Tag Archives: General data protection Regulation

anonymisation / big data / Data protection / data protection agencies / European Data Protection Supervisor / General Data Protection Regulation / ICO / Privacy / pseudonymisation / Risk-based approach

The GDPR and the biggest mess of all: why accurate legal definitions really matter….

Posted on by 9 Comments

Issued last week, here is what seems to be the final version of the General Data Protection Regulation (the GDPR)! This 6 April 2016 version, likely to be adopted by the European Parliament this week, is now in the kiosks! HIP HIP HOORRAY I hear you thinking, either ironically because more than 4 years of … Continue reading

Data protection / Geo-location data / Personal data

Latest Policy Guidance Published on Data Protection and Location Analytics Data

Posted on by 1 Comment

‘We Know Where You Are’ to ‘We Know Who You Are’ … How far are the risks involved with processing information collected from geo-location technologies alleviated by data protection rules? With the wide uptake of smart mobile devices and the rapid development of location-based apps and services, all kinds of geographic information about us are … Continue reading

Data protection / data protection agencies / safe harbour

EU Commission publishes Legal Texts of New ‘Privacy Shield’ Framework for Trans-Atlantic Data Transfers

Posted on by 1 Comment

…But, will the highly anticipated EU-US ‘Privacy Shield’ live up to its super-hero billing? Last month proved to be a particularly busy time for data protection news. First, the Council of the EU adopted a political agreement on the texts that will form part of the new Data Protection Reform Package. Also hitting headlines was … Continue reading

Access to data / Breach notification / Data protection / Data retention / General Data Protection Regulation / Law enforcement / Personal data / Privacy / Privacy impact assessment / Surveillance

Article 29 WP and the draft directive on the processing of personal data by law enforcement agencies: has Article 29 WP been heard?

Posted on by 3 Comments

Last month, the Permanent Representatives Committee (Coreper) of the Council of the EU  the compromise texts agreed with the European Parliament on data protection reform. As a reminder, the reform is a legislative package concerning two legislative instruments: the second of which discussed here (and far less catching the press headlines than the General Data … Continue reading

Cybersecurity

New US and EU Cybersecurity Legislation Locked-in for 2016

Posted on by Leave a comment

Systemic threats may ideally require systemic solutions, but to what extent will new legal provisions make a real difference in the future in the way organisations share, receive, and use cybersecurity information? Last year, I wrote a post outlining efforts across both sides of the Atlantic to move forward cybersecurity policy in legislation. As expected, … Continue reading

anonymisation / big data / Data protection / General Data Protection Regulation / Personal data / pseudonymisation / research / sensitive data

What does the agreed version of the GDPR say about processing personal data for research purposes? Is the GDPR better than the Directive?

Posted on by 2 Comments

What does the agreed version of the GDPR say about processing personal data for research purposes? Is the GDPD better than the Directive? So here we are. It’s almost Christmas and after three years of intense debate the Council of the European Union and the European Parliament have announced that they have informally agreed on … Continue reading

Data protection / data protection agencies / Law enforcement

EU Justice Ministers agree ‘common position’ for new EU data protection rules in the field of law enforcement

Posted on by 1 Comment

Adoption of new Data Protection Directive for police and judicial cooperation is one step closer – however, arguments continue over the extent to which the processing of personal data for the purposes of law enforcement , as well as the “safeguarding against and the prevention of threats to public security”, should be subject to traditional … Continue reading

data protection agencies / Jurisdiction

Sick of hearing about safe harbours? What about Weltimmo?! – CJEU decision raises prospects for companies operating web services across the EU being subject to multiple data protection authorities

Posted on by 3 Comments

How should online businesses determine which data protection laws to comply with, and how should multiple claims to jurisdiction over the national application of data protection laws be resolved? Much has been written in the last week about the ruling of the Court of Justice of the EU (CJEU) in holding that EU Commission Decision … Continue reading

Data protection / data protection agencies / ICO

A UK view of the Council’s common position on the proposed General Data Protection Regulation – Over to you, ICO…

Posted on by 1 Comment

ICO has EU reform negotiations firmly in sight as it reiterates its views on the benefits and dangers involved with a risk-based and flexible approach to data protection enforcement Further to Sophie’s post on the German viewpoint, the ICO – the UK’s data protection agency – has also added its voice to the public debate … Continue reading

anonymisation / General Data Protection Regulation / Personal data

A German view of the Council’s proposed General Data Protection Regulation: let’s try one more time… by the way what do we do with Browser-Generated Information?

Posted on by 1 Comment

The Council of the European Union released its version of the Proposed Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation or ‘GDPR’) on 11 June 2015, as mentioned by … Continue reading