Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed....more
1/11/2020
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions ,
Slovakia
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
Slovenia is in the process of adopting new legislation (the “Draft Law”)....more
1/10/2020
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions ,
Slovenia
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed....more
1/9/2020
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions ,
Spain
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
The main national pre-GDPR act on data privacy has been revoked, whereas...more
1/8/2020
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions ,
Sweden
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed.
Brexit Note: The GDPR will apply in...more
1/6/2020
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions ,
UK ,
UK Brexit
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed.....more
1/2/2020
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Luxembourg ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
Old legislation has been updated....more
12/31/2019
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Lithuania ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed....more
12/30/2019
/ Compliance ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Liechtenstein ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed.
———
(b) Relevant legislation...more
12/28/2019
/ Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Latvia ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
Old legislation has been updated....more
12/23/2019
/ Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Italy ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed....more
12/20/2019
/ Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Ireland ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed....more
12/18/2019
/ Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
Freedom of Information ,
General Data Protection Regulation (GDPR) ,
Iceland ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
Old legislation has been updated....more
12/17/2019
/ Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
Hungary ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
Greece has implemented the requirements of the GDPR through new...more
12/16/2019
/ Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
Greece ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
On 2 December 2019, the UK Information Commissioner's Office ("ICO") together with The Alan Turing Institute published1 a three-part consultation (with draft guidance) on explaining decisions made with Artificial Intelligence...more
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
Old legislation has been updated....more
12/12/2019
/ Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
France ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed.
———
(b) Relevant legislation...more
12/5/2019
/ Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Finland ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Regulatory Standards ,
Sanctions
Q1/ Applicable legislation -
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
New legislation has been passed.
...more
11/23/2019
/ Consent ,
Croatia ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Member State ,
Minor Children ,
National Identification Numbers ,
Nonprofits ,
Penalties ,
Prior Authorization ,
Public Interest ,
Sanctions ,
Sensitive Business Information ,
Sensitive Personal Information
Q1/ Applicable legislation
(a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation?
Old legislation has been updated.
———...more
11/20/2019
/ Bulgaria ,
Civil Monetary Penalty ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Data Protection Officers (DPOs) ,
Data Subjects Rights ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Joint Control ,
Minor Children ,
National Identification Numbers ,
Personal Data ,
Prior Authorization ,
Prior Express Consent ,
Public Interest ,
Sanctions ,
Sensitive Personal Information
Foreword -
European data protection laws have made significant strides in the last two decades.
Privacy and data protection laws have undergone dramatic changes over the last 20 years, in a race to keep up with technology....more
11/14/2019
/ Compliance ,
Consent ,
Consumer Rights Directive ,
Corporate Counsel ,
Criminal Convictions ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Protection Officers (DPOs) ,
Decedent Protection ,
Employee Privacy Rights ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
Exemptions ,
Fines ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
Joint Control ,
Member State ,
Minors ,
New Guidance ,
Nonprofits ,
Penalties ,
Personally Identifiable Information ,
Popular ,
Public Interest ,
Regulatory Agenda ,
Sanctions ,
Sensitive Business Information ,
Sensitive Personal Information
The UK Information Commissioner's Office announced more than £280 million of fines last week, in connection with data protection breaches. It singled out the perceived failure of buyers to conduct proper data protection due...more
7/17/2019
/ Acquisitions ,
Buyers ,
Data Protection ,
Data Protection Authority ,
Due Diligence ,
Enforcement Actions ,
Fines ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Sellers ,
Successor Liability ,
UK ,
UK ICO
The European Data Protection Board ("EDPB") has published guidelines on the use of the certification mechanism under the GDPR. Certifications are intended to help businesses provide evidence of compliance with the GDPR. The...more
7/5/2019
/ Certifications ,
Compliance ,
Data Protection ,
Data Protection Authority ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Member State ,
New Guidance ,
Personal Data
On 31 May 2019, the Data Protection Authorities of Singapore and Hong Kong signed a Memorandum of Understanding ("MoU") intended to strengthen cooperation in data protection in the two jurisdictions....more
7/1/2019
/ Asia Pacific ,
Cross-Border Transactions ,
Data Protection ,
Data Protection Authority ,
GPEN ,
Hong Kong ,
International Data Transfers ,
Memorandum of Understanding ,
New Guidance ,
Personal Data ,
Personal Data Privacy Comission (PDPC) ,
Privacy Comissioners ,
Risk Mitigation ,
Singapore ,
Transparency
ad hoc clauses means a set of clauses for Cross-Border Data Transfers, which require prior approval by a DPA (see Chapter 13).
Adequacy Decision means a decision by the Commission to designate a third country as an...more
Why does this topic matter to organisations?
Although a key aim of the GDPR is to harmonise data protection law across the EU, there are a number of areas in which the GDPR leaves it to Member States to adopt their own...more
4/25/2019
/ Data Privacy ,
Data Protection ,
EU ,
EU Data Protection Laws ,
Freedom of Expression ,
General Data Protection Regulation (GDPR) ,
Harmonization Rules ,
International Data Transfers ,
Member State ,
Personal Data ,
Religious Institutions ,
Scientific Research