Tag Archives: Data Processor

Brazil Releases Revised Draft Privacy Bill

In late October, the Brazilian Ministry of Justice (the “Ministry”) issued its revised Draft Bill for the Protection of Personal Data (“Draft Bill”). The Ministry released its preliminary draft in January 2015, and the Centre for Information Policy Leadership at Hunton & Williams LLP (“CIPL”) filed public comments to the draft on May 5, 2015.… Continue Reading

Article 29 Working Party Issues Opinion on Drones

On June 16, 2015, the Article 29 Working Party adopted an Opinion on Privacy and Data Protection Issues relating to the Utilization of Drones. This blog entry contains highlights of the Opinion, which provides guidance on the application of data protection rules to the manufacture and use of drones.… Continue Reading

DataGuidance Hosts Webinar on Brazil’s Draft Privacy Law

On June 24, 2015, DataGuidance will host a complimentary webinar on Brazil: Towards Privacy Compliance, and the panel of speakers includes Bojana Bellamy, President of the Centre for Information Policy Leadership at Hunton & Williams. This blog entry provides a link to register for the event.… Continue Reading

Article 29 Working Party Issues Updated Guidance on BCRs for Processors

The Article 29 Working Party has released a revised version of its explanatory document on the use of BCRs by data processors, which was originally published in April 2013. The Working Party’s revisions focus on the question of how non-EU processors should respond to legally binding requests for personal data received pursuant to BCRs from local law enforcement agencies and other governmental bodies.… Continue Reading

Council of the European Union Proposes Risk-Based Approach to Compliance Obligations

The Council of the European Union has published proposed revisions to Chapter IV of the forthcoming EU General Data Protection Regulation. The proposed revisions take a risk-based approach to compliance and allow data controllers to exercise greater discretion and flexibility in assessing how to address their compliance responsibilities in the context of their particular businesses.… Continue Reading

European Commission Issues Cloud Service Level Agreement Standardization Guidelines

On June 26, 2014, the European Commission issued guidelines on the standardization of service level agreements for cloud services providers. The Guidelines, which were prepared by a group of experts established by the European Commission in February 2013, provide definitions of legal and technical terms and specific service level objectives designed to achieve standardization in service level agreements.… Continue Reading

Commissioner Reding Calls for New European Data Protection Compact

On January 28, 2014, Data Protection Day, Vice-President of the European Commission and Commissioner for Justice Fundamental Rights and Citizenship Viviane Reding gave a speech in Brussels proposing a new data protection compact for Europe. She focused on three key themes: (1) the need to rebuild trust in data processing, (2) the current state of … Continue Reading

Kazakhstan Enacts Data Privacy Law

Kazakhstan's new data privacy law, which was passed on May 21, 2013, is scheduled to come into effect on November 26, 2013. Kazakhstan joins the Kyrgyz Republic, becoming the second Central Asian country to enact a data privacy law.… Continue Reading