Data collection and GDPR - Information Management Today

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

Norway Urges Europe-Wide Ban on Meta's Targeted Ad Data Collection

Dark Reading

OCTOBER 2, 2023

Norway wants to permanently ban the owner of Facebook and Instagram from collecting sensitive user data across Europe, saying its current policies violate GDPR rules.

Data collection

Data collection GDPR IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Dutch DPA Issues Record Fine for Violating GDPR Data Subject Rights

HL Chronicle of Data Protection

JULY 7, 2020

Under the European Union’s General Data Protection Regulation (GDPR), individuals have the right to access personal data collected about them, and to exercise that right easily and at reasonable intervals. verify whether the person is eligible for a loan, mortgage, or credit card).

GDPR

GDPR Personal data Data collection Access

META hit with privacy complaints by EU consumer groups

Security Affairs

MARCH 4, 2024

Below are the questions and answers of my interview: What specific GDPR rules do the consumer groups claim Meta is not complying with? Consumer groups claim that Meta’s data collection is unfair and lacks transparency. billion for transferring user data to the US.

Privacy

Privacy GDPR Personal data Data collection

Guest Post - Three Critical Steps for GDPR Compliance

AIIM

JANUARY 17, 2018

GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S. GDPR Compliance Starts with Data Discovery. GDPR Compliance Starts with Data Discovery. Compliance with GDPR is just a short five months away.

GDPR

GDPR Compliance Data collection Privacy

GDPR and The Data Governance Imperative

AIIM

SEPTEMBER 12, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. What Do the GDPR and new Privacy Laws Mean for U.S. Data Mapping.

GDPR

GDPR Government Information governance Compliance

The GDPR: Everything you need to know about data controllers and data processors

IT Governance

NOVEMBER 14, 2018

Data controllers and data processors are an integral part of the GDPR. The terms ‘data controller’ and ‘data processor’ have been around for years, but it’s only since the EU GDPR (General Data Protection Regulation) took effect that they’ve been scrutinised. Responsibilities of the data controller.

GDPR

GDPR Retail Data collection Personal data

Austrian DPA Finds Data Transfers Resulting from Analytics Cookie Use to Be in Violation of GDPR Data Transfer Requirements

Hunton Privacy

JANUARY 24, 2022

The Austrian data protection authority (the “Austrian DPA”) recently published a decision in a case brought against an Austrian website provider and Google by the non-governmental organization co-founded by privacy activist Max Schrems, None of Your Business (“NOYB”). government access to the relevant data was low.

Analytics

Analytics GDPR Personal data Data collection

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies.

GDPR

GDPR Personal data Data collection Marketing

Why is the GDPR still something I should be concerned about?

IT Governance

OCTOBER 15, 2018

The EU’s GDPR (General Data Protection Regulation) superseded all laws based on the EU’s Data Protection Directive, including the UK’s Data Protection Act 1998, on 25 May 2018. Some organisations believe that a simple privacy notice is all that is required, but the GDPR actually demands far more than that. .

GDPR

GDPR Data breaches Personal data Data collection

6 typical GDPR questions explained

Collibra

OCTOBER 28, 2020

There are a number of recurring questions on how to approach GDPR and setup a GDPR program. Should I implement a top-down or bottom-up approach to GDPR? When defining your GDPR architecture, it is key to start with the basics and determine how you intend to implement the regulation within your organization.

GDPR

GDPR e-Discovery Metadata Compliance

EDPB Publishes Guidelines on Extraterritorial Application of the GDPR

Hunton Privacy

NOVEMBER 27, 2018

On November 23, 2018, the European Data Protection Board (“EDPB”) published its long-awaited draft guidelines on the extraterritorial application of the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”). For example, the processing of personal data by a French controller relating to customers in the U.S.

GDPR

GDPR Personal data Marketing Data collection

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

The Last Watchdog

JANUARY 9, 2023

As the world becomes more digital and connected, it is no surprise that data privacy and security is a growing concern for small to medium sized businesses — SMBs. Related: GDPR sets new course for data privacy. There is increasing regulatory pressure on SMBs to protect their employees’ and customers’ sensitive data.

Data Privacy

Data Privacy Compliance Privacy GDPR

Microsoft Products Under EU Investigation About Data Collection

Dark Reading

APRIL 8, 2019

A new inquiry aims to determine whether contracts between Microsoft and EU organizations violate GDPR.

Data collection

Data collection GDPR

GDPR Primer

The Schedule

MAY 9, 2019

A few weeks ago, Chuck Piotrwoski of PIOT presented a great webinar on the General Data Protection Regulation (GDPR). Chuck broke down GDPR into several basic principles: data about a person belongs to the person. an organization can only work with personal data if permitted by law or with the consent of the individual.

GDPR

GDPR Personal data Privacy Data collection

Get Ready, Get Set for GDPR

OneHub

APRIL 18, 2018

With a little more than a month until it takes effect, GDPR are four letters that you’ll be hearing a lot in the coming weeks. Dell and Dimension research suggests that 80 percent of businesses know little or nothing about GDPR. GDPR stands for the General Data Protection Regulation. Read the entire GDPR text here.

GDPR

GDPR Privacy Encryption Data collection

What you need to know about data flow mapping under the GDPR

IT Governance

JANUARY 9, 2018

With the new EU General Data Protection Regulation (GDPR) coming into effect in less than six months, it is vital that all organisations make sure they have accurate data flow maps. If your business is not in the EU, you will still have to comply with the Regulation if you want to process EU residents’ data. Key elements.

GDPR

GDPR Data collection Compliance Privacy

Dutch DPA Publishes Post-GDPR Complaints Report

Hunton Privacy

DECEMBER 18, 2018

On December 13, 2018, the Dutch Data Protection Authority (“ Autoriteit Persoonsgegevens ”) (the “Dutch DPA”) published a report on the complaints it has received since the EU General Data Protection Regulation (“GDPR”) became applicable on May 25, 2018 (the “Report”). View the Report and the press release (in Dutch).

GDPR

GDPR Personal data Data collection Business Services

EU: CJEU’s landmark decision in Meta vs Bundeskartellamt

DLA Piper Privacy Matters

JULY 12, 2023

The decision imposes important requirements in relation to the interpretation of the GDPR and the interplay between competition authorities and data protection supervisory authorities, in particular, with regards to the personalised use of consumers’ personal data for targeted advertising by social media platforms.

GDPR

GDPR Personal data Data collection Marketing

These 3 GDPR Requirements You Must Support Today are Nothing Compared With What’s Coming

Reltio

AUGUST 16, 2018

On May 25, 2018 GDPR (General Data Protection Regulation) went into effect. The primary objectives of the GDPR are to give control back to their EU citizens and residents over their personal data, to simplify the regulatory environment for international business, and to unify regulations within the European Union.

GDPR

GDPR MDM Compliance Personal data

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

The EU General Data Protection Regulation (GDPR) is designed to harmonise data protection laws across the EU, but certain industries will have to respond differently in order to achieve compliance. A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers.

Insurance

Insurance GDPR Compliance Data collection

Google to Launch Google Analytics 4 in an Attempt to Address EU Privacy Concerns

Hunton Privacy

MARCH 18, 2022

The complaints focused on whether the transfer of EU personal data to Google in the U.S. through the use of cookies is permitted under the EU General Data Protection Regulation (“GDPR”), following the Schrems II judgment of the Court of Justice of the European Union. through the use of the Google Analytics cookie is unlawful.

Analytics

Analytics Privacy GDPR Personal data

Dan Solove on Privacy Regulation

Schneier on Security

APRIL 24, 2024

As to privacy, consent authorizes and legitimizes a wide range of data collection and processing. In the European Union, the General Data Protection Regulation (GDPR) uses the express consent approach, where people must voluntarily and affirmatively consent. There are generally two approaches to consent in privacy law.

Privacy

Privacy Personal data GDPR Data collection

Council and European Parliament Reach Political Agreement on the Data Act

Hunton Privacy

JUNE 30, 2023

The Political Agreement introduces a number of changes to the original Commission Proposal on the Data Act, including: Clarification of the scope of the Data Act, allowing users of connected devices, ranging from smart home appliances to smart industrial machinery, to gain access to data generated by their use.

Data collection

Data collection GDPR IoT Marketing

China’s Data Privacy Law Poses Challenge for International Companies

eSecurity Planet

DECEMBER 1, 2021

Businesses that have spent the past three-plus years adapting to the European Union’s far-reaching data privacy law now have to decide how they will respond to a similar law in China that has been criticized as being more vague in its wording and harsher in its penalties. PIPL vs. GDPR. Also read: Top GRC Tools & Software for 2021.

Data Privacy

Data Privacy Privacy GDPR Data collection

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. Step 1: Appointing a Data Protection Officer (“DPO”) or “Pilot”.

GDPR

GDPR Personal data Compliance Privacy

EDPB Publishes Report of Outcome of the Cookie Banner Taskforce

Hunton Privacy

JANUARY 27, 2023

Key takeaways from the Report include: The EDPB recalls that the one-stop-shop mechanism introduced by the EU General Data Protection Regulation (“GDPR”) does not apply to cookie-related issues, as cookie rules are set forth under the ePrivacy Directive.

GDPR

GDPR Compliance Data collection Personal data

Norwegian DPA Issues 2.5M EUR Preliminary Fine for U.S. Company Utilizing Web-Tracking IDs

Hunton Privacy

MAY 11, 2021

The preliminary fine was issued for failure to comply with the General Data Protection Regulation’s (“GDPR”) accountability, lawfulness and transparency requirements, primarily due to Disqus’ tracking of website visitors. Datatilsynet therefore concluded that Disqus’ activities were within the scope of Article 3(2)(a) of the GDPR.

GDPR

GDPR Personal data Communications Data collection

European Medicines Agency Issues Updated Good Clinical Practice Q&A

Data Matters

FEBRUARY 18, 2021

When collecting and reporting such data, the sponsor should take into account ethical considerations and all applicable laws and regulations, including data protection legislation. The sponsor is furthermore required to verify and control the accuracy and completeness of the data collected by itself or its third-party vendors.

GDPR

GDPR Personal data Access Data collection

When are schools required to report personal data breaches?

IT Governance

NOVEMBER 17, 2020

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. How to avoid data breaches.

Personal data

Personal data Data breaches Data collection GDPR

What is progressive profiling and how can it benefit your business?

Thales Cloud Protection & Licensing

JULY 3, 2023

madhav Tue, 07/04/2023 - 05:10 As the data trust gap between customers and businesses continue to grow, and as third-party cookies become redundant, there is an urgency to adopt a modernized approach to customer data collection. Progressive profiling introduces a fresher and far more proactive take on data collection.

IT

IT Data collection B2C B2B

GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow

The Last Watchdog

NOVEMBER 21, 2018

News of data breaches, data vulnerabilities and compromised private information is released almost daily from businesses both small and large. Related: Europe’s GDPR ushers in new privacy era. Legislation has recently been proposed for individual states, addressing data privacy regulations head-on. If the U.S.

Privacy

Privacy GDPR Data Privacy Data collection

Facebook's Download-Your-Data Tool Is Incomplete

Schneier on Security

MARCH 2, 2020

Privacy International has the details : Key facts: Despite Facebook claim, "Download Your Information" doesn't provide users with a list of all advertisers who uploaded a list with their personal data. As a user this means you can't exercise your rights under GDPR because you don't know which companies have uploaded data to Facebook.

Personal data

Personal data GDPR Data collection Privacy

German regulator orders Facebook to restrict data collection

The Guardian Data Protection

FEBRUARY 7, 2019

User consent will be required before combining WhatsApp and Instagram account data Germany’s anti-monopoly regulator has ordered Facebook not to combine user data from its WhatsApp, Instagram and Facebook apps without consent, after a major three-year investigation into potentially anti-competitive actions.

Data collection

Data collection IT GDPR Privacy

Article 29 Working Party Published Guidelines on Transparency under the GDPR

Hunton Privacy

DECEMBER 20, 2017

The Guidelines aim to provide practical guidance and clarification on the transparency obligations introduced by the EU General Data Protection Regulation (“GDPR”). The transparency obligations require controllers to provide certain information to data subjects regarding the processing of their personal data.

GDPR

GDPR Personal data Privacy Communications

One week into GDPR – what you need to know

Data Protection Report

JUNE 4, 2018

Websites go dark, complaints are filed within an hour, European Commission suffers an embarrassing data leak, and the US Commerce Secretary warns about the unintended trade impact of the law – all in the first week of the GDPR. First complaints received within 48 minutes.

GDPR

GDPR Compliance Personal data Privacy

DCMS Consults on National Data Strategy

Hunton Privacy

SEPTEMBER 15, 2021

Following its departure from the European Union, the UK is no longer bound by EU law and may adapt its existing data protection regime, which is currently based on the EU General Data Protection Regulation (“GDPR”).

GDPR

GDPR Personal data Risk Communications

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

Authors: Carolyn Bigg, Gwyneth To and Rachel De Souza Start preparing now to comply with India’s new data protection law. In contrast to the current position in India and the EU/UK GDPR, the DPDP Act makes no distinction between personal data and sensitive personal data, but this is quite similar to many other Asia data protection laws.

Personal data

Personal data GDPR Data breaches Compliance

CNIL Fines Clearview AI 20 Million Euros for Unlawful Use of Facial Recognition Technology

Hunton Privacy

OCTOBER 24, 2022

Under the EU General Data Protection (the “GDPR”), biometric data qualifies as sensitive personal data and the processing thereof requires additional protection.

Data collection

Data collection Personal data GDPR Marketing

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

The Last Watchdog

MAY 21, 2020

Tracking is only harmless when there is no real data collected and stored; that’s impossible, isn’t it? Advertisers are adding new data nodes in order to gain a more holistic understanding of who you are as an audience and customer. Specific regulation on online fingerprinting is required.

Privacy

Privacy GDPR Risk Data collection

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. However, the challenges of GDPR certainly don’t end on the date this law goes into implementation. Many of our clients ask us when and how they may be called upon to demonstrate compliance with the GDPR.

GDPR

GDPR Personal data Compliance Data breaches

CIPL Responds to CNIL and Irish DPC on Transparency and Data Transfers under the GDPR

Hunton Privacy

OCTOBER 24, 2017

The responses address a variety of questions posed by both data protection authorities (“DPAs”) and aim to provide insight on and highlight issues surrounding transparency and international transfers. The notice requirement should cover passively collected and observed data from an individual. International Data Transfers.

GDPR

GDPR Compliance Privacy Data collection

Strong security defense starts with prioritizing, limiting data collection

Information Management Resources

APRIL 16, 2019

Some businesses hold large volumes of personal data because they believe it’s necessary for comprehensive identity and credential verification, but this practice can be risky.

Data collection

Data collection Personal data Security GDPR

GDPR compliance checklist

How to implement the General Data Protection Regulation (GDPR)

Webinars

Trending Sources

Norway Urges Europe-Wide Ban on Meta's Targeted Ad Data Collection

Webinars

Dutch DPA Issues Record Fine for Violating GDPR Data Subject Rights

META hit with privacy complaints by EU consumer groups

Guest Post - Three Critical Steps for GDPR Compliance

GDPR and The Data Governance Imperative

The GDPR: Everything you need to know about data controllers and data processors

Austrian DPA Finds Data Transfers Resulting from Analytics Cookie Use to Be in Violation of GDPR Data Transfer Requirements

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Why is the GDPR still something I should be concerned about?

6 typical GDPR questions explained

EDPB Publishes Guidelines on Extraterritorial Application of the GDPR

GUEST ESSAY: How ‘DPIAs” — data privacy impact assessments — can lead SMBs to compliance

Microsoft Products Under EU Investigation About Data Collection

GDPR Primer

Get Ready, Get Set for GDPR

What you need to know about data flow mapping under the GDPR

Dutch DPA Publishes Post-GDPR Complaints Report

EU: CJEU’s landmark decision in Meta vs Bundeskartellamt

These 3 GDPR Requirements You Must Support Today are Nothing Compared With What’s Coming

A guide to the GDPR for insurance companies

Google to Launch Google Analytics 4 in an Attempt to Address EU Privacy Concerns

Dan Solove on Privacy Regulation

Council and European Parliament Reach Political Agreement on the Data Act

China’s Data Privacy Law Poses Challenge for International Companies

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

EDPB Publishes Report of Outcome of the Cookie Banner Taskforce

Norwegian DPA Issues 2.5M EUR Preliminary Fine for U.S. Company Utilizing Web-Tracking IDs

European Medicines Agency Issues Updated Good Clinical Practice Q&A

When are schools required to report personal data breaches?

What is progressive profiling and how can it benefit your business?

GUEST ESSAY: California pioneers privacy law at state level; VA, VT, CO, NJ take steps to follow

Facebook's Download-Your-Data Tool Is Incomplete

German regulator orders Facebook to restrict data collection

Article 29 Working Party Published Guidelines on Transparency under the GDPR

One week into GDPR – what you need to know

DCMS Consults on National Data Strategy

India: New Digital Personal Data Protection Act, Start Planning Now.

CNIL Fines Clearview AI 20 Million Euros for Unlawful Use of Facial Recognition Technology

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

GDPR is upon us: are you ready for what comes next?

CIPL Responds to CNIL and Irish DPC on Transparency and Data Transfers under the GDPR

Strong security defense starts with prioritizing, limiting data collection

Stay Connected