On April 12, 2019, the European Data Protection Board published draft guidelines 2/2019 on the processing of personal data in the context of the provision of online services to data subjects. This blog entry provides an overview of the Guidelines.
Continue Reading
Data Processor
CNIL Launches Public Consultation on Draft Standards on HR Data Processing and Whistleblowing Hotlines
Posted on
On April 11, 2019, the French Data Protection Authority launched an online public consultation regarding two new CNIL draft standards concerning the processing of personal data for (1) core HR management purposes and (2) the operation of a whistleblowing hotline.…
Continue Reading
Nigeria Issues New Data Protection Regulation
Posted on
Nigeria’s National Information Technology Development Agency recently issued the Nigeria Data Protection Regulation 2019. This blog entry provides key elements of the Regulation.…
Continue Reading
Dutch DPA Updates Policy on Administrative Fines
Posted on
On March 14, 2019, the Dutch Data Protection Authority published a press release announcing its policy for calculating administrative fines.…
Continue Reading
CIPL Issues White Paper on Principles for a Revised U.S. Privacy Framework
Posted on
The Centre for Information Policy Leadership at Hunton Andrews Kurth LLP has issued a white paper on Ten Principles for a Revised U.S. Privacy Framework.…
Continue Reading
Dutch DPA Investigates the Data Processing Agreements of 30 Organizations
Posted on
Posted in European Union, International
On January 16, 2019, the Dutch Data Protection Authority announced that it had asked 30 private organizations to provide information about the agreements they have with other entities that process personal data on their behalf.…
Continue Reading
Australia and Chinese Taipei Join the APEC CBPR System
Posted on
Posted in Information Security, International
On November 23, 2018, both Australia and Chinese Taipei joined the APEC Cross-Border Privacy Rules system.…
Continue Reading
Argentina DPA Issues Guidelines on Binding Corporate Rules
Posted on
Posted in Information Security, International
The Agency of Access to Public Information (Agencia de Acceso a la Información Pública) has approved a set of guidelines for Binding Corporate Rules as a mechanism that multinational companies may use to enable the international transfer of personal data to their affiliates located in countries whose protection of personal data has not been deemed adequate by the AAIP.…
Continue Reading
Serbia Enacts New Data Protection Law
Posted on
On November 9, 2018, Serbia’s National Assembly enacted a new data protection law. The Personal Data Protection Law, which becomes effective on August 21, 2019, is modeled after the EU General Data Protection Regulation. …
Continue Reading
EDPB Publishes Guidelines on Extraterritorial Application of the GDPR
Posted on
Posted in European Union, International
On November 23, 2018, the European Data Protection Board published its long-awaited draft guidelines on the extraterritorial application of the GDPR. This blog entry provides highlights on the Guidelines.…
Continue Reading