Top 10 operational impacts of the GDPR: Part 8 - Pseudonymization

(Feb 12, 2016) The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2015, is set to replace the Data Protection Directive 95/46/ec. Once the GDPR is formally adopted by the European Parliament and Council and printed in the Official Journal of the European Union sometime this spring, it will be directly applicable in each member state and lead to a greater degree of data protection ha... Read More

Top 10 operational impacts of the GDPR: Part 7 - Vendor Management

(Feb 4, 2016) The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2015, is set to replace the Data Protection Directive 95/46/ec. Once the GDPR is formally adopted by the European Parliament and Council and printed in the Official Journal of the European Union sometime this spring, it will be directly applicable in each member state and lead to a greater degree of data protection ha... Read More

Top 10 operational impacts of the GDPR: Part 6 - RTBF and data portability

(Jan 25, 2016) The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2015, is set to replace the Data Protection Directive 95/46/ec. Once the GDPR is formally adopted by the European Parliament and Council and printed in the Official Journal of the European Union sometime this spring, it will be directly applicable in each member state and lead to a greater degree of data protection ha... Read More

Top 10 operational impacts of the GDPR: Part 5 - Profiling

(Jan 20, 2016) The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2015, is set to replace the Data Protection Directive 95/46/ec. Once the GDPR is formally adopted by the European Parliament and Council and printed in the Official Journal of the European Union sometime this spring, it will be directly applicable in each member state and lead to a greater degree of data protection ha... Read More

Top 10 operational impacts of the GDPR: Part 2 - The mandatory DPO

(Jan 7, 2016) The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2015, is set to replace the Data Protection Directive 95/46/ec. Once the GDPR is formally adopted by the European Parliament and Council and printed in the Official Journal of the European Union sometime this spring, it will be directly applicable in each member state and lead to a greater degree of data protection ha... Read More

Top 10 operational impacts of the GDPR: Part 1 – data security and breach notification

(Jan 6, 2016) The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2015, is set to replace the Data Protection Directive 95/46/ec. Once the GDPR is formally adopted by the European Parliament and Council and printed in the Official Journal of the European Union sometime this spring, it will be directly applicable in each member state and lead to a greater degree of data protection ha... Read More

NIS + GDPR = A New Breach Regime in the EU

(Dec 22, 2015) European lawmakers capped off a blockbuster week for privacy with an important step towards the first comprehensive information security legislation in the EU. The Network Information Security (NIS) Directive was initially proposed by the European Commission in February 2013 to raise cybersecurity capabilities across the EU’s 28 member states. After more than two years of negotiation, the European Council reached an informal agreement with the Parliament on December 7, and the agreed text was ap... Read More

All the Safe Harbor Answers: Part Five

(Nov 17, 2015) As policymakers in Washington and Brussels meet to discuss possible alternatives to the Safe Harbor in order to keep data flowing across the Atlantic, corporate privacy professionals are facing an immediate need to respond to the landmark decision in the Schrems case. Whether your company relied on Safe Harbor to transfer data for storage in the cloud, to process consumer orders, centralize HR administration, engage service providers or communicate with corporate affiliates, you now need a new s... Read More

FTC Workshop Aims To Find Solutions to Pitfalls of Cross-Device Tracking

(Nov 12, 2015) Next week, the Federal Trade Commission (FTC) hosts a public workshop on cross-device tracking, with an aim toward examining tracking technologies that link user devices (such as their smartphones, tablets and laptops) to build robust consumer profiles for targeted advertising, website analytics, attribution of ad revenue, improving user experience and security and fraud prevention. Get up to speed before the FTC Workshop: The IAPP Westin Research Center Practice Guide on Cross-Device Trackin... Read More

All the Safe Harbor Answers: Part Four

(Nov 10, 2015) As policy-makers in Washington, DC, and Brussels meet to discuss possible alternatives to Safe Harbor in order to keep data flowing across the Atlantic, corporate privacy professionals are facing an immediate need to respond to the landmark decision in the Schrems case. On October 6, more than 2,500 professionals registered to join an IAPP web conference featuring initial reactions on the day of the Safe Harbor decision. During that session, the IAPP received dozens of questions about next steps. In this first in a series of seven pieces, we feature answers to some of those questions. In this case, Olivier Proust of FieldFisher discusses official responses from government entities and the implications on foreign policy. Read More