Examples, Exercises, Government and Personal data

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

JUNE 22, 2022

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill. The Department for Culture, Media and Sport (DCMS) has finally published the UK government’s long-awaited response to the consultation on the future of the UK data protection regime.

GDPR

GDPR Government Personal data Risk

Colorado AG Provides Insights on the Colorado Privacy Act Rulemaking Process

Hunton Privacy

APRIL 25, 2022

On April 12, 2022, Colorado Attorney General Phil Weiser made remarks at the International Association of Privacy Professionals Global Privacy Summit in Washington, D.C., Interested parties are invited to provide contributory research to reference and use case examples from the practice that impact or manipulate consumer choice.

Privacy

Privacy Personal data Sales Compliance

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. A data subject is the human being who owns the data.

GDPR

GDPR Compliance Personal data Privacy

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Definition and Purpose of a Records Retention Schedule.

Personal data

Personal data GDPR Privacy Records Management

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

45 of 2021 on the Protection of Personal Data Protection (“ PDPL ”), which was issued on 26 September 2021. In this regard we expect it will be welcomed by local, regional and international businesses, in particular those that rely heavily upon personal data and international personal data flows. Exceptions.

Personal data

Personal data Data breaches GDPR Compliance

How to comply with Article 30 of the GDPR

IT Governance

JUNE 21, 2018

Article 30 of the EU General Data Protection Regulation (GDPR) sets out what exactly organisations need to document in order to comply with the Regulation. One key part of this record-keeping activity is to document the category of individuals (employees, customers, etc.) Where to begin with a data flow map? Formats (e.g.

GDPR

GDPR Personal data Risk Cloud

How to write a GDPR-compliant data subject access request procedure – with template

IT Governance

NOVEMBER 8, 2018

The EU’s GDPR (General Data Protection Regulation) gives data subjects the right to access their personal data from data controllers that are processing it and “to exercise that right easily and at reasonable intervals, in order to be aware of, and verify, the lawfulness of the processing”.

GDPR

GDPR Access Personal data Compliance

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

The CNIL provides practical advice to the management and the operational staff who process personal data, in order to ensure that such processing is carried out in compliance with the applicable data protections laws. The DPO is the key contact for the CNIL and data subjects. Provide information and advice.

GDPR

GDPR Compliance Personal data Communications

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

GDPR Compliance Starts with Data Discovery. The EU General Data Protection Regulation is a game changer , particularly enforcement of obligations to safeguard privacy rights. Article 28 lays out the obligation requirements that govern the relationship between data controllers and processors.

GDPR

GDPR Compliance Privacy Data Privacy

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission).

Privacy

Privacy GDPR Data breaches Risk

EDPB publishes guidance on calculating GDPR fines

Data Protection Report

JUNE 9, 2022

Whereas the previous guidance set out general principles for when to impose fines under Article 83 GDPR, the new Guidelines provide a detailed five-step methodology for calculating a starting point for a fine and clarify how to determine the turnover of an undertaking in order to harmonise the approach across Member States.

GDPR

GDPR Compliance Personal data IT

5 learnings from the “Meeting the CCPA Challenge” webinar

Collibra

MARCH 12, 2020

The CCPA officially went into effect on January 1, 2020, impacting over 40 million California residents and thousands of businesses who use personal information (PI) around the globe. Consumers can ask businesses what categories of their PI is being collected. Businesses must provide clear notice about categories of PI it collects.

Data Privacy

Data Privacy Privacy Government Compliance

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

7 key stages of the data protection impact assessment (DPIA)

IT Governance

SEPTEMBER 4, 2019

2 ) Large-scale use of sensitive data : “(b) processing on a large scale of special categories of data referred to in Article 9(1), or of personal data relating to criminal convictions and offences referred to in Article 10”. The nature of the processing is what you plan to do with the personal data.

Personal data

Personal data GDPR Risk Access

California Consumer Privacy Act Signed, Introduces Key Privacy Requirements for Businesses

Hunton Privacy

JUNE 29, 2018

This definition of personal information aligns more closely with the EU General Data Protection Regulation’s definition of personal data. Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.

Privacy

Privacy Sales Personal data Communications

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

Hunton Privacy

MARCH 17, 2017

On March 15, 2017, the French data protection authority (the “CNIL”) published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation (“GDPR”) that will become applicable on May 25, 2018. Step 1: Appointing a Data Protection Officer (“DPO”) or “Pilot”.

GDPR

GDPR Personal data Compliance Privacy

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). Under the GDPR, any person or entity that processes (collects, stores, uses, etc.)

GDPR

GDPR Privacy Personal data Sales

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission).

Privacy

Privacy GDPR Data breaches Risk

When And How Cos. Should Address Cyber Legal Compliance

Data Matters

OCTOBER 30, 2017

Company boards, CEOs and general counsels cannot, of course, categorically prevent either breaches or rumors. They can, however, engage in probing internal due diligence of their companies’ cyber governance and compliance posture before it is too late — that is, before a cyber event occurs. 1] The U.S.

Compliance

Compliance Cybersecurity Risk Government

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). Under the GDPR, any person or entity that processes (collects, stores, uses, etc.)

GDPR

GDPR Privacy Personal data Sales

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

HL Chronicle of Data Protection

OCTOBER 3, 2018

As the most comprehensive privacy law to be enacted in the United States thus far, the California Consumer Privacy Act (CCPA) has inevitably invited comparisons to the European Union’s General Data Protection Regulation (GDPR). Under the GDPR, any person or entity that processes (collects, stores, uses, etc.)

GDPR

GDPR Privacy Personal data Sales

Malaysian Data Protection Law Takes Effect

Hunton Privacy

NOVEMBER 19, 2013

On November 14, 2013, the Minister of the Malaysian Communications and Multimedia Commission (the “Minister”) announced that Malaysia’s Personal Data Protection Act 2010 (the “Act”) would be going into effect as of November 15, marking the end of years of postponements. The law imposes a number of generally applicable principles.

Personal data

Personal data Marketing Communications Insurance

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. CCPA Background. What Is Covered? Right of Disclosure.

Privacy

Privacy Sales Compliance Cybersecurity

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

Data Protection Report

JUNE 29, 2018

For companies that have implemented a compliance plan for European Union data subjects under the EU General Data Protection Regulation (“GDPR”), this law means many of the similar protections will now need to be extended to California residents. Consumer access and data portability rights. Private actions.

Privacy

Privacy GDPR Personal data Risk

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

Data Protection Report

JUNE 29, 2018

For companies that have implemented a compliance plan for European Union data subjects under the EU General Data Protection Regulation (“GDPR”), this law means many of the similar protections will now need to be extended to California residents. Consumer Access and Data Portability Rights. Private Actions.

Privacy

Privacy GDPR Personal data Risk

And then there were five: CCPA amendments pass legislature

Data Protection Report

SEPTEMBER 17, 2019

Subsection (c)(5) is clarified to read that a business’ obligation is to disclose in an online privacy policy “that a consumer has the right to request” the specific pieces of personal information that the business has collected about consumers in general, not about a specific consumer. – § 1798.115.

B2B

B2B Privacy Communications Encryption

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. CCPA Background. What Is Covered? Right of Disclosure.

Privacy

Privacy Sales Education Compliance

EU data governance regulation – A wave of digital, regulatory and antitrust reform begins – Part Two

Data Protection Report

DECEMBER 17, 2020

On 25 November 2020, the European Commission ( EC ) published its proposed Data Governance Regulation (the DGR ), which will create a new legal framework to encourage the development of a European single market for data. They will be the only third parties able to run so-called data exchanges or trusts for data pools.

Government

Government Personal data GDPR Access

New to the Role of Data Protection Officer? We’ve Put Together a Few Points to Help You Get Started

Managing Your Information

JULY 22, 2019

Some of the hype about the General Data Protection Regulation (the GDPR) has been given renewed focus over the last couple of weeks by the issuing of two Notices of Intent by the Information Commissioner’s Office (ICO) with a nominal value of over £283m. What skills and competencies should I have?

GDPR

GDPR Personal data Compliance Information governance

New to the Role of Data Protection Officer? We’ve Put Together a Few Points to Help You Get Started

Managing Your Information

JULY 22, 2019

Some of the hype about the General Data Protection Regulation (the GDPR) has been given renewed focus over the last couple of weeks by the issuing of two Notices of Intent by the Information Commissioner’s Office (ICO) with a nominal value of over £283m. What skills and competencies should I have?

GDPR

GDPR Personal data Compliance Information governance

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Data is not just a resource for better marketing, better service and delivery. Data is used to build products themselves. It has become a cliché that data is the new oil. Perhaps the Government could respond on that point. change it substantially.

GDPR

GDPR Personal data Government IT

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Data Protection Report

DECEMBER 17, 2020

On 25 November 2020, the European Commission ( EC ) published its proposed Data Governance Regulation (the DGR ), which will create a new legal framework to encourage the development of a European single market for data. What are the objectives of the Data Governance Regulation?

Government

Government Personal data Marketing Artificial Intelligence

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

Relatively recent advances in technology — smartphones and social media, in particular — have allowed businesses to collect, store, and find ways to monetize far more personal data than ever before. 19 No longer are the proportionality considerations described as separate “limitations” on an inquiry governed solely by relevance.20

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

Mic Drop: California AG releases long-awaited CCPA Rulemaking

Data Protection Report

OCTOBER 11, 2019

On October 10, 2019, with just weeks to go until the law goes into effect, the California Attorney General released the long-awaited draft regulations for the California Consumer Privacy Act (CCPA). The Attorney General will hold public hearings in four California cities during the first week of December to hear comments. 999.305(d)).

Sales

Sales Retail Privacy Access

California Consumer Privacy Act: The Challenge Ahead — Key Terms in the CCPA

HL Chronicle of Data Protection

SEPTEMBER 14, 2018

We thus focus here on detailing some of the CCPA’s key definitional terms, organized into topical categories. The CCPA defines “service provider” as a legal entity that “processes information on behalf of a business and to which the business discloses a consumer’s personal information for a business purpose pursuant to a written contract.”.

Privacy

Privacy Sales GDPR Personal data

The ICO Updates Its Data Sharing Code of Practice

HL Chronicle of Data Protection

AUGUST 5, 2019

On 9 July 2019 the UK data protection authority (ICO) updated its Data Sharing Code of Practice (first published in 2011) (Code). The Code, made under section 121 of the UK’s Data Protection Act (DPA), is publicly available for consultation until 9 September 2019. Specific data sharing cases.

GDPR

GDPR IT Personal data Compliance

FRANCE : THE CNIL ADOPTS REVISED GUIDELINES AND FINAL RECOMMENDATIONS ON COOKIES AND OTHER TRACKERS

DLA Piper Privacy Matters

OCTOBER 6, 2020

To that end, the CNIL provides practical examples and good practices in the Recommendations, from the use of a “reject all” button to the availability of a visible “cookies” icon enabling users to parameter their choices and withdraw their consent. A more detailed list of cookies and trackers exempt from consent.

GDPR

GDPR Communications Access Data collection

GDPR: lawful bases for processing, with examples

IT Governance

MARCH 13, 2020

Under the EU GDPR (General Data Protection Regulation) , you need to identify a lawful basis before processing personal data. Do you always need individuals’ consent to process their data? For the purposes of legitimate interests pursued by the data controller. First published June 2018.

GDPR

GDPR Personal data Compliance Marketing

GDPR: lawful bases for processing, with examples

IT Governance

JUNE 15, 2018

Like the Data Protection Act 1998 (DPA 1998) that it superseded, the General Data Protection Regulation (GDPR) sets out six lawful bases for processing personal data. To comply with the data controller’s legal obligations. To protect the data subject’s vital interests.

GDPR

GDPR Personal data Compliance Privacy

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

Ralph Northam signed into law the Virginia Consumer Data Protection Act (VCDPA). The VCDPA, which will not enter into effect until January 1, 2023, borrows heavily from the California Consumer Privacy Act (CCPA) and the European Union (EU) General Data Protection Regulation (GDPR). Exemptions. Entity exemptions.

Personal data

Personal data GDPR Sales Privacy

Data collection cheat sheet: how Parler, Twitter, Facebook, MeWe’s data policies compare

Security Affairs

JANUARY 13, 2021

Here are the biggest takeaways from analyzing these 10 social platforms: Parler is the only platform that asks for a government-issued ID to verify its users’ general accounts (although unverified accounts can interact limitedly on the platform). In general, alt social platforms had fewer requests than their mainstream counterparts.

Data collection

Data collection Privacy Analytics Access

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Colorado AG Provides Insights on the Colorado Privacy Act Rulemaking Process

Webinars

Trending Sources

GDPR compliance checklist

Webinars

How to implement the General Data Protection Regulation (GDPR)

The Impact of Data Protection Laws on Your Records Retention Schedule

UAE: Federal level data protection law enacted

How to comply with Article 30 of the GDPR

How to write a GDPR-compliant data subject access request procedure – with template

France: The CNIL publishes a practical guide on Data Protection Officers

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

The Privacy Officers’ New Year’s Resolutions

EDPB publishes guidance on calculating GDPR fines

5 learnings from the “Meeting the CCPA Challenge” webinar

California Enacts Broad Privacy Laws Modeled on GDPR

7 key stages of the data protection impact assessment (DPIA)

California Consumer Privacy Act Signed, Introduces Key Privacy Requirements for Businesses

CNIL Publishes Six Step Methodology and Tools to Prepare for GDPR

California Enacts Broad Privacy Protections Modeled on GDPR

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

The Privacy Officers’ New Year’s Resolutions

When And How Cos. Should Address Cyber Legal Compliance

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

California Consumer Privacy Act: The Challenge Ahead – A Comparison of 10 Key Aspects of The GDPR and The CCPA

Malaysian Data Protection Law Takes Effect

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

And then there were five: CCPA amendments pass legislature

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

EU data governance regulation – A wave of digital, regulatory and antitrust reform begins – Part Two

New to the Role of Data Protection Officer? We’ve Put Together a Few Points to Help You Get Started

New to the Role of Data Protection Officer? We’ve Put Together a Few Points to Help You Get Started

The debate on the Data Protection Bill in the House of Lords

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

The Burden of Privacy In Discovery

Mic Drop: California AG releases long-awaited CCPA Rulemaking

California Consumer Privacy Act: The Challenge Ahead — Key Terms in the CCPA

The ICO Updates Its Data Sharing Code of Practice

FRANCE : THE CNIL ADOPTS REVISED GUIDELINES AND FINAL RECOMMENDATIONS ON COOKIES AND OTHER TRACKERS

GDPR: lawful bases for processing, with examples

GDPR: lawful bases for processing, with examples

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data collection cheat sheet: how Parler, Twitter, Facebook, MeWe’s data policies compare

Stay Connected