On 6 October the European Court of Justice (CJEU) adopted a fundamental decision on transfer of personal data between the EU and the USA. In case C-362/14 Maximillian Schrems vs. Data Protection Commissioner the CJEU ruled that the Commission decision 2000/520, which states that the USA under the procedure known as “safe harbor” ensure adequate… Read More »
Last saturday was the twentieth anniversary of the European data protection legislation. On October the 24th of 1995, the Directive 95/46/EC was approved. It was a turning point for all Member States, in order to remove the obstacles to the free flow of personal data, the level of protection of the rights and freedoms of… Read More »
I was in Netherland last week at the Heliview Privacy conference and found that in the Netherlands, starting from January 1st, 2016 the data breaches must be notified to the authority and to the data subject. The non-compliance fines are set to 810.000 euro or an impressive 10% of the company turnover. Here you find more… Read More »
ISO – the International Organization for Standardization has already issued a set of guidelines and frameworks that anticipate the European Regulation on privacy. The main standards already published are: ISO / IEC 29100: 2011 Information technology – Security techniques – Policy framework ISO / IEC 29101: 2013 Information technology – Security techniques – Privacy architecture ISO… Read More »
In the last version of the Privacy Regulation, the DPO role is not compulsory but an option for Data Controllers. The DPO is mandatory for all organizations of the European Union (agencies). The last version of the Regulation made the certification an option. Organizations willing to be certified should appoint a manager to lead the project… Read More »
On 9 October 2015, the Council of the European Union reached a General Approach on the Proposal for a Directive on protecting personal data processed for the purpose of law enforcement (full text here). Another milestone in the process of approving the Data Protection Reform as the Reform is, in fact, a legislative PACKAGE that includes two legislative… Read More »
Let me come back to the subjects of Cross Border, Data Governance and Privacy regulations. In my last post I pointed out how the issues of cross border activities in the financial industry and the European rules about Privacy had at least one contact point in the overt need of a well structured, defined, measurable… Read More »
On tuesday october 13th, 14.00 hrs @ Agid, Rome via Listz 21 the first open doors workshop for drafting standards on those very important professional profiles will take place. If you are willing to participate a simple confirmation sent to UNINFO secretariat (salsano@uninfo.it) will be greatly appreciated. Best regards, Fabio GUASCONI
The General Data Protection Regulation (the text of June 2015) defines the scope of material application as provided by the law in force, in observation of section 3: This Regulation applies to the processing of personal data, entirely or partly automated and to the processing of personal data not automated contented in a record or… Read More »
The European Data Protection Supervisor launched a mobile app to compare the latest texts proposed for theGeneral Data Protection Regulation from the Commission, the Parliament and the Council on tablets and smartphones. https://secure.edps.europa.eu/EDPSWEB/edps/Consultation/Reform_package