Tag Archives: Data Processor

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

On October 17, 2017, the French Data Protection Authority, after a consultation with multiple industry participants that was launched on March 23, 2016, published its compliance pack on connected vehicles in line with its report of October 3, 2016. The pack applies to connected vehicles for private use only, and describes the main principles data controllers must adhere to under both the current French legislation and the EU GDPR.… Continue Reading

Colombia Designates U.S. as “Adequate” Data Transfer Nation

On August 14, 2017, the Colombian Superintendence of Industry and Commerce announced that it was adding the United States to its list of nations that provide an adequate level of protection for the transfer of personal information. This development should help facilitate the transfer of personal information from Colombia to the United States.… Continue Reading

Article 29 Working Party Releases Opinion on Data Processing at Work

The Article 29 Working Party issued an Opinion on data processing at work, which complements the Working Party's previous guidance on the processing of personal data in the employment context and on the surveillance of electronic communications in the workplace. This blog entry provides highlights on the Opinion.… Continue Reading

Working Party Adopts Revised Guidelines on Data Portability, DPOs and Lead SA

On April 5, 2017, the Article 29 Working Party adopted the final versions of its guidelines on the right to data portability, Data Protection Officers and Lead Supervisory Authority, which were first published for comment in December 2016. The final publication of these revised guidelines follows the public consultation which ended in February 2017. … Continue Reading

ICO Publishes Guidance on Consent under the EU GDPR

Recently, the UK Information Commissioner’s Office published draft guidance regarding the consent requirements of the EU General Data Protection Regulation that sets forth how the ICO interprets the GDPR’s consent requirements, and its recommended approach to compliance and good practice. … Continue Reading

CIPL Submits Comments to Article 29 Working Party’s Proposed Guidelines

On February 15, 2017, the Centre for Information Policy Leadership at Hunton & Williams LLP submitted two sets of formal comments to the Article 29 Working Party. CIPL commented on the Guidelines for identifying a controller or processor’s lead supervisory authority, and on the Guidelines on the right to data portability.… Continue Reading

DPA of Argentina Issues Draft Data Protection Bill

Pablo Palazzi, from Buenos Aires law firm Allende & Brea, reports that earlier this month, the Argentine Data Protection Agency posted the first draft of a new data protection bill on its website. The Draft Bill is heavily based on the EU GDPR and maintains the structure of Argentina’s current data protection bill.… Continue Reading

CIPL Issues White Paper on High Risk and DPIAs under the GDPR

On December 21, 2016, the Centre for Information Policy Leadership at Hunton & Williams LLP issued a white paper on Risk, High Risk, Risk Assessments and Data Protection Impact Assessments under the GDPR. The White Paper sets forth guidance and recommendations concerning the interpretation and implementation of the GDPR’s provisions relating to risk and risk assessment.… Continue Reading

France Adopts Class Action Regime for Data Protection Violations

On November 19, 2016, the French government enacted a bill creating a legal basis for class actions against data controllers and processors resulting from data protection violations. The bill establishes a general class action regime and includes specific provisions regarding data protection violations.… Continue Reading

CIPL Issues White Paper on the DPO’s Role under the GDPR

On November 17, 2016, the Centre for Information Policy Leadership at Hunton & Williams LLP issued a white paper which sets forth guidance and recommendations concerning the interpretation and implementation of the GDPR’s provisions relating to the role of the Data Protection Officer. … Continue Reading

CIPL and AvePoint Release Global GDPR Readiness Report

On November 9, 2016, the Centre for Information Policy Leadership at Hunton & Williams LLP and AvePoint released the results of a joint global survey launched in May 2016 concerning organizational preparedness for implementing the EU General Data Protection Regulation. … Continue Reading
LexBlog