Latest Posts › General Data Protection Regulation (GDPR)

Share:

UK ICO issues £183m GDPR fine in stark warning to businesses

The UK Information Commissioner's Office has announced its intention to issue a £183 million fine to British Airways, in respect of a personal data breach under the GDPR. The announcement has wide-ranging consequences for...more

Guidelines on the Certification Mechanisms under the GDPR

The European Data Protection Board ("EDPB") has published guidelines on the use of the certification mechanism under the GDPR. Certifications are intended to help businesses provide evidence of compliance with the GDPR. The...more

High Court considers the scope of Subject Access Requests and their exemptions

EU data protection law contains a powerful tool called a Subject Access Request ("SAR") which allows an individual to obtain copies of data about themselves, on demand, within a tight timeframe, and at low cost. Satisfying...more

Chapter 19: Glossary – Unlocking the EU General Data Protection Regulation

ad hoc clauses means a set of clauses for Cross-Border Data Transfers, which require prior approval by a DPA (see Chapter 13). Adequacy Decision means a decision by the Commission to designate a third country as an...more

Chapter 18: Relationships with other laws – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? The GDPR is now the main instrument governing EU data protection law across all Member States. The Directive, which was almost 20 years old, has been repealed. However, the...more

Chapter 17: Issues subject to national law – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? Although a key aim of the GDPR is to harmonise data protection law across the EU, there are a number of areas in which the GDPR leaves it to Member States to adopt their own...more

Chapter 14: Data Protection Authorities – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? National Data Protection Authorities ("DPAs") are appointed to implement and enforce data protection law, and to offer guidance. As set out in Chapter 16, DPAs have significant...more

Chapter 12: Impact Assessments, DPOs and Codes of Conduct – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? A significant aspect of complying with EU data protection law is demonstrating compliance—making it evident to DPAs that an organisation is meeting its obligations. Three of the...more

Chapter 11: Obligations of processors – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? Under the GDPR, the concept of a "processor" has not changed. Any entity that was a processor under the Directive likely continues to be a processor under the GDPR. However,...more

Chapter 10: Obligations of controllers – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? Each time an organisation processes personal data, it will do so as either a controller or a processor. These roles bear different responsibilities. Therefore, it is critically...more

Chapter 8: Consent – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? Processing of personal data is lawful only if, and to the extent that, it is permitted under EU data protection law. Each and every data processing activity requires a lawful...more

Chapter 7: Lawful basis for processing – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? Processing of personal data is lawful only if, and to the extent that, it is permitted under EU data protection law. If the controller does not have a lawful basis for a given...more

Chapter 4: Territorial application – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? The GDPR does not necessarily apply to every organisation in the world. It applies to all organisations that are established in the EU. However, for organisations established...more

Chapter 3: Subject matter and scope – Unlocking the EU General Data Protection Regulation

Why does this topic matter to organisations? Understanding the subject matter and the scope of EU data protection law is fundamental to determining whether this law applies to an organisation’s business activities. In...more

Chapter 1: Introduction – Unlocking the EU General Data Protection Regulation

Directive 95/46/EC - Prior to the GDPR, the EU's data protection regime was governed by the Directive. The Directive (as with all EU Directives) did not apply automatically, and had to be transposed into the national laws...more

Websites must remain accessible when rejecting tracking cookies – Dutch Data Protection Authority

The Dutch Data Protection Authority (the "Dutch DPA") has issued guidance stating that so-called "cookie walls" are not compliant with the General Data Protection Regulation (the "GDPR"). The guidance is not legally binding,...more

Chapter 6: Data Protection Principles – Unlocking the EU General Data Protection Regulation (Updated)

Why does this topic matter to organisations? The Data Protection Principles provide the conditions on which an organisation is permitted to process personal data. If an organisation cannot satisfy the Data Protection...more

Chapter 5: Key definitions – Unlocking the EU General Data Protection Regulation (Updated)

Why does this topic matter to organisations? The defined terms set out in this Chapter are of critical importance to understanding how EU data protection law applies to an organisation. For example, the question of whether...more

No Deal: Data Protection Compliance After Brexit

On 29 March 2019, the UK will formally leave the EU unless an extension, or a negotiated solution, is agreed between the UK and the European Commission. There is currently no agreement regarding the UK's status from a data...more

EU-Japan Adequacy Decision now in force

The European Commission and the Personal Information Protection Commission of Japan have agreed mutual adequacy decisions regarding the transfer of personal data. This is a significant development, and allows businesses to...more

76 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide