2018, Examples and Personal data - Information Management Today

How to write a GDPR privacy notice – with documentation template example

IT Governance

NOVEMBER 8, 2018

Updated 8 November 2018. This blog was originally published before the GDPR took effect in May 2018. An integral part of EU GDPR (General Data Protection Regulation) compliance is producing appropriate documentation. Your privacy policy should address the following: Who is collecting the data? GDPR privacy notice.

GDPR

GDPR Privacy Personal data Compliance

Middle East: Kingdom of Bahrain publishes Personal Data Protection Law

DLA Piper Privacy Matters

SEPTEMBER 17, 2018

On 12 July 2018, the Kingdom of Bahrain (Bahrain) issued Law No. 30 of 2018 on the Personal Data Protection Law (PDPL). It will provide individuals with rights in relation to how their personal data can be collected, processed and stored. Businesses with a place of business in Bahrain; and.

Personal data

Personal data GDPR Compliance Risk

The Irish DPC fined WhatsApp €5.5M for violating GDPR

Security Affairs

JANUARY 21, 2023

. “WhatsApp Ireland has also been directed to bring its data processing operations into compliance within a period of six months.” ” On May 2018, ahead of the adoption of the GDPR, WhatsApp updated the Terms of Service imposing users to agree to the revised terms in order to continue using the messaging app.

GDPR

GDPR Metadata Encryption Communications

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

Introduction to Data Protection Laws. Data protection laws, regulations, and rules control the collection, use, transfer, and storage of personal and sensitive information. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data

Personal data GDPR Privacy Records Management

Reflecting on APAC Data Protection and Cyber-security Highlights for 2019 (and what lies ahead!)

Data Protection Report

JANUARY 20, 2020

2019 saw continued growth and change in data protection and cyber-security across the Asia-Pacific. Following the implementation of the GDPR in May, 2018, many jurisdictions moved to review and strengthen existing data privacy and cyber-security laws. million patients. million individuals.

Personal data

Personal data Security Data Privacy GDPR

Average cost of cyber crime rises to £10.3 million

IT Governance

JUNE 3, 2020

This represents a 12% increase year-on-year and a 73% increase over a five-year span, demonstrating how rapidly the cost of cyber crime is growing. There has been a similar jump in the number of incidents organisations experience, with an 11% increase year-on-year and a 67% increase between 2013 and 2018. million (about £8.6

Ransomware

Ransomware Personal data Phishing Risk

ICO Fines Ticketmaster £1.25 Million for Security Failures

Hunton Privacy

NOVEMBER 16, 2020

million for failing to keep its customers’ personal data secure. The ICO found that Ticketmaster had failed to implement appropriate security measures to prevent a cyber attack, breaching the requirements of Articles 5(1)(f) and 32 of the EU General Data Protection Regulation (“GDPR”). million in the UK.

Security

Security GDPR Personal data Risk

MY TAKE: Six-figure GDPR privacy fines reinforce business case for advanced SIEM, UEBA tools

The Last Watchdog

AUGUST 29, 2019

Europe came down hard this summer on British Airways and Marriott for failing to safeguard their customers’ personal data. What’s more, organizations that run afoul of the GDPR’s new data loss reporting requirements could face additional fines up to 2 percent of annual global revenue. million, on average.

GDPR

GDPR Privacy Big data Personal data

Is your school GDPR-compliant? Use our checklist to find out

IT Governance

MARCH 28, 2019

How was it possible for someone to be so misguided about such a well-publicised regulation, the requirements of which have huge ramifications for the way organisations handle personal data? Granted, 2018 was very much ‘the year of the GDPR’ in some circles. Sending false invoices, for example, is easy money.”.

GDPR

GDPR Compliance Data breaches Personal data

ICO provides guidance on calculating monetary penalties

Data Protection Report

OCTOBER 7, 2020

The guidance, which sits alongside the ICO’s Regulatory Action Policy , covers the ICO’s range of enforcement powers, but of most interest is the section on how the ICO will calculate fines under the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR).

GDPR

GDPR Personal data IT

Heathrow Airport fined £120,000 for data breach

IT Governance

OCTOBER 9, 2018

The ICO (Information Commissioner’s Office) has fined Heathrow Airport £120,000 for failing to secure sensitive personal data after a member of public found an unencrypted USB stick containing data about the airport’s staff. How did the data breach occur? However, the ICO hasn’t confirmed this. Maximum penalty.

Data breaches

Data breaches Personal data Libraries Information Security

Government publishes consultation on post-Brexit data reforms

DLA Piper Privacy Matters

SEPTEMBER 10, 2021

where processing is for research purposes, disapplying the current requirement for controllers who collected personal data directly from the data subject to provide further information to the data subject prior to any further processing, where it would require a disproportionate effort to do so. to up to £17.5

Government

Government Paper Personal data GDPR

Article 29 Working Party Published Guidelines on Transparency under the GDPR

Hunton Privacy

DECEMBER 20, 2017

On December 12, 2017, the Article 29 Working Party (“Working Party”) published its guidelines on transparency under Regulation 2016/679 (the “Guidelines”). The Guidelines aim to provide practical guidance and clarification on the transparency obligations introduced by the EU General Data Protection Regulation (“GDPR”).

GDPR

GDPR Personal data Privacy Communications

French court issues decision on legality of Privacy Rules and Terms of Use under data protection and consumer law

Data Protection Report

APRIL 12, 2019

UFC asked the judges to declare Google’s policies unlawful and abusive, on the grounds that they did not respect consumers’ privacy and personal data. Accordingly, the judges ruled that such personal data constituted goods from which Google derived an economic benefit in return for the service provided to users.

Privacy

Privacy Personal data IT Data Privacy

Brazilian Data Protection Law Update – Delayed Enforcement, Lack of Administrative Structure, and Market Unreadiness

Data Matters

JULY 22, 2020

13.709/2018 (the Brazilian Data Protection Law, or “ LGPD ”) in 2018 was followed by great enthusiasm from the general public in Brazil. Indeed, the comprehensive law has been viewed as a necessary measure for the country to join a select but growing group of nations in the systematic protection of individuals’ personal data.

Marketing

Marketing Compliance Personal data GDPR

FTC to levy unprecedented $US5bn fine against Facebook

Data Protection Report

JULY 16, 2019

On Friday, July 12, 2019, the Wall Street Journal reported that Federal Trade Commission and Facebook reached a settlement to resolve Facebook’s privacy issues surrounding the Cambridge Analytica disclosure discovered last year. For example, Senator Mark Warner, D-Va., At this time, the fine is the only penalty or measure reported.

Privacy

Privacy Personal data GDPR Government

Parenting support club Bounty fined in ‘unprecedented’ data breach

Data Protection Report

APRIL 18, 2019

On 12 April, the Information Commissioners Office ( ICO ) fined Bounty , a pregnancy and parent support club, £400,000 for illegally sharing personal data belonging to more than 14 million people. Further, the ‘offline’ registrants were not given access to Bounty’s Privacy Policy (the Policy ) at the point of registration.

Data breaches

Data breaches Personal data Data collection Marketing

EDPB Published Guidelines on Certification and Derogations under the GDPR

Hunton Privacy

JUNE 1, 2018

On May 30, 2018, the European Data Protection Board (“EDPB”), replacing the Article 29 Working Party , published the final version of Guidelines 2/2018 on derogations in the context of international data transfers and draft Guidelines 1/2018 on certification under the EU General Data Protection Regulation (“GDPR”). .

GDPR

GDPR Personal data Compliance Risk

EDPB Joins the Dots of ePrivacy and GDPR

HL Chronicle of Data Protection

MARCH 25, 2019

On 12 March 2019 at its Eighth Plenary Session , the European Data Protection Board (“EDPB”) adopted its Opinion 5/2019 on the interplay between the ePrivacy Directive (“ePD”) and the General Data Protection Regulation (“GDPR”).

GDPR

GDPR Personal data Communications Access

Commission Publishes Report on the Second Annual Review of the Functioning of the EU-U.S. Privacy Shield

Hunton Privacy

DECEMBER 20, 2018

On December 19, 2018, the European Commission (the “Commission”) issued a press release regarding the publication of the Commission’s second annual review of the functioning of the EU-U.S. On July 12, 2016, the Commission adopted an adequacy decision on the basis that the EU-U.S. Privacy Shield (the “ Report ”). Background.

Privacy

Privacy Compliance Personal data GDPR

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. This personal data was still being held by late May 2018 and had been subject to unauthorised use by a third party.

GDPR

GDPR Personal data Privacy Information architecture

Update: Vietnam’s New Cybersecurity Law

HL Chronicle of Data Protection

NOVEMBER 15, 2018

On June 12, 2018, the Vietnamese National Assembly passed the Law on Cybersecurity (the “ Cybersecurity Law “), which will take effect on January 1, 2019. Localized storage and retention of personal data. Data created by a user (e.g. Data retention periods depend on the type of data being stored.

Cybersecurity

Cybersecurity Personal data Compliance Government

Working party publishes draft of GDPR guidelines for Article 49 (export derogations)

Data Protection Report

MARCH 5, 2018

On February 12, 2018, the Article 29 Working Party (WP29) published guidance regarding Article 49 of the General Data Protection Regulation (GDPR) for public comment. The deadline for submitting comments on the draft is March 26, 2018, and responses should be emailed to JUST-ARTICLE29WP-SEC@ec.europa.eu. the U.S.);

GDPR

GDPR Personal data e-Discovery Risk

UK Supreme Court Rules Morrisons Not Vicariously Liable for Malicious Data Breach by Employee

Data Matters

APRIL 20, 2020

Case: WM Morrison Supermarkets plc v Various Claimants [2020] UKSC 12. In the former examples, it can clearly be argued that these acts occur with the employee acting in the ordinary course of their employment for which the employer may be vicariously liable. 1 [2016] UKSC 11. 2 [2002] UKHL 48.

Data breaches

Data breaches GDPR Privacy IT

Senator Markey Introduces Privacy Bill of Rights Act

Hunton Privacy

APRIL 16, 2019

On April 12, 2019, Senator Edward J. This definition is substantially similar to the definition of “personal information” contained in the California Consumer Privacy Act of 2018.

Privacy

Privacy Sales Compliance Access

CHINA: NEW DATA PROTECTION STANDARD – WHAT YOU NEED TO KNOW

DLA Piper Privacy Matters

FEBRUARY 13, 2018

The long awaited new National Standards on Information Security Technology – Personal Information Security Specification GB/T 35273-2017 (“PI Specification”) has now been released, and will come into force on 1 May 2018. personal information” and “sensitive personal information”). Explicit consent (i.e.

Information Security

Information Security Compliance GDPR Big data

Finding the treasure in governement information management

CILIP

DECEMBER 11, 2023

He gives an example from his early days at the Department for the Environment: “I remember in April 1986, I was on the library enquiry desk. FOI is a good example, you get 20 days to do it, and anything from a public inquiry will come with a challenging deadline and little appreciation of how difficult it may be to find some material.”

Government

Government Libraries Computer and Electronics Information governance

Digitalizing the bank: Challenges, opportunities and strategies

CGI

DECEMBER 18, 2018

Tue, 12/18/2018 - 22:19. For example, how quickly can we launch a new type of account in response to a market change? How can we treat customers based on their demographics by, for example, providing different services to younger and older people? Digitalizing the bank: Challenges, opportunities and strategies.

Customer Experience

Customer Experience Artificial Intelligence Marketing Personal data

California Consumer Privacy Act Signed, Introduces Key Privacy Requirements for Businesses

Hunton Privacy

JUNE 29, 2018

On June 28, 2018, the Governor of California signed AB 375 , the California Consumer Privacy Act of 2018 (the “Act”). The Act introduces key privacy requirements for businesses, and was passed quickly by California lawmakers in an effort to remove a ballot initiative of the same name from the November 6, 2018, statewide ballot.

Privacy

Privacy Sales Personal data Communications

Digitalizing the bank: Challenges, opportunities and strategies

CGI

DECEMBER 18, 2018

Tue, 12/18/2018 - 22:29. For example, how quickly can we launch a new type of account in response to a market change? How can we treat customers based on their demographics by, for example, providing different services to younger and older people? Digitalizing the bank: Challenges, opportunities and strategies.

Customer Experience

Customer Experience Artificial Intelligence Marketing Personal data

One Year and Counting – a GDPR Checklist

Managing Your Information

MAY 25, 2017

Identify the personal data that you hold. You should also identify information falling within the Special Categories (Article 9) or data relating to criminal convictions and offences (Article 10). Identify each of your specific purposes for processing personal data. Ensuring Your People Are Ready.

GDPR

GDPR Personal data Compliance Data breaches

One Year and Counting – a GDPR Checklist

Managing Your Information

MAY 25, 2017

Identify the personal data that you hold. You should also identify information falling within the Special Categories (Article 9) or data relating to criminal convictions and offences (Article 10). Identify each of your specific purposes for processing personal data. Ensuring Your People Are Ready.

GDPR

GDPR Personal data Compliance Data breaches

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

On June 28, 2018, California Gov. Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). The terms “infer” and “inference” are defined as the derivation of information, data, assumptions or conclusions from facts, evidence or another source of information or data. Right to Know.

GDPR

GDPR Privacy Sales Data breaches

California Consumer Privacy Act: The Challenge Ahead – CCPA and Employee Data

HL Chronicle of Data Protection

OCTOBER 26, 2018

The application of the California Consumer Protection Act of 2018 (“CCPA”) to employee data has been the subject of much debate since the first version of the bill was introduced on June 21, 2018 (just days prior to its enactment on June 28). Under a plain language reading of the CCPA, the law likely applies to employee data.

Privacy

Privacy Sales Compliance Personal data

UK: How real is the threat of data protection group litigation in the UK?

DLA Piper Privacy Matters

NOVEMBER 6, 2018

The Court of Appeal delivered its decision in the case of WM Morrisons Supermarkets Plc v Various Claimants ([2018] EWCA Civ 2339) in October, dismissing Morrisons’ appeal against an earlier decision from 2017 finding the supermarket vicariously liable for the actions of a former employee, Andrew Skelton. million.

Insurance

Insurance Data breaches Personal data GDPR

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Consumer access and data portability rights.

Privacy

Privacy GDPR Personal data Risk

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

Data Protection Report

JUNE 29, 2018

On June 28, 2018, California lawmakers enacted the California Consumer Privacy Act of 2018 (the “CCPA”) a sweeping, GDPR-like privacy law which is intended to give California consumers more control over how businesses collect and use their data. Consumer Access and Data Portability Rights.

Privacy

Privacy GDPR Personal data Risk

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

On June 28, 2018, California Gov. Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). The terms “infer” and “inference” are defined as the derivation of information, data, assumptions or conclusions from facts, evidence or another source of information or data. Right to Know.

GDPR

GDPR Privacy Sales Data breaches

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. It was recently signed into law by the governor.

Privacy

Privacy Sales Compliance Cybersecurity

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. It was recently signed into law by the governor.

Privacy

Privacy Sales Education Compliance

ICO’s draft Age Appropriate Design Code could seriously impact processing of under 18’s personal data

Data Protection Report

MAY 16, 2019

In keeping with the ICO’s earlier guidance on processing personal data of children, the primary factor for consideration here is whether the proposed activity is in the “best interests” of the child. 10-12: transition years. 0 – 5: pre-literate and early literacy. 6 – 9: core primary school years. 13-15: early teens.

Personal data

Personal data Privacy GDPR Access

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

Relatively recent advances in technology — smartphones and social media, in particular — have allowed businesses to collect, store, and find ways to monetize far more personal data than ever before. 12 In other words, the 1983 amendment was seen as limiting the depth rather than the breadth of discovery.13.

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

Hunton Privacy

OCTOBER 5, 2016

The workshop was attended by almost 120 delegates from businesses, 12 data protection authorities (“DPAs”), four EU Member State governments, the EU Commission and the European Data Protection Supervisor, a non-DPA regulator, several academics and the IAPP.

GDPR

GDPR Risk IT Compliance

Laws on Using Personal Information Are Changing. Are You Ready?

Managing Your Information

OCTOBER 21, 2016

After a time of uncertainty, the way forward for the implementation of the General Data Protection Regulation (GDPR) seems to be emerging. The new EU Regulation on data protection was adopted earlier this year, becoming effective in all EU member states in May 2018.

GDPR

GDPR Compliance Risk Personal data

How to write a GDPR privacy notice – with documentation template example

Middle East: Kingdom of Bahrain publishes Personal Data Protection Law

Webinars

Trending Sources

The Irish DPC fined WhatsApp €5.5M for violating GDPR

Webinars

The Impact of Data Protection Laws on Your Records Retention Schedule

Reflecting on APAC Data Protection and Cyber-security Highlights for 2019 (and what lies ahead!)

Average cost of cyber crime rises to £10.3 million

ICO Fines Ticketmaster £1.25 Million for Security Failures

MY TAKE: Six-figure GDPR privacy fines reinforce business case for advanced SIEM, UEBA tools

Is your school GDPR-compliant? Use our checklist to find out

ICO provides guidance on calculating monetary penalties

Heathrow Airport fined £120,000 for data breach

Government publishes consultation on post-Brexit data reforms

Article 29 Working Party Published Guidelines on Transparency under the GDPR

French court issues decision on legality of Privacy Rules and Terms of Use under data protection and consumer law

Brazilian Data Protection Law Update – Delayed Enforcement, Lack of Administrative Structure, and Market Unreadiness

FTC to levy unprecedented $US5bn fine against Facebook

Parenting support club Bounty fined in ‘unprecedented’ data breach

EDPB Published Guidelines on Certification and Derogations under the GDPR

EDPB Joins the Dots of ePrivacy and GDPR

Commission Publishes Report on the Second Annual Review of the Functioning of the EU-U.S. Privacy Shield

GDPR – The Year in Review

Update: Vietnam’s New Cybersecurity Law

Working party publishes draft of GDPR guidelines for Article 49 (export derogations)

UK Supreme Court Rules Morrisons Not Vicariously Liable for Malicious Data Breach by Employee

Senator Markey Introduces Privacy Bill of Rights Act

CHINA: NEW DATA PROTECTION STANDARD – WHAT YOU NEED TO KNOW

Finding the treasure in governement information management

Digitalizing the bank: Challenges, opportunities and strategies

California Consumer Privacy Act Signed, Introduces Key Privacy Requirements for Businesses

Digitalizing the bank: Challenges, opportunities and strategies

One Year and Counting – a GDPR Checklist

One Year and Counting – a GDPR Checklist

California Enacts Broad Privacy Laws Modeled on GDPR

California Consumer Privacy Act: The Challenge Ahead – CCPA and Employee Data

UK: How real is the threat of data protection group litigation in the UK?

California passes major legislation, expanding consumer privacy rights and legal exposure for US and global companies

California Passes Major Legislation, Expanding Consumer Privacy Rights and Legal Exposure for US and Global Companies

California Enacts Broad Privacy Protections Modeled on GDPR

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

ICO’s draft Age Appropriate Design Code could seriously impact processing of under 18’s personal data

The Burden of Privacy In Discovery

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

Laws on Using Personal Information Are Changing. Are You Ready?

Stay Connected