At this link you can download the official document dated July 2, 2015 http://www.consilium.europa.eu/register/en/content/out/?&typ=ENTRY&i=ADV&DOC_ID=ST-10366-2015-INIT The document includes the draft compromise text, v1, 30.06.2015 This is a further step by the European Union.
The new EU Regulation provides for the existence of different roles involved in the processing of personal data : • Data Controller • Controller ‘s representative • Data Processor • Joint Controller reflecting , in principle , similar figures in the current legislation . As already noted in the post of Andrea Reghelin one of… Read More »
Further developments After the first wave of PIA methods, in the last two years, further ideas have been proposed. Unfortunately, they introduce complexity, instead of help for controllers, processors and operators. In 2014 European Commission ruled on smart grid and promoted another model for PIAs. This model has theoretical errors (e.g. “feared events” and “threats”… Read More »
First developments Privacy impact assessment (PIA) is more and more cited in news and technical documents. This article is a first attempt to analyse the first significant contributions on this subject and has no aim of completeness. Present EU Directive 95/46 on data protection requires to data controllers and processors to have measures to “ensure… Read More »
New guides for carrying out PIAs (Privacy Impact Assessments) have been published by the CNIL. The method will help data controllers to implement Privacy by design. A PIA (Privacy Impact Assessment) relies on two pillars: – The fundamental principles and rights, “non-negotiable”, fixed by law and that have to be complied with. They may -not… Read More »
At this link you find the calendar of next meetings of the European Institutions. You can also access documents approved from January to now. There is the document to be discussed in the trilogue meeting next 14 July, approved last 26.06.2015. https://edri.org/gdpr-document-pool/
The Council of Europe on 1 April 2015 adopted Recommendation CM / Rec (2015) 5 on the processing of personal data in the employment context. Employers should minimize the risks of violation of workers’ rights and fundamental freedoms: – Https://wcd.coe.int/ViewDoc.jsp?id=2306625 The theme is of undeniable interest in Italy especially in this time of great expectations… Read More »
This article from Financial Post explains the Digital Privacy Act that became law on June 18 in Canada. It’s not related to Europe, but Canada. However it showcases a common trend in several countries. Data breach shall be notified. The mandatory notification provisions require organizations to notify the Privacy Commissioner as well as potentially affected individuals of a… Read More »
The EU Council’s proposal for the Personal Data Protection Regulation approved on the 11th of June makes the DPO no longer mandatory for anyone. What did it mean for the DPO to be mandatory in the previous versions of the forthcoming Personal Data Protection Regulation? The digital transformation, or however you may call the big changes in our lives… Read More »
“The controller or the processor may, or where required by Union or Member State law shall, designate a data protection officer”. This is the opening of Article 35 of the Regulation as amended and approved by the EU Council on the 11th of June and which the Presidency submits for approval as a General Approach.… Read More »