Data Controller

News & Analysis as of

Use Data from the EU? It’s Time to Update Your Data Breach Notification Procedures

This post is the second in a three-part series. With the EU General Data Protection Regulation (GDPR) looming near for organizations that process the data of European citizens, compliance is top-of-mind for...more

Reminder to register your database in the National Registry

External Circular No. 001 was issued on November 8, 2016 and requires that natural persons, entities of a public nature other than mixed-economy companies and private legal entities that are not registered in the chambers of...more

Only six months remain to register your database with the RNBD

Your Data Controller must register your databases in the RNBD according to the instructions in the user manual of the National Registration Database. The Superintendency of Industry and Commerce, Habeas Data Management...more

Data Maps and Data Inventories: A Comparison of US Law, EU Law, and Soon-To-Be EU Law

In the United States companies are not required to inventory the type of data that they maintain, or map where that data flows in (and out) of their organization. That said, knowing the type of data that you collect, where it...more

The EU’s Article 29 Working Party Releases Guidelines Ahead of GDPR Implementation and Addresses the Privacy Shield

The EU’s Article 29 Working Party (WP29) held a plenary meeting in early December 2016. At the meeting, the WP29 adopted guidelines and issued FAQs relating to the EU General Data Protection Regulation’s (GDPR’s) provisions...more

WP29 Issues Guidance on the Right to Data Portability under the GDPR

Late last week, the Article 29 Working Party (“WP29”) issued detailed guidance on companies’ obligations under three key provisions of the General Data Protection Regulation (“GDPR”). This is part two of a three-part Alston...more

WP29’s Guidance on the Lead Supervisory Authority

Late last week, the Article 29 Working Party (“WP29”) issued detailed guidance on companies’ obligations under three key provisions of the General Data Protection Regulation (GDPR). This is part three of a three-part Alston...more

New National Privacy Law in Qatar

The State of Qatar has announced that it has issued Law No. 13 of 2016 Concerning Privacy and Protection of Personal Data (the Law). Once gazetted, the Law will officially be the first national level legal regime...more

France adopts Law for a Digital Republic: key data provisions are a jump-start on the GDPR

France’s Law for a Digital Republic, under discussion for more than a year, has at last been published. Some key provisions of the law, published in early October, are immediately effective and anticipate the GDPR’s...more

Data subject access request cannot be used to circumvent CPR disclosure regime

Where a data subject access request (DSAR) is made relating to "mixed data" (ie data within a document containing the data of individuals other than the data subject) there must be a careful balancing exercise between the...more

Data protection in video surveillance systems

Since video surveillance systems involve the capture of images of individuals, Colombian privacy law must be observed when operating such mechanisms. Therefore, the Superintendency of Industry and Commerce issued the...more

IP Newsletter - International transfers: Requirements for the obtainment of the Declaration of Conformity from the DPA

International data transfers under Colombia's Law 1581 of 2012 are allowed whenever (i) the data is transferred to third parties operating under adequate regulatory protection; (ii) the transfer is performed under consent of...more

Start Hiring: 28,000 Data Protection Officers Needed by 2018

A study by the International Association of Privacy Professionals has found that 28,000 data protection officers (DPO) will be needed in the next two years for companies to comply with the EU’s new General Data Protection...more

Bavarian Data Protection Authority issues new guidance paper on sanctions under the General Data Protection Regulation

On 1 September 2016, the Bavarian Data Protection Authority (“DPA”) issued a new guidance paper on sanctions under the new EU General Data Protection Regulation (“GDPR”) in the course of a series of non-binding guidance...more

European Restrictions on Computer Profiling

On May 25, 2018, the EU General Data Protection Regulation (GDPR) will come into effect requiring companies that process personally identifiable information of EU residents to comply with a significant number of enhanced...more

EU-US Privacy Shield: How to Certify

Following formal approval of the EU-US Privacy Shield, US organizations will now be considering how to apply for Privacy Shield certification. On July 12, 2016, the European Commission formally approved and adopted the...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 20:...

ad hoc clauses means a set of clauses for Cross-Border Data Transfers, which require prior approval by a DPA (see Chapter 13)....more

An Overview of the New General Data Protection Regulation

The European Parliament has approved the reformed General Data Protection Regulation (the “GDPR”). Given this is a Regulation (rather than a Directive), this legislation will apply automatically in every Member State (without...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 19:...

Why does this topic matter to organisations? This topic covers the transitional period between the publication of the GDPR (on 4 May 2016) and the GDPR Effective Date (i.e., 25 May 2018). This represents a limited,...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 18:...

Why does this topic matter to organisations? From the GDPR Effective Date, the GDPR will be the main instrument governing EU data protection law across all Member States. The Directive, which is almost 20 years old, will...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 17: Issues...

Why does this topic matter to organisations? Although a key aim of the GDPR is to harmonise data protection law across the EU, there are a number of areas in which the GDPR leaves it to Member States to adopt their own...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 13:...

Why does this topic matter to organisations? In today's world, it is increasingly important to be able to move data freely to wherever those data are needed. However, the transfer of personal data to recipients outside...more

“Battle-ready” Privacy Shield gets muted welcome from EU data protection authorities

On 26 July, the Article 29 Data Protection Working Party (WP29) released a statement outlining its opinion on the EU-U.S. Privacy Shield, which was adopted by the European Commission earlier this month. After praising the...more

Unlocking the EU General Data Protection Regulation: A practical handbook on the EU's new data protection law: Chapter 10:...

Why does this topic matter to organisations? Each time an organisation processes personal data, it will do so as either a controller or a processor. These roles bear different responsibilities. Therefore, it is...more

WilmerHale Privacy and Cybersecurity Law Blog - Comparison of Requirements Under the Privacy Shield/Safe Harbor Principles

Notice Requirements - The Privacy Shield notice requirements are more specific and detailed than what was required by the Safe Harbor regime. Safe Harbor required a privacy policy to provide information on data...more

80 Results
|
View per page
Page: of 4
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×