The Office of the Australian Information Commissioner Issues a Summary of 10 Steps to Undertaking a Privacy Impact Assessment

04/05/2021


The Office of the Australian Information Commissioner Issues a Summary of 10 Steps to Undertaking a Privacy Impact Assessment

This article provides a summary of the Guide to undertaking privacy impact assessments. The 10 steps which every organization needs to consider when undertaking a PIA are outlined in more detail in this article.


Continue Reading
Artificial Inteligence for Recruitment Purposes - When is It the Right Choice?

20/04/2021


Artificial Inteligence for Recruitment Purposes - When is It the Right Choice?

Artificial intelligence (AI) enables systems and machines to learn, solve problems and make decisions. It can be used for various purposes, but can it be used for recruitment? If yes, what considerations should be made?


Continue Reading
Privacy Compliance Journey Series: Scope of the Law and Notification Requirements

26/03/2021


Privacy Compliance Journey Series: Scope of the Law and Notification Requirements

How to assess whether a privacy law applies to an organization? How to deal with notification requirements? You can find the answers to those questions in this article.


Continue Reading
New Zealand Privacy Act 2020 Comes into Force

11/12/2020


New Zealand Privacy Act 2020 Comes into Force

New Zealand Privacy Act 2020 came into force on December 1, 2020 granting the Privacy Commissioner greater powers to ensure organisations and businesses comply with the Act.


Continue Reading
Overview of the Amendments to the Singapore Personal Data Protection Act and Spam Control Act

22/11/2020


Overview of the Amendments to the Singapore Personal Data Protection Act and Spam Control Act

The proposed amendments to the Personal Data Protection Act to address Singapore’s evolving digital economy needs, and related amendments to the Spam Control Act, were passed in the Parliament on 2 November 2020.


Continue Reading
Zoom Settles with FTC after Deceiving Users About its Security Practices

22/11/2020


Zoom Settles with FTC after Deceiving Users About its Security Practices

The Federal Trade Commission announced on 9th November, a settlement with Zoom Video Communications, that will require the company to implement a comprehensive security program, a prohibition on privacy and security misrepresentations.


Continue Reading
Abu Dhabi Global Market New Data Protection Regulations Are Open for Public Consultation

19/11/2020


Abu Dhabi Global Market New Data Protection Regulations Are Open for Public Consultation

Abu Dhabi Global Market has announced that its new Data Protection Regulations is open for public consultation until December 19.


Continue Reading
Overview of the European Commission Draft of Standard Contractual Clauses Between Controllers and Processors  Located in the EU

14/11/2020


Overview of the European Commission Draft of Standard Contractual Clauses Between Controllers and Processors Located in the EU

The European Commission (EC) has adopted the new standard contractual Clauses between controllers and processor located in the EU open for public feedback until December 10, 2020.


Continue Reading
Summary of the ICO Guidance on the Right of Access

27/10/2020


Summary of the ICO Guidance on the Right of Access

The UK Information Commissioner’s Office has issued new detailed Guidance on the Right of Access. The previous Subject Access Code of Practice had been issued under the previous Data Protection Act and the ICO has announced it will be updated.


Continue Reading
Facebook’s Custom Audience - is Facebook a Processor

25/10/2020


Facebook’s Custom Audience - is Facebook a Processor

This Article will analyze the relationship between Facebook and a targeter - third party who is targeting their customers through Facebook’s Custom Audience feature.


Continue Reading
Association of German Data Protection Authorities Issues a Paper on Employee Data Protection

05/10/2020


Association of German Data Protection Authorities Issues a Paper on Employee Data Protection

Association of German Data Protection Authorities (“Datenschutzkonferenz” or “DSK”) has issued a paper on employee data protection outlining what employers in private sector have to take into account when processing employee personal data.


Continue Reading
ICO Consultation on the Draft Statutory Guidance

02/10/2020


ICO Consultation on the Draft Statutory Guidance

The UK Information Commissioner’s Office (ICO) is running a consultation about an updated version of the Statutory guidance on how the ICO will exercise its data protection regulatory functions of information notices, assessment notices, enforcement notices and penalty notices. This consultation closes on November 12, 2020


Continue Reading
Summary of the Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S.Data Transfers after Schrems II

29/09/2020


Summary of the Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S.Data Transfers after Schrems II

The U.S. Government has prepared the White Paper, which outlines the robust limits and safeguards in the United States pertaining to government access to data.


Continue Reading
Premera Blue Cross Settles HIPAA Violation

29/09/2020


Premera Blue Cross Settles HIPAA Violation

The U.S. Department of Health and Human Services has announce that Premera Blue Cross had agreed to pay $6.85 million to the Office for Civil Rights at the HHS and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act Privacy and Security Rules related to a breach affecting over 10.4 million people.


Continue Reading
CNIL - COVID-19 reminder on the collection of personal data by employers

24/09/2020


CNIL - COVID-19 reminder on the collection of personal data by employers

The CNIL, French Data Protection Authority, has issued a reminder to all employers to adhere to certain principles when processing personal data in the context of the COVID-19 pandemic.


Continue Reading
Privacy Compliance Journey Series: Gap Analysis

11/09/2020


Privacy Compliance Journey Series: Gap Analysis

How to know what privacy gaps need to be addressed in a privacy programme? This article will provide you an answer highlighting important steps to consider on the way.


Continue Reading
The Office of the Privacy Commissioner of Canada new Privacy Guide for Businesses

26/08/2020


The Office of the Privacy Commissioner of Canada new Privacy Guide for Businesses

The Office of the Privacy Commissioner of Canada (OPC) has published the new Privacy Guide for Businesses. The Guide provides the summary of the PIPEDA and an overview of the CASL. It also addresses important points when dealing with data breaches and provides information on how to obtain a meaningful consent.


Continue Reading
Privacy Compliance Journey Series: Starting a Privacy Programme

18/08/2020


Privacy Compliance Journey Series: Starting a Privacy Programme

Whether you are just starting your privacy programme or you already have it in place, The Privacy Compliance Journey Series will help you build a successful one or give you an idea or two to enhance your existing programme. This article covers three very important elements when starting the privacy programme.


Continue Reading
The Office of the Comptroller of the Currency Assesses $80 Million Civil Money Penalty Against Capital One

08/08/2020


The Office of the Comptroller of the Currency Assesses $80 Million Civil Money Penalty Against Capital One

The Office of the Comptroller (OCC) has issued an $80 million civil penalty against Capital One, N.A., and Capital One Bank (USA), N.A. and mandated them to strengthen their compliance programme by appointing a compliance committee and developing comprehensive action plan to comply with the order. This decision is the result of failing to establish effective risk assessment processes prior to migrating significant information technology operations to the public cloud environment and the bank's failure to correct the deficiencies in a timely manner. In taking this action, the OCC positively considered the bank's customer notification and remediation efforts


Continue Reading
Summary of the Frequently Asked Questions on the judgment of the Court of Justice of the European Union in the Schrems 2 Case

25/07/2020


Summary of the Frequently Asked Questions on the judgment of the Court of Justice of the European Union in the Schrems 2 Case

The European Data Protection Board (EDPB) has issued answers to the questions they have received from the EU data protection authorities (DPAs) about the Schrems 2 case. In essence, the EDPB follows the position of the CJEU. If you are still unclear on what to do in the days after the CJEU decision this short summary of the FAQs can help.


Continue Reading
Google Contact Tracing App Forces Users to Turn On Location Settings

21/07/2020


Google Contact Tracing App Forces Users to Turn On Location Settings

When Google and Apple have announced that they had been developing contact tracing app in which users’ privacy and security will be central to the design, government across the world used the code to develop contact tracing apps and they have been downloaded more than 20 million times. They have said that they will ban the use of the of location tracking in the apps and they will focus on the use of Bluetooth technology.


Continue Reading
The UK Information Commissioner's Office 2019-2020 Annual Report

20/07/2020


The UK Information Commissioner's Office 2019-2020 Annual Report

The UK Information Commissioner's Office has published it 2019-2020 annual report. It covers a key period in data protection and broader information rights. The report is split into three sections: the performance report, the accountability report and it is concluded with the ICO's financial statements .


Continue Reading