France's data protection authority, the Commission nationale de l'informatique et des libertés, released new guidance Wednesday on the reuse of personal data by processors for their own purposes under the EU General Data Protection Regulation. The guidance addresses one of the most common — and hotly contested — aspects of privacy negotiations between commercial parties: Namely, when can a processor use personal data it obtains from a controller for purposes broader than just strictly providing services to the controller? In this article, Goodwin Partners Gabe Maldoff and Omer Tene offer an analysis of this significant new guidance.
Full Story
Comments
If you want to comment on this post, you need to login.