Search

Saturday, January 30, 2016

Tuesday deadline looms over US-EU privacy pact

Tuesday deadline looms over US-EU privacy pact | TheHill: "Negotiators have only until Feb. 2 to strike a deal ensuring that commercial data transfers between Europe and the U.S. are able to continue after a critical 2000 agreement was struck down over privacy concerns last fall."



'via Blog this'

Tuesday, January 26, 2016

Four key factors businesses need to know about privacy in 2016 | Econsultancy

"This year will see privacy transition from the conceptual to the concrete as businesses are forced to understand how to make privacy a core business process, something that hasn't been done on a wide scale before."

https://econsultancy.com/blog/67432-four-key-factors-businesses-need-to-know-about-privacy-in-2016/

Friday, January 22, 2016

The new EU GDPR – what’s it all about?

The new EU GDPR – what’s it all about?: "The stick in all of this is that penalties are changing – significantly. Currently the absolute maximum theoretical penalty for a breach of the data protection legislation is €250,000."



'via Blog this'

How To Prepare Your Organisation For EU Data Protection Reform

How To Prepare Your Organisation For EU Data Protection Reform | TechWeekEurope UK: "Whether you are part of a European company or a non-European company that trades or stores data inside Europe, it is likely that the new European data protection regulations coming into play will affect the way you handle employee and customer data."



'via Blog this'

The GDPR text as a PDF (Regulation (EU) No XXX/2016

This seems to be the latest version, in PDF format, 204 pages



Regulation_consolidated_text_EN_47uW.pdf

Thursday, January 21, 2016

New EU data protection legislation will challenge U.S. IT execs

"Thanks to an extraterritoriality clause, even a company or service provider with no physical EU footprint still has to comply with the EU data protection legislation if it processes EU citizens' data, Brown said, making it of global concern."

http://searchcio.techtarget.com/news/4500267769/New-EU-data-protection-legislation-will-challenge-US-IT-execs

Ready Or Not, Here It Comes - EU General Data Protection Regulation

Ready Or Not, Here It Comes - EU General Data Protection Regulation — BakerINFORM - Legal Insights on Data & Technology Trends from Baker & McKenzie: "The GDPR will apply directly in each of the 28 EU Member States. With its wide territorial scope, the GDPR will not only apply to the data processing activities of EU-based businesses, but also to various data processing activities of businesses not established in the EU to the extent they target EU data subjects."

AIIM Industry Watch: Data Privacy - living by new rules

AIIM Industry Watch: Data Privacy - living by new rules: 36% of smaller organizations, 43% of mid-sized and 52% of large organizations have reported a data breach in the past 12 months – more due to staff intent or negligence than from external hackers.

Canada Moves Forward with Mandatory Federal Security Breach Notification Law

Canada Moves Forward with Mandatory Federal Security Breach Notification Law | Data Privacy Monitor: "The Digital Privacy Act provides for fines of up to CA$100,000 for knowing violations of the breach notification requirements, or the requirement that organizations “keep and maintain a record of every breach of security safeguards involving personal information under [the organization’s] control.”"



'via Blog this'

U.S. lawmakers delay bill on European data privacy deal

U.S. lawmakers delay bill on European data privacy deal | Reuters: "EU privacy regulators are due to meet on Feb. 2 to decide if they should begin enforcement action against companies if they determine all transfer mechanisms violate EU law and there is no new framework in place."



'via Blog this'

Assessing IT Security Standards Against the Upcoming GDPR for Cloud Systems

"This work in progress aims at identifying a mapping between the current security standards (in particular, but not limited to, ISO 27001-2013) and the upcoming regulations in data protection. "

What the end of Safe Harbor means for the digital economy - CSMonitor.com

"The Article 29 Working Group, which advises EU data protection authorities (DPAs), has said that after Jan. 31 companies that cannot comply with privacy rules could face enforcement action."

http://m.csmonitor.com/World/Passcode/2016/0120/What-the-end-of-Safe-Harbor-means-for-the-digital-economy

Wednesday, January 20, 2016

Key globally relevant data protection developments in 2015 and trends for 2016

Key globally relevant data protection developments in 2015 and trends for 2016 | Global Compliance News: "The Schrems decision of the European Court of Justice invalidating the European Commission’s 2000 Safe Harbor adequacy decision must be the 2015 event that shook up the privacy world the most." (Interesting interplay with GDPR.)

EU Parliament and Council’s Agreement on the GDPR and What It Means for Businesses

EU Parliament and Council’s Agreement on the GDPR and What It Means for Businesses | Resources | Morrison Foerster: "When the GDPR goes into effect, it will have wide ranging implications for companies operating in Europe as well as companies who have no operations at all in Europe."

New EU Data Protection Regime Set to Have Big Impact | The National Law Review

New EU Data Protection Regime Set to Have Big Impact | The National Law Review: "The GDPR will apply to all companies that offer services in the EU or monitor behavior of data subjects in the EU..."

EU Data Regulations Tough On Social Nets 01/19/2016

EU Data Regulations Tough On Social Nets 01/19/2016: “The changes to the General Data Protection Regulations will be felt globally," Khatibloo explains ahead of a new report to be released by Forrester later this month.

Privacy will hit tipping point in 2016

Privacy will hit tipping point in 2016: "Concerns about online privacy will reach a tipping point in 2016, prompting regulators to crack down on companies, and consumers to demand greater protection, a new study by Forrester Research predicts." (Not directly GDPR related)

12-step action plan for GDPR - Enterprise Times

12-step action plan for GDPR - Enterprise Times: "40% of the respondents admitted to being unprepared for GDPR despite the fact that privacy has been a headline item for years."

12-step action plan for GDPR - Enterprise Times

12-step action plan for GDPR - Enterprise Times: 40% of the respondents admitted to being unprepared for GDPR despite the fact that privacy has been a headline item for years.

GDPR: How will the EU data protection law impact U.S. industry? - IT Compliance Advisor

GDPR: How will the EU data protection law impact U.S. industry? - IT Compliance Advisor: "While the new rule package won’t go into effect until 2018, cybersecurity experts are already forecasting greater discussion around data privacy, particularly among U.S. companies, because of GDPR."

GDPR passes and gains infosec approval - Infosecurity Magazine

GDPR passes and gains infosec approval - Infosecurity Magazine: "The agreement for the GDPR could lead to fines of up to 4% of annual turnover for firms which break the rules"

A Primer on the GDPR: What You Need to Know | Privacy Law Blog

A Primer on the GDPR: What You Need to Know | Privacy Law Blog: "Although it won’t officially become law until it receives the approval of the EU Parliament, now is the time to study the most important aspects of the GDPR so you can be prepared for the new regime."

EU Court Rejects “Safe Harbor” Agreement Permitting Customer Data Transfers to U.S.

EU Court Rejects “Safe Harbor” Agreement Permitting Customer Data Transfers to U.S. | The National Law Review: "The case, entitled Maximillian Schrems v. Data Protection Commissioner, was decided on October 6, 2015 and has an immediate effect on European courts. See here."

What is the GDPR?

The General Data Protection Regulation (GDPR) is a set of rules created by the European Commission in an attempt to improve data protection for individuals within the European Union (EU). The EC is looking to get companies compliant with the GDPR by 2018. The GDPR imposes significantly higher privacy and data protection standards than those already in place in the EU.

The GDPR also addresses export of personal data outside the EU, which in turn affects US companies in the wake of the breakdown of Safe Harbor.

The complex approval process for the regulation should not lead US companies to hold out hope that these rules will not come to pass. The time for companies to begin preparing is now. This article has a link to the latest GDPR draft and a description of its implications.

News About the GDPR: the EU General Data Protection Regulation

Welcome! I popped up this site to aggregate news clippings and other information about the EU GDPR. I expect a lot of entries will be very short, mainly just a link and a few words of description. Hopefully people will find it useful.