A recent court case in the Netherlands reinforced existing EU data protection obligations for companies not established in the EU. Such companies are required to appoint a representative in each member state in which they operate. Specifically, the Administrative Court in The Hague affirmed a data protection authority-imposed penalty against WhatsApp for not appointing a representative in the Netherlands. In this exclusive for Privacy Tracker, Privacy Management Partners' Jeroen Terstegge, CIPP/E, CIPP/US, and IAPP Westin Fellow Cobun Keegan, CIPM, CIPP/US, analyze the representative requirement under the current 1995 EU Data Protection Directive, compare it to a similar requirement under the upcoming General Data Protection Regulation, as well as the new obligation under the GDPR to appoint a data protection officer.
Full Story
Comments
If you want to comment on this post, you need to login.