On November 26, 2014, the Article 29 Working Party released a Working Document providing a cooperation procedure for issuing common opinions on whether “contractual clauses” comply with the European Commission’s Model Clauses. This blog entry provides highlights on the cooperation procedure.
Continue Reading Article 29 Working Party Issues Working Document Proposing Cooperation Procedure for Issuing Common Opinions on Contractual Clauses

On November 24, 2014, the Polish President Bronislaw Komorowski signed into law a bill that amends certain provisions of the Personal Data Protection Act 1997. Specifically, the bill removes the requirement to (1) obtain the DPA’s prior approval for cross-border data transfers in certain cases and (2) appoint an administrator of information security.
Continue Reading Poland Amends Its Personal Data Protection Act

On November 18, 2014, the Centre for Information Policy Leadership at Hunton & Williams held the second workshop in its ongoing work on the risk-based approach to privacy and a Privacy Risk Framework. Approximately 70 Centre members, privacy regulators and other privacy experts met in Brussels to discuss the benefits and challenges of the risk-based approach, operationalizing risk assessments within organizations, and employing risk analysis in enforcement.
Continue Reading Centre’s Risk Workshop II in Brussels Emphasizes that Risk-Based Approach to Privacy Does Not Change Legal Obligations but Helps Calibrate Their Effective Implementation

On February 27, 2014, CNIL Chairwoman Isabelle Falque-Pierrotin was elected Chairwoman of the Article 29 Working Party effective immediately. Ms. Falque-Pierrotin succeeds Jacob Kohnstamm, Chairman of the Dutch Data Protection Authority.
Continue Reading Chairman of French Data Protection Authority Elected Chair of Article 29 Working Party

On October 4, 2013, The Centre for Information Policy Leadership published a report reviewing the events and discussions that took place during the 35th International Conference of Data Protection and Privacy Commissioners in Warsaw, Poland. This blog entry provides a link to the full report on the Conference.
Continue Reading Centre Reports on 35th International Conference of Data Protection and Privacy Commissioners

On September 23 and 24, 2013, a declaration and eight resolutions were adopted by the closed session of the 35th International Conference of Data Protection and Privacy Commissioners. This blog entry provides an overview of the declaration and the most significant resolutions.
Continue Reading Data Protection Commissioners Adopt a Declaration and Several Resolutions at 35th International Conference

On June 6, 2013, the European Union’s Justice and Home Affairs Council held legislative deliberations regarding the key issues of the European Commission’s proposed General Data Protection Regulation. The discussions were based on the Irish Presidency’s draft compromise text on Chapters I to IV of the Proposed Regulation.
Continue Reading Council of the European Union Discusses Progress on the Proposed EU Data Protection Regulation

On December 12, 2012, the Centre for Information Policy Leadership released an accountability self-assessment tool designed to help organizations evaluate their internal privacy programs and practices. The tool is the product of the Global Accountability Project for which the Centre serves as Secretariat.
Continue Reading Centre Releases Accountability Self-Assessment Tool to Help Organizations Evaluate Their Privacy Programs