On November 25th, 2016 we have met to present the results of one year work and to discuss about the plan of the next one. This post highlights the key topics discussed and decisions taken. We had 26 participants belonging to 23 companies or associations. 17 present in person and 9 in webconference. We used… Read More: Europrivacy after one year: status and plan »
As is widely known, the European Union General Data Protection Regulation, which replaces Directive 95/46/EC, will come into force in May 2018 and will bring relevant changes to all stakeholders: DPAs, individuals, controller and processor organizations. In order to help organizations understand the key operational impacts of the regulation and to stimulate their internal change,… Read More: GLOBAL GDPR READINESS: CIPL REPORT »
We all are so concentrated on the new EU Regulation that we disregard easily what is going on in the rest of the world. Hereafter you can find some news from far east and far west: all over the world private data protection and security are getting more and more relevant for policy makers, citizens… Read More: Looking at the rest of the world »
Opening the meeting today at the Cloud Security Summit, the President of CSA Italy, Alberto Manfredi wanted to give out two “take aways”: # 1 Privacy was an obstacle to enterprise data porting into the cloud; we can say that now it is no longer so, because we have the technical and legal instruments for… Read More: Privacy and Security at the days of the Cloud »
Architecture of GDPR as an answer to the modern need for a sustainable development of technological dynamics. Twenty years ago, the first Personal Data Protection Law entered into force in Italy. Since then, both the complexity of the regulations and the public awareness have been growing wide, same pace with the thriving technological progress. Nowadays… Read More: WHY GDPR? »
The European Commission issued a guide for transferring data outside of the EU after Schrems’s sentence: http://europa.eu/rapid/press-release_MEMO-15-6014_en.htm. We now have two ways: using contractual clauses or binding corporate rules (BCR). These two methods are applicable to all transfers to Countries for which there is not an authorization by the European Commission or a local privacy… Read More: Practical alternatives to Safe Harbor »
We are all rereading the updated italian version of the GDPR text, which should be voted in the coming weeks. Compared to the previous version I thought they would only eliminate the deletions and renumber the articles. I do see that they touched up the translation as well. Some changes are marginal but there is… Read More: The “Titolare” strikes back »
As part of the normal life of this blog we are announcing here a change in the coordinators. Guglielmo has asked to leave the coordinators group because of an increased workload due to external factors, but of course he will continue as one of the contributors. We thank Guglielmo who helped us kick off this initiative… Read More: Change in the group of coordinators »
The 2015 edition of the Protected Health Information Data Breach Report, released by Verizon and based on a database of protected health information (PHI), amounting to 392 million records, and over 1,931 incidents detected in 25 countries. http://www.verizonenterprise.com/DBIR/2015/ What’s most alarming is that 90% of companies involved in the survey suffered violations of personal health… Read More: Report Verizon : violated 9 out of 10 companies »
It seems that the FBI is confident to be able to crack the i-phone without Apple’s support, so the court date has been posponed. If FBI is right it would be a hot issue for Apple but the key point would remain the same: can a private subject claim to refuse support to a judge formally… Read More: Apple vs Court (FBI): an update »