GDPR and Personal data - Information Management Today

GUEST ESSAY: How stricter data privacy laws have redefined the ‘filing’ of our personal data

The Last Watchdog

NOVEMBER 4, 2021

Filing systems, historically speaking, have been all about helping its users find information quickly. Related: GDPR and the new privacy paradigm. Europe’s General Data Protection Regulations (GDPR) changed the game. And none of that can be done without knowing where someone’s personal information is filed away.

Personal data

Personal data Unstructured data Privacy Data Privacy

Maintaining GDPR and Data Privacy Compliance in 2024

IT Governance

FEBRUARY 16, 2024

He’s also an award-winning author, and has been involved in developing a wide range of information security and data privacy training courses, has consulted for clients across the globe, and is a regular media commentator and speaker. We sat down to chat to him about industry challenges in 2024.

Data Privacy

Data Privacy GDPR Compliance Privacy

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter.

GDPR

GDPR Compliance Personal data Privacy

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

GDPR personal data explained

Collibra

NOVEMBER 13, 2020

The General Data Protection Regulation (GDPR), in force since May 25, 2018, requires businesses to protect the personal data and privacy of European Union (EU) citizens, for transactions that occur within EU Member States. The GDPR also regulates the exportation of personal data outside the EU.

Personal data

Personal data GDPR Data Privacy Privacy

CNIL Published Guidelines on Re-Use of Personal Data by Data Processors

Hunton Privacy

JANUARY 20, 2022

On January 12, 2022, the French Data Protection Authority (the “CNIL”) published guidelines on the re-use of personal data by data processors for their own purposes (such as product improvement or the development of new products and services) under the EU General Data Protection Regulation (“GDPR”) (the “Guidelines”).

Personal data

Personal data GDPR Encryption IT

Italian Garante bans Chat GPT from processing personal data of Italian data subjects

Data Protection Report

APRIL 5, 2023

The alleged GDPR infringements: The Garante apparently took its action after becoming aware of a recent data breach at ChatGPT, where users’ chat titles and payment information was exposed. Therefore, whilst the Garante’s action may be the first action of its kind, it seems unlikely to be the last.

Personal data

Personal data GDPR Data breaches Privacy

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Irish regulators hit Meta with a EUR 1.2

GDPR

GDPR Compliance Personal data Privacy

GDPR: What’s the difference between personal data and sensitive data?

IT Governance

JULY 29, 2019

Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’ But what exactly does personal data mean? What is personal data? What is sensitive personal data? A home address.

Personal data

Personal data GDPR Encryption Compliance

Changing Attitudes Towards GDPR Enforcement and Compliance: 2018 – 2023

IT Governance

MAY 25, 2023

billion fine for Meta – by far the biggest fine issued under the GDPR since it took effect five years ago – has been taken by many as a sign that the Regulation is at last beginning to be enforced with sufficient vigour. Companies that ostensibly offered services to consumers were amassing large data sets about how those consumers behaved.

GDPR

GDPR Compliance Personal data Data Privacy

Italian Garante Fines Deliveroo 2.5M Euros for Unlawful Processing of Personal Data

Hunton Privacy

AUGUST 5, 2021

On August 2, 2021, the Italian Data Protection Authority ( Garante per la protezione dei dati personali , “Garante”) announced that it had levied a €2,500,000 fine on Deliveroo Italy s.r.l.

Personal data

Personal data GDPR IT

GDPR Three Years Later

Thales Cloud Protection & Licensing

MAY 24, 2021

GDPR Three Years Later. May 25, 2021, marks the third anniversary of GDPR – a landmark regulation not only for consumer privacy but for businesses processing and controlling petabytes of personal data day after day. Standardizing data protection processes across the EU digital market. Tue, 05/25/2021 - 06:26.

GDPR

GDPR Encryption Privacy Personal data

Europe: CJEU decision – Right of access to individual recipients of personal data

DLA Piper Privacy Matters

JANUARY 19, 2023

On 12 January 2023, the European Court of Justice (“ CJEU ”) delivered its judgment regarding the right of access to personal data under Article 15 GDPR. The CJEU held that when exercising their right of access under the GDPR, data subjects must be provided with the individual data recipients of their personal data.

Personal data

Personal data Access GDPR Privacy

Transferring personal data under the GDPR

IT Governance

JANUARY 3, 2018

There’s not much organisations can do to eliminate data loss, so the problem becomes how to reduce the damage once the data is exposed? This is a particularly pressing concern with the EU General Data Protection Regulation (GDPR) taking effect this year. Data transfers. Pseudonymisation and encryption.

Personal data

Personal data GDPR Encryption Data breaches

UK: New guidance on processing personal data for scientific research purposes

DLA Piper Privacy Matters

MARCH 1, 2022

Meanwhile, a sometimes popular (mis)conception is that data protection laws – and particularly the GDPR – are a barrier to the effective use of personal data for research. The implication was that data controllers did not fully understand, and therefore were not effectively making use of, the research provisions.

Personal data

Personal data GDPR Data collection Archiving

Argentina Personal Data Protection Bill Sent to Congress

Hunton Privacy

JULY 18, 2023

Palazzi from Allende & Brea in Argentina reports that on June 30, 2023, the Argentine Executive Branch sent the new proposed Personal Data Protection Bill (the “Bill”) to the National Congress for consideration. More information about the new law is expected to be posted on AAIP’s website. 25,326 of 2000).

Personal data

Personal data GDPR Privacy Data Privacy

How to Comply with GDPR, PIPL, and CCPA

eSecurity Planet

DECEMBER 22, 2021

The regulations from GDPR, PIPL, and CCPA are especially prevalent to MSPs and software vendors because they get access to data from so many organizations, but all businesses need to comply with them. PIPL Compliance CCPA Compliance GDPR Compliance How to Stay Up to Date with Changing Compliance Regulations. GDPR Compliance.

GDPR

GDPR Compliance Data Privacy Privacy

GDPR Article 17: What Is the Right to Erasure?

IT Governance

MARCH 30, 2023

Article 17 of the GDPR (General Data Protection Regulation) plays a distinctive yet essential role in data protection law. It enshrines “the right to erasure” (sometimes referred to as “the right to be forgotten”), which allows people to request that an organisation deletes any personal data related to them.

GDPR

GDPR Personal data Compliance Government

TikTok sued over its use of children’s personal data

IT Governance

APRIL 22, 2021

TikTok is again being accused of illegally processing children’s personal data. She alleges that TikTok is violating the GDPR (General Data Protection Regulation) by collecting excessive data and failing to explain what it’s used for. TikTok has continually defended the way it processes children’s personal data.

Personal data

Personal data IT GDPR Privacy

Austria: DPA Finds Use of Google Analytics an Unlawful Transfer of Personal Data

DLA Piper Privacy Matters

JANUARY 20, 2022

Noyb filed a total of 101 complaints against a wide range of data exporters across Europe for their alleged continued transfer of personal data to Facebook and Google in the US, in breach of the CJEU “ Schrems II ” (C-311/18) judgment and GDPR Chapter V requirements.

Personal data

Personal data Analytics GDPR Encryption

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements

Thales Cloud Protection & Licensing

AUGUST 29, 2023

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements andrew.gertz@t… Tue, 08/29/2023 - 13:41 Modern-day business transactions heavily rely on international data transfers. However, despite this strong relationship, the UK GDPR’s requirements somewhat hinder current arrangements.

Personal data

Personal data Data Privacy Privacy GDPR

The GDPR: Do you know the difference between personal data and sensitive data?

IT Governance

JULY 18, 2018

Now that the EU GDPR (General Data Protection Regulation) has been in effect for a couple of months, you’ve hopefully become acquainted with its definition of personal data: “any information relating to an identified or identifiable natural person”. What is personal data? Location data.

Personal data

Personal data GDPR Encryption Compliance

Dutch DPA Issues Record Fine for Violating GDPR Data Subject Rights

HL Chronicle of Data Protection

JULY 7, 2020

The Dutch Data Protection Authority (DPA) issued a EUR 830,000 (approximately USD 937,000) fine against the Dutch Credit Registration Bureau (BKR) for violating data subject rights. The fine stems from BKR’s practice of charging fees and discouraging individuals who wanted to access their personal data.

GDPR

GDPR Personal data Data collection Access

CNIL Fines Groupe Canal+ 600,000 Euros For Direct Marketing and GDPR Infringements

Hunton Privacy

OCTOBER 31, 2023

October 12, 2023, the French Data Protection Authority (the “CNIL”) announced a €600,000 fine for mass media company Groupe Canal+ for failing to comply with its commercial prospecting obligations applicable under the French Post and Electronic Communications Code and several obligations of the EU General Data Protection Regulation (“GDPR”).

GDPR

GDPR Marketing Personal data Communications

Meta Hit with £14 Million Fine for a Dozen GDPR Breaches

IT Governance

MARCH 17, 2022

Meta has been fined €17 million (about £14.2 million) for twelve breaches of EU data protection rules. The tech giant, formerly known as Facebook, violated several GDPR (General Data Protection Regulation) requirements, and more than 30 million people have been affected. What does this mean for GPDR enforcement?

GDPR

GDPR Personal data Encryption Compliance

Experian’s data processing practices violate the GDPR

IT Governance

OCTOBER 28, 2020

An ICO (Information Commissioner’s Office) investigation revealed that the credit reference agency has been selling personal data to political parties and organisations that used it to identify those who could afford products and services. Likewise, it must stop processing personal data that has been collected without a lawful basis.

GDPR

GDPR Personal data Marketing Privacy

Organisations received £155 million in GDPR fines in 2020

IT Governance

MARCH 28, 2021

In 2020, organisations received €182 million (about £155 million) in fines for violating the GDPR (General Data Protection Regulation) , according to an IT Governance report. Our GDPR Fines Quarterly Report revealed that more than two thirds of that total – €110 million (£94 million) – came in the final quarter of the year.

GDPR

GDPR Personal data Government Compliance

UK Information Commissioner issues letter on transfers of personal data to the U.S. Securities and Exchange Commission

DLA Piper Privacy Matters

FEBRUARY 17, 2021

Securities and Exchange Commission (“ SEC ”) confirming that SEC-regulated UK domiciled firms (“ UK Regulated Firms ”) can share personal data with the SEC when seeking to comply with regulatory obligations, in compliance with the UK GDPR. As the GDPR places restrictions on the transfer of personal data to the U.S.,

Personal data

Personal data GDPR Security Compliance

The GDPR: Everything you need to know about data controllers and data processors

IT Governance

NOVEMBER 14, 2018

Data controllers and data processors are an integral part of the GDPR. The terms ‘data controller’ and ‘data processor’ have been around for years, but it’s only since the EU GDPR (General Data Protection Regulation) took effect that they’ve been scrutinised. Responsibilities of the data processor.

GDPR

GDPR Retail Data collection Personal data

Selling and utilising personal data in an insolvency situation

Data Protection Report

JUNE 1, 2020

But this is a tricky area to navigate, particularly following the General Data Protection Regulation ( GDPR ), since both the ICO and the FCA have started to pay more attention to this area. What are the legal mechanisms to sell or utilise personal data in an insolvency situation? Asset sales.

Personal data

Personal data Sales Marketing GDPR

GDPR supervisory authorities issued £2.6 million in fines in Q2 2020

IT Governance

AUGUST 17, 2020

In the second quarter of 2020, data protection bodies across Europe issued at least 46 administrative fines under the GDPR (General Data Protection Regulation) , with the penalties totalling nearly €2.9 Download GDPR Fines Quarterly Report: Q2 2020. Spain is responsible for by far the most GDPR fines. million (£2.6

GDPR

GDPR Personal data Privacy Government

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

DLA Piper Privacy Matters

SEPTEMBER 6, 2021

On 2 September 2021, the Data Protection Commission (DPC) announced it has imposed a €225 million administrative fine against WhatsApp Ireland Limited , as well as a reprimand and an order to bring its processing into compliance. This is the highest GDPR fine ever issued by the DPC, and the second highest by any EU regulator to date.

GDPR

GDPR Personal data e-Delivery Communications

Germany: No GDPR damages after data breach

DLA Piper Privacy Matters

OCTOBER 13, 2020

In contrast to personal injury claims where lawyers have (hundreds of) years of case law to call upon to help calculate compensation, there is comparatively little case law considering how compensation will be calculated for distress when personal data are processed in breach of GDPR. There must be some objective harm.

GDPR

GDPR Data breaches Personal data Access

Europe: Opinion of the Advocate General on presumed fault of the controller in case of unlawful third-party access to personal data

DLA Piper Privacy Matters

APRIL 27, 2023

In the course of this cyber-attack, personal data – mainly tax and social security information – of approximately 4 million Bulgarian citizens (or approximately 6 million citizens in total, including foreign citizens) had been accessed and published on the Internet. 82 (1) GDPR.

Personal data

Personal data GDPR Access Data breaches

Why is the GDPR still something I should be concerned about?

IT Governance

OCTOBER 15, 2018

The EU’s GDPR (General Data Protection Regulation) superseded all laws based on the EU’s Data Protection Directive, including the UK’s Data Protection Act 1998, on 25 May 2018. Some organisations believe that a simple privacy notice is all that is required, but the GDPR actually demands far more than that. .

GDPR

GDPR Data breaches Personal data Data collection

The European Commission’s GDPR review in short

Privacy and Cybersecurity Law

JULY 22, 2020

Two years after the GDPR entered into force, the European Commission ( EC ) issued its first evaluation of the GDPR. Individuals are increasingly aware of the GDPR and their GDPR rights. However, the right to data portability is still not used to its full potential. The GDPR’s international data transfer toolbox.

GDPR

GDPR Privacy Personal data Compliance

European Data Protection Board Releases Statement on Personal Data and COVID-19

Data Matters

MARCH 25, 2020

On 20 March 2020, the European Data Protection Board (“ EDPB ”) released a statement on the protection of personal data in connection with measures that public authorities and business organizations (including employers) are taking to address the Coronavirus (COVID-19) pandemic. Data protection principles.

Personal data

Personal data GDPR Communications Privacy

What Amazon’s €746 million GDPR fine means for the future of data protection regulation

IT Governance

AUGUST 12, 2021

Last month, Amazon was hit with a €746 million (about £630 million) fine for violating the GDPR (General Data Protection Regulation) – an astronomical figure by data protection regulation, or indeed most, standards. And how will it affect GDPR compliance in the future? What did Amazon do wrong?

GDPR

GDPR Data breaches Compliance Privacy

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm. Some began to lose faith. It’s Y2K all over again”; a big fuss over nothing. The basics. Who needs to pay attention?

GDPR

GDPR Compliance Personal data Data breaches

The Irish DPC fined WhatsApp €5.5M for violating GDPR

Security Affairs

JANUARY 21, 2023

The Irish Data Protection Commission (DPC) fined Meta’s WhatsApp €5.5 million for violating data protection laws. by the Irish Data Protection Commission (DPC) for violating the General Data Protection Regulation (GDPR). million (for breaches of the GDPR relating to its service).”

GDPR

GDPR Metadata Encryption Communications

ITALY: the Garante aligns with CNIL and DSB holding that the use of Google Analytics leads to unlawful transfer of Personal Data

DLA Piper Privacy Matters

JUNE 27, 2022

The Italian privacy authority, the Garante, deemed that the use of Google Analytics results in unlawful transfers of personal data to the United States in violation of the principles outlined in the Schrems II ruling. In Order No. The disputed facts. Code § 1881(b)(4), which subjects the company to the surveillance of U.S.

Personal data

Personal data Analytics GDPR Privacy

GDPR Article 32: Your guide to the requirements

IT Governance

SEPTEMBER 28, 2020

Perhaps the most widely discussed set of compliance requirements within the GDPR (General Data Protection Regulation) are those found in Article 32. That’s because it contains the measures that organisations must implement to prevent cyber attacks and data breaches. What is Article 32 of the GDPR? So how can you do that?

GDPR

GDPR Personal data Compliance Risk

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

Data Protection Report

JUNE 22, 2022

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill. The Department for Culture, Media and Sport (DCMS) has finally published the UK government’s long-awaited response to the consultation on the future of the UK data protection regime. Reform of Article 22.

GDPR

GDPR Government Personal data Risk

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

Thales Cloud Protection & Licensing

JULY 11, 2019

Since the General Data Protection Regulation (GDPR) took effect on May 25th last year, data protection has become a very hot topic. On May 22, 2019, the European Commission published an infographic on compliance with and enforcement of the GDPR from May 2018 to May 2019 and it is clear that a lot of work still needs to be done.

GDPR

GDPR Compliance Risk Personal data

META hit with privacy complaints by EU consumer groups

Security Affairs

MARCH 4, 2024

Earlier this week, Meta announced it will set up a team to tackle disinformation and the abuse of generative AI in the run-up to the European Parliament elections – amid concerns about fake news. Below are the questions and answers of my interview: What specific GDPR rules do the consumer groups claim Meta is not complying with?

Privacy

Privacy GDPR Personal data Data collection

GUEST ESSAY: How stricter data privacy laws have redefined the ‘filing’ of our personal data

Maintaining GDPR and Data Privacy Compliance in 2024

Webinars

Trending Sources

GDPR compliance checklist

Webinars

GDPR personal data explained

CNIL Published Guidelines on Re-Use of Personal Data by Data Processors

Italian Garante bans Chat GPT from processing personal data of Italian data subjects

How to implement the General Data Protection Regulation (GDPR)

GDPR: What’s the difference between personal data and sensitive data?

Changing Attitudes Towards GDPR Enforcement and Compliance: 2018 – 2023

Italian Garante Fines Deliveroo 2.5M Euros for Unlawful Processing of Personal Data

GDPR Three Years Later

Europe: CJEU decision – Right of access to individual recipients of personal data

Transferring personal data under the GDPR

UK: New guidance on processing personal data for scientific research purposes

Argentina Personal Data Protection Bill Sent to Congress

How to Comply with GDPR, PIPL, and CCPA

GDPR Article 17: What Is the Right to Erasure?

TikTok sued over its use of children’s personal data

Austria: DPA Finds Use of Google Analytics an Unlawful Transfer of Personal Data

The UK and the US Build a ‘Data Bridge’ to Facilitate Personal Data Movements

The GDPR: Do you know the difference between personal data and sensitive data?

Dutch DPA Issues Record Fine for Violating GDPR Data Subject Rights

CNIL Fines Groupe Canal+ 600,000 Euros For Direct Marketing and GDPR Infringements

Meta Hit with £14 Million Fine for a Dozen GDPR Breaches

Experian’s data processing practices violate the GDPR

Organisations received £155 million in GDPR fines in 2020

UK Information Commissioner issues letter on transfers of personal data to the U.S. Securities and Exchange Commission

The GDPR: Everything you need to know about data controllers and data processors

Selling and utilising personal data in an insolvency situation

GDPR supervisory authorities issued £2.6 million in fines in Q2 2020

Ireland / Europe: DPC’s record GDPR fine has implications for calculation of GDPR fines and regulatory expectations around transparency rules

Germany: No GDPR damages after data breach

Europe: Opinion of the Advocate General on presumed fault of the controller in case of unlawful third-party access to personal data

Why is the GDPR still something I should be concerned about?

The European Commission’s GDPR review in short

European Data Protection Board Releases Statement on Personal Data and COVID-19

What Amazon’s €746 million GDPR fine means for the future of data protection regulation

Wake up to the reality of the GDPR: What you need to know about compliance

The Irish DPC fined WhatsApp €5.5M for violating GDPR

ITALY: the Garante aligns with CNIL and DSB holding that the use of Google Analytics leads to unlawful transfer of Personal Data

GDPR Article 32: Your guide to the requirements

UK GDPR Reform: government publishes response to consultation – likely to form basis of forthcoming UK Data Reform Bill

The first anniversary of the GDPR: How a risk-based approach can help you achieve GDPR compliance

META hit with privacy complaints by EU consumer groups

Stay Connected