Bulgarian presidency releases updated draft to ePrivacy Regulation

(Mar 23, 2018) The Bulgarian presidency, currently leading the European Council, has released a new working draft of the ePrivacy Regulation. "For the purposes of the WP TELE meeting of 28 March, delegations will find in Annex a revised text of the ePrivacy proposal ... focusing on Articles 8, 10, 15 and 16 and related recitals. The revisions are inspired by WP TELE discussions held on the basis of the presidency discussion papers," the document's introduction states. The latest changes to the text are underli... Read More

Google wants web publishers to gather consent for GDPR compliance

(Mar 23, 2018) In order to ensure it is compliant with the EU General Data Protection Regulation, Google will soon be asking web publishers to obtain consent on its behalf when using their technology for sending targeted ads to European users, The Wall Street Journal reports. While Google will gather consent for its website, as well as Gmail and YouTube, the tech company wants any third-party website and app using its technology to gain consent. Google will let those publishers use their own forms for the proc... Read More

DPO as a service emerges ahead of GDPR

(Mar 23, 2018) As companies find themselves scrambling to comply with the upcoming EU General Data Protection Regulation, DPO-as-a-service options have emerged to aid in filling the need for a data protection officer, Infosecurity Magazine reports. A new service launched by ThinkMarble now offers businesses in the U.K. a DPO through the company’s Virtual Data Protection Officer service, connecting them to an outsourced team of cybersecurity and risk mitigation lawyers to act as their DPO. Robert Wassall, data ... Read More

Notes from the IAPP Europe Managing Director, 23 March 2018

(Mar 22, 2018) Greetings from Brussels! What a week it has been so far, and of course, the Facebook-Cambridge Analytica intrigue has been front-line news since the story broke last weekend. In case you’ve been out of town on interstellar travel: Data analytics firm Cambridge Analytica, based in the U.K., is alleged to have made use of the personal data of 50 million Facebook users, without their permission, for political profiling and messaging during U.S. President Donald Trump’s electoral campaign in 2016. ... Read More

EU Blockchain Observatory and Forum calls for contributors

(Mar 22, 2018) The EU Blockchain Observatory and Forum is calling for contributors to participate in two Working Groups it hopes to establish. Contributors can join the Blockchain Policy and Framework Conditions Working Group, which will look to establish the proper policy, legal and regulatory conditions needed to assist in the deployment of blockchain applications, and the Use Cases and Transition Scenarios Working Group, which will focus on public sector use cases for blockchain, including for health care, ... Read More

Dutch DPA will not automatically start offering penalties for GDPR noncompliance

(Mar 22, 2018) The Dutch data protection authority, Autoriteit Persoonsgevens, will not automatically start dispensing heavy penalties for noncompliance once the EU General Data Protection Regulation goes into effect, Telecompaper reports. The DPA plans to only fine companies if it is an obvious case of violating the upcoming rules. The AP expects to receive well-reasoned rationale and an expected time frame to fix its problems from those companies failing to comply with the GDPR. Companies that do not have a ... Read More

Dutch voters reject internet surveillance bill

(Mar 22, 2018) A surveillance bill has been shot down by Dutch voters by a slim margin, Reuters reports. The legislation would have given intelligence agencies the ability to tap into internet traffic, store any collected data for three years, and share it with other intelligence agencies. With 89 percent of votes counted, 48.8 percent of Dutch citizens voted against the bill, while 47.3 percent voted for the law. Prime Minister Mark Rutte’s government pushed the bill forward as a way to bolster national secur... Read More

Data Protection Bill 2018 could lead to data collection for 'electoral activities'

(Mar 22, 2018) A bill making its way through the legislature of Ireland could give organizations the ability to gather data for political campaigns, The Irish Times reports. Castlebridge Managing Director Daragh O’Brien said the Data Protection Bill 2018 will give companies “a blanket permission” to harvest data for “electoral activities.” “That term is not defined anywhere, so creates a free-for-all for organisations like Cambridge Analytica to set up shop here and influence voters and elections anywhere in t... Read More

Tene: IAPP releases trove of WP29 resource documents

(Mar 22, 2018) "The Article 29 Working Party opinions and guidance documents have been a lodestar for data protection lawyers and practitioners worldwide," IAPP Chief Knowledge Officer Omer Tene points out. "Ask any privacy professional a question: How should my company structure an agreement with a vendor? What kind of consent do I need for this activity? And — that old faithful of privacy questions — is this personal data? And in their excited response, they will no doubt cite the WP29 opinions." Incidentall... Read More

Why we're releasing new WP29 document archives resource page

(Mar 22, 2018) With little if any litigation to report and a wealth of unanswered interpretative questions, the Article 29 Working Party opinions and guidance documents have been a lodestar for data protection lawyers and practitioners worldwide. Ask any privacy professional a question: How should my company structure an agreement with a vendor? What kind of consent do I need for this activity? Is employee notice correctly phrased? And – that old faithful of privacy questions – is this personal data? And in t... Read More