In three-month time, the General Data Protection Regulation (GDPR), will become applicable to many, if not all, data processing activities to which living individuals can be associated. Businesses operating in Europe have had about two years to prepare for this change. As readers know, even if the GDPR is a lengthy piece of … Continue reading
Tag Archives: consent
The GDPR, the parallel regime and the ICO
The General Data Protection Regulation (GDPR) will be applicable in less than a year, and experts are still discussing the extent to which the new regulation will have a significant impact upon the ‘legal basis’ requirement. However, as Bob Miller suggests in this guest blog post, it might not be enough to read and re-read … Continue reading
The proposed ePrivacy Regulation: When the EC converses with the CJEU…
So, 2017 is full of promises! One of them is the proposed ePrivacy Regulation (officially, ‘Regulation on Privacy and Electronic Communications’) that the European Commission (EC) has suggested should replace the existing, old fashioned ePrivacy Directive (Directive 2002/58/EC on Privacy and Electronic Communications). The proposed ePrivacy Regulation – which would represent a signficant evolution in … Continue reading
Geo-Location Data Processing and Meaningful Consent – A Comparison of Latest Data Protection Guidance
Of ‘Mice and Men’ to ‘Maps and Machines’ – “Whatever in creation exists without my knowledge exists without my consent.” Further to my post in March, the purpose of this sequel post is to continue considering two guidelines published by European regulators regarding the processing of geolocation data. I continue to delve into the cloudy legal … Continue reading
anonymisation / big data / Data protection / General Data Protection Regulation / Personal data / pseudonymisation / research / sensitive data
What does the agreed version of the GDPR say about processing personal data for research purposes? Is the GDPR better than the Directive?
What does the agreed version of the GDPR say about processing personal data for research purposes? Is the GDPD better than the Directive? So here we are. It’s almost Christmas and after three years of intense debate the Council of the European Union and the European Parliament have announced that they have informally agreed on … Continue reading
A UK view of the Council’s common position on the proposed General Data Protection Regulation – Over to you, ICO…
ICO has EU reform negotiations firmly in sight as it reiterates its views on the benefits and dangers involved with a risk-based and flexible approach to data protection enforcement Further to Sophie’s post on the German viewpoint, the ICO – the UK’s data protection agency – has also added its voice to the public debate … Continue reading
Council reaches general agreement on proposed Data Protection Regulation, but disagreements remain in view
‘A single road ahead or cross-roads reached?’ – Is the aim of EU harmonisation of data protection rules disappearing out of sight? On 15 June, the Council of the EU announced that it had agreed a general approach to the draft Regulation on the protection of individuals with regard to the processing of personal data … Continue reading
Businesses engaged in ‘big data’ personal data processing should consider carefully whether they have ‘legitimate interests’ grounds to justify their activities, says ICO
How exactly should data controllers carry out a ‘balance of interests’ test between their interests and the interests of data subjects? The application of data protection rules to big data technologies raises a number of legal and compliance issues, some of which I highlighted in my recent post about the latest comments from the Information … Continue reading
Facebook needs to re-revise its privacy policy says recent Belgian report.
On January 30th 2015, Facebook revised its Data Use Policy (DUP) and Terms of Services. At the request of the Belgian Privacy Commission, ICRI/CIR (KU Leuven) and iMinds-SMIT (Vrije Universiteit Brussel) have conducted an extensive analysis of the revisions. So what does the current version of their report (dated 23rd February 2015) find? Emma Cradock, … Continue reading
Article 29 Working Party on the concept of health data: could it mean that we need to adapt the definition of health data as well as that of personal data?
On 5 February 2015, the Article 29 EU Data Protection Working Party (WP) issued a letter addressed to Paul Timmers – the Director of Sustainable and Secure Society at the European Commission. Within the Annex of this letter, the WP identifies relevant criteria to determine when data processed by lifestyle and wellbeing apps and devices … Continue reading