UK
Watchdog approves use of UK phone data to help fight coronavirus
The UK’s privacy watchdog has said the government can legally use personal data from people’s mobile phones to track and monitor behaviour if it helps fight the spread of coronavirus. It emerged last week that the government was in talks with UK mobile phone companies to potentially use anonymous location and usage…
Read More »Should all Heads of Compliance/Legal step down as DPO, following the Belgian DPA ruling?
For many organisations, the appointment of the DPO has been one of the more complicated requirements to deal with under the GDPR. The detailed description of the workload, the high requirements in terms of expertise, but also the expectations of the Article 29 Working Party guidelines in terms of availability…
Read More »What does ‘data protection by design and by default’ mean under EU Data Protection Law?
Key points:European Data Protection Law requires appropriate technical and organizational measures to implement the data protection principles and safeguard individual rights. This is called ‘data protection by design and by default’.In essence, this means controllers must integrate or ‘bake in’ data protection into processing activities and business practices from the design stage and throughout the…
Read More »GDPR requires privacy by design, but what is it and how can marketers comply?
Privacy by design is a fairly old concept in systems engineering and its general meaning is pretty obvious. Wikipedia describes it as “not about data protection” but rather “designing so data doesn’t need protection,” with the “root principle based on enabling service without data control transfer from the citizen to the…
Read More »Privacy by Design and GDPR: Putting Policy into Practice
The GDPR requires organisations to implement appropriate technical and organisational measures to implement data protection principles and safeguard individual rights. While data protection by design and by default (or ‘privacy by design’) is not a new concept, the GDPR makes it a legal requirement, and thus practical guidance is needed…
Read More »Challenges, Fines, and Operational Impacts of the GDPR
The GDPR, or General Data Protection and Regulation, is going into effect in May 2018 throughout the European Union (EU) and presents important legal changes and challenges for organizations and consumers alike. Interactions and relationships between customers and businesses are transforming; the GDPR shifts authority over customer data from the business…
Read More »ICO – Intention to fine Marriott International, Inc more than £99 million under GDPR for data breach
Following an extensive investigation the ICO has issued a notice of its intention to fine Marriott International £99,200,396 ($164,067,534 CDN) for infringements of the General Data Protection Regulation (GDPR). The proposed fine relates to a cyber incident which was notified to the ICO by Marriott in November 2018. A variety…
Read More »
Schrems II Judgment Day
The Court of Justice of the European Union (“CJEU“) issued its judgment today in …
