DLA Piper Privacy Matters

JUNE 6, 2018

Only five days after the GDPR became applicable, the first German court, the Regional Court ( Landgericht ) Bonn (in a decision dated 29 May 2018, case number 10 O 171/18 – in German only), issued a ruling on the practical application of the GDPR. Click here for more details on processing of WHOIS information.

GDPR 75

GDPR Compliance Personal data Security 75

Data Matters

JUNE 24, 2021

3 The SEC and its staff followed the September 2017 statement with various cybersecurity-related initiatives and guidance, including January 27, 2020, cybersecurity guidance and observations published by the SEC’s Division of Examinations (formerly Office of Compliance Inspections and Examinations). 26, 2018). 20, 2017). 27, 2020).

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

Hunton Privacy

OCTOBER 18, 2022

The Draft Guidance is primarily targeted at employers, and aims to help employers comply with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018 (“DPA 18”), when monitoring their workforces.

GDPR 58

GDPR Personal data Compliance Access 58

Preservica

MAY 1, 2018

Suite of new GDPR enhancements simplify classification, search and reporting for long-term personal data. Reporting : Dashboard or on-demand reports show the types of pre-classified personal data held within Preservica, further addressing records of processing requirements (Article 30).

GDPR 40

GDPR Digital preservation Metadata Personal data 40

DLA Piper Privacy Matters

SEPTEMBER 7, 2023

The scrutiny by national courts over the lawfulness of certain processing, and commentary on the factors that will aggravate or mitigate an infringement, should be considered by these organisations and inform their approach to data protection compliance. The Comparative View – how are non-material damages assessed elsewhere?

GDPR 111

GDPR Data breaches Risk Personal data 111

eDiscovery Daily

JANUARY 30, 2018

and Mary (as in Mary Mack, Executive Director of ACEDS) and Marc Zamsky (from ComplianceDS) at Ruth’s Chris Steak House at 148 West 51st Street on Wednesday from 4:00pm to 6:00pm. 11:00 AM – 12:00 PM: The Role of Artificial Intelligence in Legal and Business Processes and How to Defend Its Use.

e-Discovery 34

e-Discovery Artificial Intelligence GDPR Education 34

Hunton Privacy

APRIL 26, 2019

Given the extraterritorial reach of the UK Data Protection Act 2018, organizations based outside of the UK may be subject to the code, which is expected to take effect by the end of 2019. Generalized data sharing for the purposes of commercial reuse is unlikely to meet this standard.

Personal data 60

Personal data Privacy GDPR Access 60

Hunton Privacy

OCTOBER 17, 2018

On October 11, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP submitted comments to the UK Information Commissioner’s Office (“ICO”) in response to its call for views on creating a regulatory sandbox.

Financial Services 59

Financial Services Paper Personal data Compliance 59

IT Governance

JUNE 15, 2018

Like the Data Protection Act 1998 (DPA 1998) that it superseded, the General Data Protection Regulation (GDPR) sets out six lawful bases for processing personal data. This is particularly important because data subjects have the right to withdraw their consent at any time. Legal obligations.

GDPR 70

GDPR Personal data Compliance Privacy 70

DLA Piper Privacy Matters

SEPTEMBER 2, 2021

The Children’s Code is not new law, but a statutory Code of Practice under the Data Protection Act 2018. The Code was laid before Parliament on 11 June 2020, under s. The Code is a statutory code of practice which the ICO is required to publish under the Data Protection Act. 125(1)(b) of the DPA.

Privacy 103

Privacy Education Personal data Compliance 103

Thales Cloud Protection & Licensing

FEBRUARY 24, 2020

Today, half (50%) of all corporate data is stored in the cloud and nearly half (48%) of that data is considered sensitive (everything from intellectual property to employee, financial or personal data). Whatever the nature of the data stored in the cloud, it needs to be secured. A look ahead—quantum computing.

Digital transformation 79

Digital transformation Cloud Encryption Security 79

Hunton Privacy

DECEMBER 16, 2019

On December 10, 2019, the French Data Protection Authority (the “CNIL”) published the final version of its standard (“Referential”) concerning the processing of personal data in the context of whistleblowing hotlines. The Referential sets a single set of data protection rules that cover all these whistleblowing systems.

Personal data 49

Personal data GDPR Compliance Privacy 49

Data Matters

DECEMBER 14, 2017

On 28 November 2017, the Article 29 Working Party (the “ WP29 ”) published detailed draft guidelines on consent under the EU General Data Protection Regulation (the “ GDPR ”), which is to come into effect on 25 May 2018. Under the GDPR, consent is one of six legal bases to process personal data. Explicit Consent?

GDPR 60

GDPR Personal data Compliance Marketing 60

IT Governance

JANUARY 10, 2019

This week, we discuss a high-profile German data breach, the top worst passwords of 2018, the resignation of NHS Digital’s CISO, and Microsoft’s latest patches. Hello and welcome to the first IT Governance podcast of 2019 – for Friday, 11 January. The top ten worst passwords of 2018 were, counting down from ten to one: 10.

Data breaches 77

Data breaches Passwords GDPR Personal data 77

Hunton Privacy

DECEMBER 17, 2020

Twitter estimated that 88,726 Twitter users in Europe were affected between September 5, 2017 and January 11, 2019. The bug was discovered on December 26, 2018. Investigation and GDPR Dispute Resolution Procedure.

GDPR 72

GDPR Data breaches Personal data Compliance 72

DLA Piper Privacy Matters

APRIL 1, 2020

In 2018, the Court of Appeal upheld the High Court’s finding that Morrisons had not breached its primary duties owed to its staff as a data controller under the DPA, but that it was vicariously liable for the criminal actions of Mr Skelton. Implications for employers.

Data breaches 59

Data breaches GDPR Personal data Information governance 59

Hunton Privacy

JANUARY 18, 2018

On January 10, 2018, the Law of 3 December 2017 creating the Data Protection Authority (the “Law”) was published in the Belgian Official Gazette (available in French and Dutch ). The EU General Data Protection Regulation (“GDPR”) provides national data protection authorities with a strengthened enforcement role.

Privacy 55

Privacy Computer and Electronics Personal data GDPR 55

IT Governance

AUGUST 21, 2018

Looking more broadly than the retail sector for a moment, the ICO reports that there were a total of 957 data security incidents during the first quarter of 2018 (a 17% increase on Q3) and the World Economic Forum believes that cyber attacks are one of the top five risks to global stability in the next five years, so we all need to take heed.

Retail 66

Retail Data breaches GDPR Compliance 66

IT Governance

JUNE 29, 2018

This week, we discuss the apparent leak of 340 million data records, a vulnerability that exposed sensitive BetVictor data, a data breach affecting up to 40,000 Ticketmaster customers, and the number of GDPR complaints since 25 May. Hello and welcome to the IT Governance podcast for Friday, 29 June 2018.

GDPR 76

GDPR Passwords Data breaches Access 76

Data Protection Report

JULY 9, 2018

Like their European counterparts, these state laws are intended to provide consumers with greater transparency and control over their personal data. The California and Vermont laws, in particular, go beyond breach notification and require companies to make significant changes in their data processing operations.

GDPR 40

GDPR Data breaches Personal data Insurance 40

HL Chronicle of Data Protection

MAY 29, 2019

Opinion 5/2019 on the interplay between the ePrivacy Directive and the GDPR, particularly regarding the competence, tasks, and powers of data protection authorities (12.3.2019) – The EDPB confirmed that where the ePD provides for a more specific rule than the GDPR, the specific rule will prevail. Regulatory Guidance.

GDPR 40

GDPR Personal data Privacy Information architecture 40

Data Protection Report

SEPTEMBER 6, 2018

The much discussed Cybersecurity Act 2018 (Act. 9 of 2018) (the Act), which was passed by the Singapore Parliament on 5 February 2018, came into force on 31 August 2015 [1]. The 11 critical sectors of essential services that are identified in the Act are: Energy. Info-communications. Healthcare. Banking and finance.

Cybersecurity 40

Cybersecurity Compliance Data Privacy Personal data 40

DLA Piper Privacy Matters

MAY 16, 2018

Despite a lack of agreement between the Senate and the National Assembly, France has finally passed its new data protection law , 11 days prior to the entry into application of the EU General Data Protection Regulation (GDPR) on May 25. Limitations to data subjects’ rights in certain circumstances. Children’s consent.

GDPR 40

GDPR Personal data Compliance Data Privacy 40

Thales Cloud Protection & Licensing

NOVEMBER 26, 2018

Our research has highlighted that 86% of consumers would consider switching to another company if a breach were to occur, with 35% of consumers stating that a data breach under the GDPR would ‘definitely’ give them a negative perception of a company. The survey was issued in November 2018 by Censuswide. The cost to business.

GDPR 81

GDPR Data breaches Retail Manufacturing 81

DLA Piper Privacy Matters

MAY 14, 2018

When the General Data Protection Regulation (GDPR) takes effect across the EU on 25 May 2018, large amounts of WHOIS data will no longer be publicly available. However, ICANN has estimated this might not be operational until December 2018. By John Wilks , Ruth Hoy , Claire Sng, and Kelsey Rose. The response so far.

GDPR 53

GDPR Access Government Archiving 53

Data Matters

APRIL 20, 2020

Following the Supreme Court’s judgment, if an employee commits a statutory or common law tort for personal reasons (for example, as part of a personal vendetta) and not in circumstances closely connected to the ordinary course of their employment, the employer is unlikely to be vicariously liable for his or her conduct.

Data breaches 68

Data breaches GDPR Privacy IT 68

Data Protection Report

MARCH 5, 2018

On February 12, 2018, the Article 29 Working Party (WP29) published guidance regarding Article 49 of the General Data Protection Regulation (GDPR) for public comment. The deadline for submitting comments on the draft is March 26, 2018, and responses should be emailed to JUST-ARTICLE29WP-SEC@ec.europa.eu. the U.S.); the U.S.);

GDPR 40

GDPR Personal data e-Discovery Risk 40

Hunton Privacy

APRIL 30, 2019

On April 11, 2019, the People’s Republic of China’s Network Security Bureau of the Ministry of Public Security, the Beijing Network Industry Association and the Third Research Institution of the Ministry of Public Security jointly released a “Guide to Protection of Security of Internet Personal Information (the “Guide”). Application.

Cybersecurity 58

Cybersecurity Information Security Personal data Security 58

Data Protection Report

FEBRUARY 27, 2019

Several US states, following the GDPR’s passage last May, are proposing their own data protection laws that provide certain GDPR-like consumer rights. The California Consumer Privacy Act (CCPA), passed in June 2018 in response to the Cambridge Analytica scandal, is slated to become the most comprehensive data privacy law in the US.

Data Privacy 40

Data Privacy GDPR Privacy Risk 40

CGI

SEPTEMBER 25, 2018

Tue, 09/25/2018 - 02:46. While for some, compliance with the General Data Protection Regulation (GDPR) was business as usual (BAU), for others it represented a huge effort—and a bit of a panic for a minority. Persistent privacy powers professional businesses. harini.kottees….

Privacy 40

Privacy GDPR Cybersecurity Unstructured data 40

HL Chronicle of Data Protection

MAY 13, 2019

Additionally in 2017, Connecticut passed legislation requiring that health insurers, third-party administrators, and related entities implement and maintain a comprehensive information security program with specific minimum requirements to protect insureds’ personal data. More states are sure to follow.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

DLA Piper Privacy Matters

JULY 12, 2018

On 10 July 2018, the Information Commissioner published an update on its investigation into the use of data analytics in political campaigns.

Analytics 45

Analytics GDPR Personal data Marketing 45

Data Protector

OCTOBER 11, 2017

We want businesses to ensure that their customers and future customers have consented to having their personal data processed, but we also need to ensure that the enormous potential for new data rights and freedoms does not open us up to new threats. Where she finds criminality, she can prosecute.

GDPR 120

GDPR Personal data Government IT 120