Data Controller

EDPB Publishes Guidelines on the Contractual Legal Basis for Data Processing of Online Services

Posted on April 16, 2019

Posted in European Union, International, Online Privacy

On April 12, 2019, the European Data Protection Board published draft guidelines 2/2019 on the processing of personal data in the context of the provision of online services to data subjects. This blog entry provides an overview of the Guidelines.…
Continue Reading

CNIL Launches Public Consultation on Draft Standards on HR Data Processing and Whistleblowing Hotlines

Posted on April 15, 2019

Posted in European Union, Information Security, International

On April 11, 2019, the French Data Protection Authority launched an online public consultation regarding two new CNIL draft standards concerning the processing of personal data for (1) core HR management purposes and (2) the operation of a whistleblowing hotline.…
Continue Reading

Nigeria Issues New Data Protection Regulation

Posted on April 5, 2019

Posted in Information Security, International, Security Breach

Nigeria’s National Information Technology Development Agency recently issued the Nigeria Data Protection Regulation 2019. This blog entry provides key elements of the Regulation.…
Continue Reading

CNIL Publishes Binding Rules on Processing Biometric Data as Workplace Access Control

Posted on April 4, 2019

Posted in European Union, International, Workplace Privacy

On March 28, 2019, the French data protection authority published a “Model Regulation” addressing the use of biometric systems to control access to premises, devices and apps at work.…
Continue Reading

Dutch DPA Updates Policy on Administrative Fines

Posted on March 26, 2019

Posted in European Union, Information Security, International

On March 14, 2019, the Dutch Data Protection Authority published a press release announcing its policy for calculating administrative fines.…
Continue Reading

CIPL Issues White Paper on Principles for a Revised U.S. Privacy Framework

Posted on March 21, 2019

Posted in Centre for Information Policy Leadership, U.S. Federal Law

The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has issued a white paper on Ten Principles for a Revised U.S. Privacy Framework.…
Continue Reading

EDPB Releases Opinion on Interplay Between the ePrivacy Directive and the GDPR and a Statement on the ePrivacy Regulation

Posted on March 19, 2019

Posted in Enforcement, European Union, International, Security Breach

On March 12, 2019, the European Data Protection Board adopted an opinion on the interplay between the EU Directive on Privacy and Electronic Communications and the General Data Protection Regulation.…
Continue Reading

Thailand’s National Legislative Assembly Passes Data Protection Law

Posted on March 15, 2019

Posted in Information Security, International

On February 28, 2019, Thailand’s National Legislative Assembly finally approved and endorsed the draft Personal Data Protection Act, which will now be submitted for royal endorsement and subsequent publication in the Government Gazette. Publication is anticipated to occur within the next few weeks.…
Continue Reading

EDPB Releases Overview on the Implementation and Enforcement of the GDPR

Posted on March 8, 2019

Posted in Enforcement, European Union, International, Security Breach

On February 26, 2019, the European Data Protection Board presented its first overview on the implementation of the GDPR and the roles and means of the national supervisory authorities to the European Parliament. This blog entry provides highlights from the report.…
Continue Reading

Belgian DPA Publishes Updated List of Processing Activities Requiring DPIA

Posted on February 25, 2019

Posted in European Union, Health Privacy, International

The Belgian Data Protection Authority recently published the updated and final list of the types of processing activities which require a data protection impact assessment.…
Continue Reading

Privacy & Information Security Law Blog