A privacy notice designed to respond to problems with a excessively long notices. A short notice — the top layer — provides a user with the key elements of the privacy notice. The full notice — the bottom layer — covers all the intricacies in full. In its guidance on complying with the General Data Protection Regulation, the Article 29 Working Party, which has now been replaced by the European Data Protection Board, recommended a layered notice in order to meet requirements of the GDPR that privacy notices be easily accessible and easy to understand, and that clear and plain language be used.
The GDPR, one year on: What about ePrivacy?
The ePrivacy Regulation has been referred to as the EU General Data Protection Regulation’s “sister legislation.” But what kind of sister is it going to be? Will the ePR have an acrimonious love-hate relationship with the GDPR? Or, will it be loyal to the GDPR, satisfied with a pragmatic power-shari...
White Paper – GDPR at One Year: What We Heard from Leading European Regulators
(May 2019) – For this new IAPP white paper, IAPP Senior Privacy Fellow Caitlin Fennessy, CIPP/US, reviewed European Data Protection Board and DPA reports and sought input from regulators in Austria, France, Ireland and the United Kingdom on five key issues, including the number and nature of complai...
This interactive tool provides IAPP members ready access to critical GDPR resources — enforcement precedent, interpretive guidance, expert analysis and more — all in one location....