GDPR Genius

(Jul 19, 2019) This interactive tool provides IAPP members ready access to critical GDPR resources — enforcement precedent, interpretive guidance, expert analysis and more — all in one location. Read More

Swire: 'Schrems II' ruling could have unintended consequences

(Jul 19, 2019) Alston & Bird Senior Counsel Peter Swire writes in a piece for Le Monde that the Court of Justice of the European Union and other European officials should be cautious of the ramifications that may stem from the "Schrems II" case. Should the CJEU invalidate standard contractual clauses, most personal data transfers between the EU and U.S. would be prohibited; however, transfers to countries with less strict data protection laws would not. “This approach would be completely unjustified: it wo... Read More

Research shows UK data breach reports tripled since GDPR took effect

(Jul 18, 2019) According to research from law firm RPC, data breach reports in the U.K. have risen by 175% in the last year, Yahoo Finance UK reports. There have been 379 breach reports since the EU General Data Protection Regulation took force last May, while there were just 138 the year prior. "GDPR has driven a cultural shift in how people perceive personal data and its value," RPC Partner Richard Breavington said. "More people now see it as part of their personal property, and they are more likely to act i... Read More

Lepassaar named ENISA's new executive director

(Jul 18, 2019) Juhan Lepassaar has been named the new executive director of the European Union Agency for Cybersecurity, Estonian World reports. Lepassaar currently serves as the head of cabinet for former European Commission Vice President Andrus Ansip. Lepassaar has worked within the Estonian government since 2000 and joined the European Commission as a member of cabinet for former Estonian Prime Minister Siim Kallas in 2013. Lepassaar will make a statement before the Industry, Research and Energy Committee ... Read More

Former Nationwide employee ordered to pay 25K GBP for accessing customer data

(Jul 18, 2019) The former Nationwide Accident Repair Services employee who had been sentenced to six months in prison for illegally accessing customer records has been ordered to pay a 25,500 GBP confiscation order, the U.K. Information Commissioner’s Office announced. A judge determined Mustafa Kasim financially benefited from his offenses, which were unearthed during an ICO investigation. Kasim has three months to pay the order under the Proceeds of Crime Act 2002 or could face 12 months in prison.Full Story... Read More

ICO opens public consultation on data sharing code of practice draft

(Jul 18, 2019) The U.K. Information Commissioner’s Office has released the latest draft of its new data sharing code of practice for public consultation. The first code of practice was published in 2011; however, the ICO is required to update the document under the Data Protection Act 2018. The revamped code will “explain and advise on changes to data protection legislation where these changes are relevant to data sharing.” It will also address aspects of the act, such as the sections on transparency and the l... Read More

Vendor's solution helps organizations comply with data localization rules

(Jul 18, 2019) Peter Yared had an idea to address data localization three years ago. There were not many signs it would become a hot compliance topic, but Yared knew it was only a matter of time. Fast-forward to 2019, and a swath of data localization laws has either passed or are in the midst of consideration. Yared spent those past three years turning his idea into InCountry, a solution designed to help organizations comply with those very requirements. In an article for Privacy Tech, Yared spoke with IAPP As... Read More

EU Council preparing GDPR evaluation for end of year

(Jul 18, 2019) The Finnish Presidency of the EU Council announced the Council of the European Union will prepare an evaluation of the implementation of the EU General Data Protection Regulation by the end of the year. The final version of the document will inform the European Commission’s review of EU privacy reform, which is expected by 25 May 2020. “The Presidency welcomes all observations from the delegations with respect to the review and evaluation of the GDPR. These observations may concern the issues sp... Read More

Westin Center updates US State Comprehensive Privacy Law Comparison table

(Jul 18, 2019) The Westin Research Center has updated its U.S. State Comprehensive Privacy Law Comparison table, which is now housed within the IAPP’s Resource Center. A new map has also been created to help track the progress of comprehensive privacy bills at the state level. The table now includes information about where bills are within the state legislative process. The updated table and the new map will help privacy professionals track privacy developments at the state level over the upcoming year. Editor... Read More

Tech vendor looks to tackle data localization compliance

(Jul 18, 2019) Peter Yared had an idea to address data localization three years ago. There were not many signs it would become a hot compliance topic, but Yared knew it was only a matter of time. Back then, data localization laws primarily existed in authoritarian countries, and Yared's colleagues in Silicon Valley did not see the need to store information within a country's borders when one all-encompassing database would do the trick. Fast-forward to 2019, and a swath of data localization laws have either ... Read More