2019, Exercises and Personal data - Information Management Today

Middle East: Kingdom of Bahrain publishes Personal Data Protection Law

DLA Piper Privacy Matters

SEPTEMBER 17, 2018

On 12 July 2018, the Kingdom of Bahrain (Bahrain) issued Law No. 30 of 2018 on the Personal Data Protection Law (PDPL). The PDPL will enter into force on 1 August 2019, giving businesses just under one year from the date of this article to prepare for the new regime. Businesses with a place of business in Bahrain; and.

Personal data

Personal data GDPR Compliance Risk

Dutch DPA Fines Dutch Credit Registration Bureau 830,000 Euros for Non-Compliance with Data Subject Rights

Hunton Privacy

JULY 15, 2020

After receiving multiple complaints from data subjects, the Dutch DPA investigated BKR’s management of data subjects’ access requests. In addition, Recital 59 of the GDPR clearly states that controllers should offer the possibility of accessing personal data in an electronic form when data is processed electronically.

Compliance

Compliance GDPR Personal data Paper

EDPB Stakeholder Event Highlights Continued Confusion over Data Subject Rights Compliance under the GDPR

Data Matters

DECEMBER 2, 2019

On 4 November 2019, the European Data Protection Board (EDPB), the EU-wide data supervisory authority, held a stakeholders’ event on data subject rights under the GDPR. Stakeholders noted some requests were too broad, in turn, making it difficult to identify which data subject right was being exercised (e.g.,

GDPR

GDPR Compliance Personal data Access

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

Between June 8, 2018 and April 6, 2019, the CNIL received 15 complaints from individuals relating to the exercise of their data protection rights with affiliates of the Carrefour Group. Loyalty program members’ data had been retained for a period of four years from their last activity.

GDPR

GDPR Personal data Data collection Marketing

RuNet – Russia successfully concluded tests on its Internet infrastructure

Security Affairs

DECEMBER 24, 2019

The exercises aimed at testing and ensuring the integrity and the security of Russia’s Internet infrastructure, so-called RuNet. “According to Sokolov, several scenarios were worked out during the exercises. Currently, among the 12 organizations that oversee DNS base servers worldwide there isn’t an entity in Russia.

IT

IT Communications Government Personal data

Ireland / Europe: DPC’s Record Fine Raises Expectations on Standards Applicable for Processing Children’s Data

DLA Piper Privacy Matters

OCTOBER 17, 2022

A recent decision by the Irish Data Protection Commission (“ DPC “) imposing a record €405 million fine provides clarification on the lawfulness of processing children’s personal data in accordance with the legal bases of ‘performance of contract’ and ‘legitimate interest’. Background. Analysis of Article 6(1).

GDPR

GDPR Personal data Risk Compliance

Bodybuilding.com forces password reset after a security breach

Security Affairs

APRIL 23, 2019

The website offers any kind of fitness articles, exercises, workouts, and supplements. The company confirmed it has no evidence that personal customer information was accessed or misused, as a precautionary measure the company is notifying all current and former users and customers. Review your accounts for suspicious activity.

Passwords

Passwords Security Retail Personal data

EDPB Releases Opinion on Interplay Between the ePrivacy Directive and the GDPR and a Statement on the ePrivacy Regulation

Hunton Privacy

MARCH 19, 2019

On March 12, 2019, the European Data Protection Board (“EDPB”) adopted an opinion on the interplay between the EU Directive on Privacy and Electronic Communications (“the ePrivacy Directive”) and the General Data Protection Regulation (“GDPR”) (the “Opinion”). Competence, tasks and powers of EU DPAs.

GDPR

GDPR Personal data Communications Government

FRANCE: ONE MORE STEP TO ENSURE CONSISTENCY OF THE NEW FRENCH DATA PROTECTION LAW

DLA Piper Privacy Matters

JANUARY 21, 2019

On 12 December 2018, the French Government issued an ordinance [1] finalizing, at the legislative level [2] , the alignment of the French Data Protection Law (“FDPL”) with the General Data Protection Regulation [3] (“GDPR”) and the Directive 2016/680 [4].

GDPR

GDPR Personal data Communications Government

Why law enforcement data processing is more complicated than you might think

IT Governance

MAY 30, 2019

The DPA 2018 includes a framework designed specifically for the processing of personal data for law enforcement purposes. Any other body that has statutory functions to exercise public authority or public powers for law enforcement purposes. A 12-step approach to law enforcement processing.

GDPR

GDPR Personal data Government Compliance

French court issues decision on legality of Privacy Rules and Terms of Use under data protection and consumer law

Data Protection Report

APRIL 12, 2019

UFC asked the judges to declare Google’s policies unlawful and abusive, on the grounds that they did not respect consumers’ privacy and personal data. Accordingly, the judges ruled that such personal data constituted goods from which Google derived an economic benefit in return for the service provided to users.

Privacy

Privacy Personal data IT Data Privacy

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

The European Data Protection Board (“EDPB”) reported a total of 281,088 national enforcement actions being initiated as of May 22, 2019 (approximately one year after the GDPR’s entry into application). Since then, data protection authorities across the EU have been initiating enforcement and fines on a daily basis.

GDPR

GDPR Personal data Privacy Manufacturing

German DSK Issues GDPR Fining Methodology Guidelines

Data Matters

DECEMBER 9, 2019

The European Data Protection Board (“EDPB”) reported a total of 281,088 national enforcement actions being initiated as of May 22, 2019 (approximately one year after the GDPR’s entry into application). Since then, data protection authorities across the EU have been initiating enforcement and fines on a daily basis.

GDPR

GDPR Personal data Privacy Manufacturing

Belgium: Belgian DPA imposes a EUR600,000 fine, its highest fine ever, on Google Belgium for non-compliance with right to be forgotten

DLA Piper Privacy Matters

JULY 29, 2020

The case against Google Belgium SA was initiated by a complaint filed with the Belgian DPA by a Belgian resident on 12 august 2019. The complainant, an executive at an unnamed large company, had requested the removal of 12 URLs which he considered to be harmful to his reputation. The case against Google Belgium.

GDPR

GDPR Compliance IT Privacy

FRANCE: A new phase in European privacy law enforcement – CNIL fined Google LLC 50 million euros!

DLA Piper Privacy Matters

JANUARY 24, 2019

On 21 January 2019, the restricted committee of the French Data Protection Supervisory Authority (CNIL) fined Google LLC 50 million euros for breaching GDPR for lack of transparency, inadequate information and lack of valid consent regarding personalized advertising. . Lack of transparency and breach of information requirements.

Privacy

Privacy GDPR Personal data Compliance

BELGIUM: NEW DATA PROTECTION COMMISSIONER

DLA Piper Privacy Matters

MARCH 28, 2019

Today, 29 March 2019, the Belgian House of Representatives appointed the new commissioner and directors of the Belgian Data Protection Authority (DPA). The commissioner will be dr. David Stevens, a seasoned data protection expert with a strong academic background and experience in the telco and data analytics industry.

GDPR

GDPR Privacy Analytics Personal data

CNIL Releases 2019 Annual Activity Report

Hunton Privacy

JUNE 10, 2020

On June 9, 2020, the French Data Protection Authority (the “CNIL”) published its Annual Activity Report for 2019 (the “Report”). The Report provides an overview of the CNIL’s enforcement activities in 2019. The CNIL received 2,287 data breach notifications in 2019.

Personal data

Personal data Marketing Data breaches Passwords

EDPB publishes guidance on calculating GDPR fines

Data Protection Report

JUNE 9, 2022

On 12 May 2022 EDPB adopted Guidelines on the calculation of administrative fines (the Guidelines ). Categories of personal data affected (e.g. Where a subsidiary is directly or indirectly wholly or almost wholly owned by the parent company, the rebuttable presumption is that the parent exercises decisive influence.

GDPR

GDPR Compliance Personal data IT

Comments Submitted on California Consumer Privacy Act of 2020—Initiative 19-0021

Data Matters

NOVEMBER 12, 2019

As submitted for the comment period on Initiatives – Active Measures for Initiative 19-0021 on November 8, 2019. Dear Mr. Mactaggart, As privacy practitioners, we share your passion and dedication to the development of information privacy and data protection law in the United States. Household information.

Privacy

Privacy Data breaches Compliance Personal data

California Consumer Privacy Act: The Challenge Ahead – CCPA and Employee Data

HL Chronicle of Data Protection

OCTOBER 26, 2018

According to critics, the new law was never intended to apply to employee data and the resulting language is just an unintended consequence of hasty drafting. Regardless of whether the act should or was intended to apply, there is little disagreement that the CCPA, in present form, facially applies to employee data.

Privacy

Privacy Sales Compliance Personal data

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months. Dixons Carphone admitted suffering a major data breach in July 2017, involving 5.9 million personal data records, and a second breach, in which customers’ names, addresses and email addresses were accessed.

Data breaches

Data breaches Personal data Access GDPR

Nevada, New York and other states follow California’s CCPA

Data Protection Report

JUNE 6, 2019

On May 29, 2019, Nevada enacted an amendment to its online privacy law, requiring businesses to offer consumers a right to opt-out of the sale of their personal information. The law also does not limit the number of times a consumer can make the request in a year, while CCPA limits requests to two (2) within 12 months.

Sales

Sales Privacy Insurance Manufacturing

And then there were five: CCPA amendments pass legislature

Data Protection Report

SEPTEMBER 17, 2019

The California legislative session for 2019 ended on September 13 and the following five amendments to the California Consumer Privacy Act (CCPA) were passed: AB 25, 874, 1146, 1355, and 1564. In subsections (a)(2) and (b)(12), businesses can offer different prices, rates, quality, etc. – § 1798.125.

B2B

B2B Privacy Communications Encryption

The Burden of Privacy In Discovery

Data Matters

SEPTEMBER 29, 2021

Relatively recent advances in technology — smartphones and social media, in particular — have allowed businesses to collect, store, and find ways to monetize far more personal data than ever before. 12 In other words, the 1983 amendment was seen as limiting the depth rather than the breadth of discovery.13.

Privacy

Privacy e-Discovery Computer and Electronics e-Delivery

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

We want businesses to ensure that their customers and future customers have consented to having their personal data processed, but we also need to ensure that the enormous potential for new data rights and freedoms does not open us up to new threats. To date, the Commission has adopted 12 such decisions.

GDPR

GDPR Personal data Government IT

A Decade of Have I Been Pwned

Troy Hunt

DECEMBER 3, 2023

” Anyone can type in an email address into the site to check if their personal data has been compromised in a security breach. Svalbard The potential sale of HIBP was a very painful, very expensive chapter of life, announced in a blog post from June 2019. requests in a single day. Collection #1.

Data breaches

Data breaches Passwords Sales IT

The right to be forgotten: the CJEU sides with Google in two landmark cases

Data Protection Report

OCTOBER 9, 2019

the right to the protection of personal data, not being an absolute right, must be balanced against other fundamental rights in line with the principle of proportionality. This neatly allowed searches which return special category personal data in the results to remain viable. The Court found that it did.

Personal data

Personal data Privacy GDPR Access

GDPR: One Year On

Data Matters

MAY 31, 2019

The 25th of May, 2019 marked a year since the EU General Data Protection Regulation (“ GDPR ”) came into force. Data Breaches and Enforcement Action. Perhaps of most interest has been how the data protection authorities (“ DPAs ”) would exercise their expanded enforcement powers under the GDPR.

GDPR

GDPR Data breaches Privacy Compliance

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Troy Hunt

APRIL 15, 2019

Still, this has been a useful exercise to understand not just how the various entities relate to each other, but also because it shows that the scope of this issue isn't just constrained to kids, it affects the elderly too. Friday 12 April: Vangelis calls her and has the discussion in the video above. I order one that morning.

Passwords

Passwords Privacy Manufacturing Access

Information Management Today

Middle East: Kingdom of Bahrain publishes Personal Data Protection Law

Dutch DPA Fines Dutch Credit Registration Bureau 830,000 Euros for Non-Compliance with Data Subject Rights

Trending Sources

EDPB Stakeholder Event Highlights Continued Confusion over Data Subject Rights Compliance under the GDPR

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

RuNet – Russia successfully concluded tests on its Internet infrastructure

Ireland / Europe: DPC’s Record Fine Raises Expectations on Standards Applicable for Processing Children’s Data

Bodybuilding.com forces password reset after a security breach

EDPB Releases Opinion on Interplay Between the ePrivacy Directive and the GDPR and a Statement on the ePrivacy Regulation

FRANCE: ONE MORE STEP TO ENSURE CONSISTENCY OF THE NEW FRENCH DATA PROTECTION LAW

Why law enforcement data processing is more complicated than you might think

French court issues decision on legality of Privacy Rules and Terms of Use under data protection and consumer law

German DSK Issues GDPR Fining Methodology Guidelines

German DSK Issues GDPR Fining Methodology Guidelines

Belgium: Belgian DPA imposes a EUR600,000 fine, its highest fine ever, on Google Belgium for non-compliance with right to be forgotten

FRANCE: A new phase in European privacy law enforcement – CNIL fined Google LLC 50 million euros!

BELGIUM: NEW DATA PROTECTION COMMISSIONER

CNIL Releases 2019 Annual Activity Report

EDPB publishes guidance on calculating GDPR fines

Comments Submitted on California Consumer Privacy Act of 2020—Initiative 19-0021

California Consumer Privacy Act: The Challenge Ahead – CCPA and Employee Data

Weekly podcast: 2018 end-of-year roundup

Nevada, New York and other states follow California’s CCPA

And then there were five: CCPA amendments pass legislature

The Burden of Privacy In Discovery

The debate on the Data Protection Bill in the House of Lords

A Decade of Have I Been Pwned

The right to be forgotten: the CJEU sides with Google in two landmark cases

GDPR: One Year On

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Stay Connected