The European Commission issued a guide for transferring data outside of the EU after Schrems’s sentence: http://europa.eu/rapid/press-release_MEMO-15-6014_en.htm. We now have two ways: using contractual clauses or binding corporate rules (BCR). These two methods are applicable to all transfers to Countries for which there is not an authorization by the European Commission or a local privacy… Read More »
At the following link it is possible to download the version in Italian language of the GDPR, as referred in another post of the Europrivacy blog: http://eur-lex.europa.eu/legal-content/IT/TXT/PDF/?uri=CONSIL:ST_5419_2016_REV_1&from=IT
Wednesday January 25th, 2012 4 years, 2 months, 20 days OR 1541 days later… Thursday April 14th, 2016 General Data Protection Regulation has been APPROVED “The European Parliament, (…) Approves the Council position at first reading; Notes that the act is adopted in accordance with the Council position; Instructs its President to sign… Read More »
We are all rereading the updated italian version of the GDPR text, which should be voted in the coming weeks. Compared to the previous version I thought they would only eliminate the deletions and renumber the articles. I do see that they touched up the translation as well. Some changes are marginal but there is… Read More »
On 12 April 2016 the LIBE Committee (European Parliament Committee on Civil Liberties, Justice and Home Affairs) voted to adopt the final agreement on the new Legal Framewok on Data Protection (both Directive and Regulation aka GDPR). The new Directive has been approved with a majority of 45 approvals, 4 against and 1 abstention. The… Read More »
As part of the normal life of this blog we are announcing here a change in the coordinators. Guglielmo has asked to leave the coordinators group because of an increased workload due to external factors, but of course he will continue as one of the contributors. We thank Guglielmo who helped us kick off this initiative… Read More »
On 8 April 2016, the Council adopted its position at First Reading on Data Protection Reform. The European Parliament is expected to vote in Second Reading at its plenary session on Thursday 14 April. Approving the Council’s position without amendments will complete the legislative process. The Regulation will then be publish in the Official Journal of the… Read More »
The general conditions for the processing of personal data are given in Decree 196/03, in particular in section 3 Section 3 (Data Minimisation Principle) Information systems and software shall be configured by minimising the use of personal data and identification data, in such a way as to rule out their processing if the purposes sought… Read More »
Current Directive 95/46/EC does not regulate sub-processing. A controller can choose a processor, but a processor cannot choose a sub-processor. As a result, many processors chose sub-processors and designated them as their own processors. These cases should have been discussed in the last 20 years, considering that supply chains are getting longer. The last GDPR… Read More »
“Friends call it GDPR” was the title of the conference held by Europrivacy last week within Security Summit, organized by Clusit this year as well. After the introduction of Alessandro Vallega the speaker were Jonathan Brera (KPMG), Andrea Gaglietto (Protiviti) and Andrea Reghellin (P4I). The panel that followed the presentations was also attended by Stefano… Read More »