personal data Insurance Access

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

European Commission Publishes Proposal for Cyber Resilience Act

Hunton Privacy

OCTOBER 6, 2022

On September 15, 2022, the European Commission presented its proposal for a Regulation on horizontal cybersecurity requirements for products with digital elements (the “Cyber Resilience Act”). Background. New Cybersecurity Requirements for Organizations. The Cyber Resilience Act also includes new reporting obligations for manufacturers.

Manufacturing

Manufacturing Cybersecurity Marketing Compliance

Let’s give a look at the Dark Web Price Index 2022

Security Affairs

JUNE 15, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. 120 $160 +$40 US driver’s license $100 $150 +$50 Lithuanian passport $1,500 $3,800 +$2,300.

Privacy

Privacy Cybersecurity Security IT

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. A risk-based perspective.

Privacy and Cybersecurity Law

SEPTEMBER 10, 2021

Consequently, the proposal creates the perfect opportunity to recreate the so-called “Brussel-effect” already experienced with the GDPR: the European legislation seen and used as a model at (one might say) the global level. A wide scope of application. The classification of artificial intelligence systems.

Artificial Intelligence

Artificial Intelligence Risk Marketing Compliance

Counting Down to the EU NIS2 Directive

Thales Cloud Protection & Licensing

MAY 22, 2024

On 17 October 2024, European Union Member States must adopt and publish the measures necessary to comply with the Network and Information Security Directive (NIS2). NIS2 adds digital service providers, waste management, pharmaceutical and labs, space, and public administration to the ‘Essential’ sectors category.

Compliance

Compliance Authentication Healthcare Cybersecurity

What is the NIS2 Directive and How Does It Affect You?

Thales Cloud Protection & Licensing

NOVEMBER 28, 2022

The European Union enacted the Network and Information System (NIS) regulation in July 2016 with the intention of ensuring a specific level of security for networks and information systems belonging to critical and sensitive infrastructures in EU member states. What is the NIS2 Directive and How Does It Affect You?

IT

IT Encryption Compliance Cybersecurity

Data Beyond Borders: The Schrems II Aftermath

Thales Cloud Protection & Licensing

MARCH 1, 2021

On July 16, 2020 the Court of Justice of the European Union issued the Schrems II decision in the case Data Protection Commission v. That decision invalidates the European Commission’s adequacy decision for the EU-U.S. Data Beyond Borders: The Schrems II Aftermath. Tue, 03/02/2021 - 07:06. Facebook Ireland.

GDPR

GDPR Compliance Privacy Cloud

Nation-state malware could become a commodity on dark web soon, Interpol warns

Security Affairs

MAY 24, 2022

Early this month, the European Union accused Russia of the cyberattack that hit the satellite KA-SAT network in Ukraine, operated by Viasat, on February 24. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Military

Military Government Communications Security

New Cybersecurity Directives (NIS2 and CER) Enter into Force

Hunton Privacy

JANUARY 18, 2023

On January 16, 2023, the Directive on measures for a high common level of cybersecurity across the Union (the “NIS2 Directive”) and the Directive on the resilience of critical entities (“CER Directive”) entered into force. Key Takeaways from the NIS2 Directive. A broader scope of application. Reinforced obligations.

Cybersecurity

Cybersecurity Healthcare Encryption Risk

Google LLC loses appeal against French Data Protection Authority decision before France highest administrative Court

DLA Piper Privacy Matters

JUNE 23, 2020

Therefore, the Irish Data Protection Authority, acting as Google’s lead authority, had sole jurisdiction to monitor Google’s data processing activities on the European Union territory (1). The CNIL has jurisdiction over cross-border processing operations carried out in France by a controller established outside of the European Union.

GDPR

GDPR Personal data Access IT

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements

Thales Cloud Protection & Licensing

AUGUST 29, 2023

The EU GDPR and its UK counterpart have regulations regarding transferring personal data outside the European Economic Area (EEA). The legal tools/mechanisms to transfer personal data are split in two main categories. How do Businesses Comply with GDPR? DORA, NIS, AI etc).

Personal data

Personal data Data Privacy Privacy GDPR

Meta Fined €390 Million by Irish DPC for Alleged Breaches of GDPR, Including in Behavioral Advertising Context

Hunton Privacy

JANUARY 20, 2023

Following consultations with peer regulators in the European Union, the DPC submitted its findings to the EDPB. In addition, the EDPB directed the DPC to conduct a separate investigation into how Facebook and Instagram process special categories of data.

GDPR

GDPR Personal data Compliance Privacy

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Security Affairs

JUNE 6, 2022

Starting May 24, the group calling themselves “Cyber Spetsnaz” announced the launch of a new campaign “Panopticon” which aimed to recruit 3,000 volunteer cyber offensive specialists willing to participate in attacks against the European Union and the Ukrainian government institutions including Ukrainian companies.

Government

Government Cybersecurity IoT Security

European Commission Publishes Final Version of Updated Standard Contractual Clauses

Hunton Privacy

JUNE 4, 2021

On June 4, 2021, the European Commission published the final version of the implementing decision on standard contractual clauses for transfers of personal data to third countries under the EU General Data Protection Regulation (“GDPR”), as well as the final version of the new standard contractual clauses (the “SCCs”). Next Steps.

Personal data

Personal data GDPR Government Access

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. The GDPR applies to any organization that processes the personal data of European residents, regardless of where that organization is based. Irish regulators hit Meta with a EUR 1.2 billion fine in 2023.

GDPR

GDPR Compliance Personal data Privacy

European General Court Judgment in Google Shopping: Key Takeaways

Data Matters

NOVEMBER 23, 2021

On November 10, 2021, the European General Court (Court) issued its judgment in Case T-612/17 Google and Alphabet v Commission (Google Shopping). The judgment can be appealed to the Court of Justice of the European Union (CJEU). As such, the Court drew a distinction between two categories of cases: a.

Marketing

Marketing Access IT Sales

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. GDPR basics The GDPR applies to any organization based in the European Economic Area (EEA). Special category data includes highly sensitive data like a person’s race and biometrics.

GDPR

GDPR Compliance Personal data Privacy

Brexit and banking: Implications to consider

CGI

APRIL 8, 2019

For example, the European Central Bank and the Bank of England announced that, if the UK leaves the European Union (EU) in a “no deal” scenario, UK-based derivative contracts would not have a legal basis, which could result in settlement contagion. Relocate European headquarters.

Risk

Risk GDPR IT Marketing

AG Says ePrivacy Applies to Government Access to Communications Data

HL Chronicle of Data Protection

JANUARY 20, 2020

On January 15, the Court of Justice of the European Union’s (CJEU) Advocate General (AG) Manuel Campos Sánchez-Bordona delivered his Opinion on four references for preliminary rulings on the topic of retention of and access to communications data.

Communications

Communications Access Government Privacy

How to Comply with GDPR, PIPL, and CCPA

eSecurity Planet

DECEMBER 22, 2021

If you’re currently storing data on individuals that haven’t given their consent and it doesn’t fall into one of the appropriate use categories, you need to give those people the option of withdrawing their consent. You’ll need to create plans for each of your data categories to abide by relevant compliance requirements. What is GDPR?

GDPR

GDPR Compliance Data Privacy Privacy

How to become an AI+ enterprise

IBM Big Data Hub

MARCH 4, 2024

These outcomes typically fall into one of three categories, none of which are desirable: Not useful: Customers remain unimpressed with your results. For example, copyright laws, the European Union’s Artificial Intelligence act, Digital Operational Resilience Act (DORA), data sovereignty laws and more.

Artificial Intelligence

Artificial Intelligence Cloud Government Risk

Renewable energy trends and developments powering a cleaner future

IBM Big Data Hub

MARCH 8, 2024

The European Union’s Green Deal Industrial Plan, India’s Production Linked Incentives (PLI) and the Inflation Reduction Act (IRA) in the US are all policies designed to further stimulate the integration of sustainable energy. To develop renewable energy technology, governments are turning to various public policy measures.

Energy and Utilities

Energy and Utilities Manufacturing Government IT

Climate change examples

IBM Big Data Hub

FEBRUARY 15, 2024

Surface temperature statistics paint a compelling picture of the changing climate: 2023, according to the European Union climate monitor Copernicus, was the warmest year on record—nearly 1.5 More than 60,000 people died in European heat waves in 2022. What do global climate change and global warming look like?

Artificial Intelligence

Artificial Intelligence Insurance Risk Government

EDPB guidelines on the targeting of social media users

Privacy and Cybersecurity Law

APRIL 1, 2021

On September 7, 2020, the European Data Protection Board ( EDPB ) published its guidelines on the targeting of social media users (the Guidelines ). The Guidelines build on recent case law of the Court of Justice of the European Union ( CJEU ). The Guidelines explain how targeting may expose individuals to significant risks.

GDPR

GDPR Personal data Risk Access

The Digital Markets Act Is Almost Here: 10 Things to Know About the EU’s New Rules for Big Tech

Data Matters

JUNE 1, 2022

The Digital Markets Act (DMA) will impose a stringent regulatory regime on large online platforms (so-called “gatekeepers”) and give the European Commission (Commission) new enforcement powers, including an ability to impose severe fines and remedies for noncompliance. Key dates and next steps.

Marketing

Marketing Computer and Electronics Communications GDPR

Europe: EDPB issues Recommendations on Supplementary Measures and European Essential Guarantees for surveillance measures following Schrems II

DLA Piper Privacy Matters

NOVEMBER 12, 2020

On 11 November, the European Data Protection Board (“ EDPB ”) published recommendations on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data (“ Recommendations ”) as well as recommendations on the European Essential Guarantees for surveillance measures (“ EEGs ”).

Paper

Paper Personal data Privacy Access

ICO Publishes Draft New Guidance on PETs

Data Matters

OCTOBER 6, 2022

PETs are not defined in data protection law, but the European Union Agency for Cybersecurity (“ ENISA ”) defines them as “systems encompassing technical processes, methods or knowledge to achieve specific privacy or data protection functionality or to protect against risks of privacy of an individual or a group of natural persons.”

GDPR

GDPR Privacy Encryption Compliance

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

These include the new framework for commercial data exchange between the United States and the European Union, referred to as the EU-U.S. Broken into eight categories, VRMMM covers more than 200 program elements that, in effect, forms the basis of a well-run third party risk management program.

Risk

Risk Financial Services Insurance Cybersecurity

EU: Europe’s toolbox for building compliant Corona tracking apps

DLA Piper Privacy Matters

APRIL 27, 2020

On the 8 th of April 2020, the European Commission adopted Recommendation 2020/518 to address the need of a common toolbox (the “ Toolbox ”) for the use of technology and data in order to fight and exit the Covid-19 crisis, with a particular focus on the use of mobile applications. By Patrick Van Eecke, Heidi Waem and Alizée Stappers.

Personal data

Personal data Privacy Cybersecurity Access

Advocate General Advises Revision of PNR Agreement between EU and Canada

Hunton Privacy

SEPTEMBER 9, 2016

On September 8, 2016, Advocate General Paolo Mengozzi of the Court of Justice of the European Union (“CJEU”) issued his Opinion on the compatibility of the draft agreement between Canada and the European Union on the transfer of passenger name record data (“PNR Agreement”) with the Charter of Fundamental Rights of the European Union (“EU Charter”).

Personal data

Personal data Privacy IT Information Security

UK Information Commissioner issues letter on transfers of personal data to the U.S. Securities and Exchange Commission

DLA Piper Privacy Matters

FEBRUARY 17, 2021

However, under the European Union (Withdrawal) Act 2018, the body of EU law (including the GDPR) is incorporated into UK law and the UK GDPR now applies in the UK (“ UK GDPR ”). Soon after the GDPR entered into force, the SEC delayed approvals of UK and EU based firm’s applications for SEC registration. What next?

Personal data

Personal data GDPR Security Compliance

Dark Side of the Moon: Extraterritorial Applicability of the UK Data Protection Act 2018 After Brexit

HL Chronicle of Data Protection

MARCH 4, 2019

Subject to the deadlock in parliament being broken, or an extension of the Article 50 Brexit process, the UK’s 46-year European Union membership will cease in a matter of days. One aspect of the DP Exit Regs is that they amend the GDPR itself insofar as it applies to the UK, and the resulting text is called the “UK GDPR.”

GDPR

GDPR Personal data Privacy Communications

EUROPE: CJEU rules mass surveillance must be brought in line with EU law

DLA Piper Privacy Matters

OCTOBER 9, 2020

The Court also held that Member States cannot restrict the scope of the ePrivacy Directive unless such restrictions comply with the general principles of EU law, are proportionate, and preserve the fundamental rights guaranteed under the Charter of Fundamental Rights of the European Union (“ Charte r”).

Communications

Communications Privacy Data collection Personal data

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

Hunton Privacy

SEPTEMBER 10, 2020

On September 7, 2020, the European Data Protection Board (“EDPB”) released draft Guidelines 07/2020 on the concepts of controller and processor in the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). However, the GDPR has introduced new obligations on those actors.

GDPR

GDPR Personal data Data breaches Compliance

GERMANY: Data Protection Authorities Issue GDPR Fining Guidelines

DLA Piper Privacy Matters

OCTOBER 24, 2019

Importantly the methodology set out in the Guidelines for calculating fines is not intended to be exhaustive and will be subject to further specification by the European Data Protection Board (‘ EDPB’ ). This is used to assign the undertaking to a specific size-category. This is calculated by reference to the relevant size category.

GDPR

GDPR Compliance Personal data IT

Europe: New guidelines on the application and setting of fines under GDPR

DLA Piper Privacy Matters

NOVEMBER 7, 2017

The most relevant and valuable inputs came from the Article 29 Data Protection Working Party, which is composed of a representatives of the supervisory authorities designed by each EU country, representatives of the authorities established for the EU institutions and bodies and a representative of the European Commission. 2] [link]. [3]

GDPR

GDPR Personal data Privacy Government

EUROPE: New privacy rules for connected vehicles in Europe?

DLA Piper Privacy Matters

MAY 5, 2020

Heeding the call, the European Commission issued some communications, such as the communication on “Europe on the Move” (COM(2018) 293 final), to guarantee a smooth transition towards a European mobility system which is safe, clean, connected and automated. Risks identified by the European Data Protection Board. 23(1) GDPR.

Privacy

Privacy Personal data GDPR Insurance

Irish data protection authority launches new cookie guidance and indicates cookie investigations are on the horizon

Data Protection Report

APRIL 16, 2020

This is broadly the same approach taken by other European regulators, with the exception of the Spanish authority. This is generally consistent with other European guidance and the Court of Justice of the European Union Planet 49 decision. Implied consent is unacceptable.

Analytics

Analytics Data collection Compliance Privacy

The NIS Directive (NIS Regulations) – the UK law businesses need to know about

IT Governance

JULY 20, 2018

The NIS Regulations apply to two different categories of organisations: OES (operators of essential services) in the UK’s energy, transport, health, water and digital infrastructure sectors. The NIS Regulations aim to minimise this sort of chaos. Who does it apply to?

Compliance

Compliance GDPR Personal data Cloud

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

These records are typically organized by grouping them by function or department and then described as either an individual record or grouped together into a record category. Countries and organizations within the European Union (EU), must comply with the requirements of the General Data Protection Regulation (GDPR) 1.

Personal data

Personal data GDPR Privacy Records Management

European Commission proposes reinforcement of EU Cybersecurity rules

DLA Piper Privacy Matters

JANUARY 11, 2021

On 16 December 2020, the European Commission adopted a proposal for a Directive on measures for a high common level of cybersecurity across the Union (“NIS II Directive”) that revises the current Directive on Security of Network and Information Systems (“NIS Directive”). Sector-specific instrument for the financial sector.

Cybersecurity

Cybersecurity Computer and Electronics Manufacturing Cloud

EU: EU Data Protection : COVID-19

DLA Piper Privacy Matters

MARCH 19, 2020

Various countries are in lockdown and emergency measures being implemented to contain the pandemic, with European countries currently at the epicentre of the outbreak. The world is facing unprecedented challenges in its fight to contain Coronavirus (COVID-19). carrying out temperature checks on entry to sites. Art 9(2)(b)).

GDPR

GDPR Personal data Compliance Privacy

Is it still necessary for data protection laws to have particular processing rules for specific types pf personal data?

Reuters: Russia-linked APT behind Brexit leak website

Webinars

Trending Sources

CJEU Rules on Processing of Sensitive Data and Compensation Under the GDPR

Webinars

European Commission Publishes Proposal for Cyber Resilience Act

Let’s give a look at the Dark Web Price Index 2022

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. A risk-based perspective.

Counting Down to the EU NIS2 Directive

What is the NIS2 Directive and How Does It Affect You?

Data Beyond Borders: The Schrems II Aftermath

Nation-state malware could become a commodity on dark web soon, Interpol warns

New Cybersecurity Directives (NIS2 and CER) Enter into Force

Google LLC loses appeal against French Data Protection Authority decision before France highest administrative Court

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements

Meta Fined €390 Million by Irish DPC for Alleged Breaches of GDPR, Including in Behavioral Advertising Context

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

European Commission Publishes Final Version of Updated Standard Contractual Clauses

How to implement the General Data Protection Regulation (GDPR)

European General Court Judgment in Google Shopping: Key Takeaways

GDPR compliance checklist

Brexit and banking: Implications to consider

AG Says ePrivacy Applies to Government Access to Communications Data

How to Comply with GDPR, PIPL, and CCPA

How to become an AI+ enterprise

Renewable energy trends and developments powering a cleaner future

Climate change examples

EDPB guidelines on the targeting of social media users

The Digital Markets Act Is Almost Here: 10 Things to Know About the EU’s New Rules for Big Tech

Europe: EDPB issues Recommendations on Supplementary Measures and European Essential Guarantees for surveillance measures following Schrems II

ICO Publishes Draft New Guidance on PETs

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

EU: Europe’s toolbox for building compliant Corona tracking apps

Advocate General Advises Revision of PNR Agreement between EU and Canada

UK Information Commissioner issues letter on transfers of personal data to the U.S. Securities and Exchange Commission

Dark Side of the Moon: Extraterritorial Applicability of the UK Data Protection Act 2018 After Brexit

EUROPE: CJEU rules mass surveillance must be brought in line with EU law

EDPB Publishes Guidelines on the Concepts of Controller and Processor in the GDPR

GERMANY: Data Protection Authorities Issue GDPR Fining Guidelines

Europe: New guidelines on the application and setting of fines under GDPR

EUROPE: New privacy rules for connected vehicles in Europe?

Irish data protection authority launches new cookie guidance and indicates cookie investigations are on the horizon

The NIS Directive (NIS Regulations) – the UK law businesses need to know about

The Impact of Data Protection Laws on Your Records Retention Schedule

European Commission proposes reinforcement of EU Cybersecurity rules

EU: EU Data Protection : COVID-19

Stay Connected