On February 10, 2020, the Belgian Data Protection Authority published its Recommendation on data processing activities for direct marketing purposes. The Recommendation aims to clarify the complex rules relating to processing personal data for direct marketing purposes.
Continue Reading
Data Processor
CNIL Publishes Draft Recommendations on How to Get Users’ Consent for Cookies
Posted on
Posted in European Union, Online Privacy
On January 14, 2020, the French Data Protection Authority published its draft recommendations on the practical modalities to get users’ consent to store or read non-essential cookies and similar technologies on their devices. …
Continue Reading
EDPB Publishes Final Version of Guidelines on the GDPR’s Territorial Scope
Posted on
Posted in European Union, International
The European Data Protection Board has adopted its final guidelines on the territorial scope of the GDPR, taking into account the feedback it received during the public consultation of its draft guidelines published on November 23, 2018.…
Continue Reading
EDPB Publishes Guidelines on Data Protection by Design and by Default
Posted on
Posted in European Union, International
On November 13, 2019, the European Data Protection Board published its draft guidelines 4/2019 on the obligation of Data Protection by Design and by Default set out under Article 25 of the EU General Data Protection Regulation. …
Continue Reading
Canada’s Privacy Commissioner Ends Effort to Require Consent for Transborder Data Transfer
Posted on
Posted in Information Security, International
On September 23, 2019, the Office of the Privacy Commissioner of Canada announced that it completed its consultation on transfers for processing and that the OPC’s current guidelines for processing personal data across borders—under which consent for transfers to data processors is not required—remain unchanged.…
Continue Reading
CNIL Updates FAQs to Prepare for a No-deal Brexit
Posted on
On September 10, 2019, the French data protection authority updated its existing set of questions and answers (“FAQs”) on the impact of a no-deal Brexit on data transfers from the EU to the UK and discussed how controllers should prepare.…
Continue Reading
Belgian DPA to Further Investigate Data Breach Affecting Temporary Employment Agency’s Employee Fingerprints
Posted on
On August 21, 2019, the Belgian Data Protection Authority published a press release informing of its intention to further investigate a data breach that was notified by Adecco Belgium, a temporary employment agency.…
Continue Reading
Dutch DPA to Approve Netherlands Code of Conduct for ICT
Posted on
Posted in European Union, International
On August 12, 2019, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, the “Dutch DPA”) announced its intent to approve Nederland ICT’s Data Pro Code (the “Code”), a code of conduct for the ICT sector. Nederland ICT represents data processors from the IT sector. Data processors that process personal data on behalf of and for a data controller can join this code of conduct. The draft decision of the Dutch DPA regarding the Code was published in the Official Journal of the Netherlands (the “Staatscourant”) on August 12 and interested parties have six weeks to submit their opinion on the draft decision.
…
Continue Reading
EDPB Releases 2018 Annual Report
Posted on
Posted in European Union, International
On July 16, 2019, the European Data Protection Board published its first Annual Report for 2018, and this blog entry provides highlights from the report.…
Continue Reading
EDPB Adopts Guidelines on Codes of Conduct and Monitoring Bodies
Posted on
Posted in European Union, International
The European Data Protection Board recently adopted its Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. This blog entry provides an overview of the Guidelines.…
Continue Reading