Is it possible to choose your lead supervisory authority under the GDPR?
The General Data Protection Regulation regulates cross-border processing of personal data. For many organizations, identifying their lead supervisory authority (LSA), […]
GDPR
Could the GDPR help lower insurance costs?
In the Netherlands there are a wide range of insurances, and they generally concern goods, capital or people. In case […]
Outsourcing your DPO: real-life scenarios
If you’re contracting with an outsourced DPO, there are plenty of boxes to check during the hiring process. But once […]
Mauritius seeks to bring its Data Protection Bill in line with GDPR
Cabinet of Ministers (‘the Cabinet’) had agreed, on 1 December 2017, to introduce the Data Protection Bill (No. XIX of […]
Software development with Data Protection by Design and by Default
The Norwegian Data Protection Authority has developed these guidelines to help organisations understand and comply with the requirement of data […]
The rise of privacy group action risk in UK
Two recent developments in the United Kingdom highlight the growing risk of privacy litigation and “group actions” which is likely […]
UK Information Commissioner Publishes Advice on BCR Applications under the GDPR
On November 20, 2017, the UK Information Commissioner’s Office (“ICO”) published an article on its blog containing advice on applications […]
Responding to subject access requests
There’s nothing like a data subject access request to force an inter-departmental huddle. For U.S.-based DPOs, the exercise may feel […]
CNIL releases a free software for PIA
This user-friendly tool, available both in French and in English, unfolds the PIA methodology CNIL has been developing since 2015. […]
Encryption’s role in GDPR compliance and cloud data security
It has never been more important to review all IT security practices and avoid becoming a statistic. Source: Encryption’s role […]
Bulgarian DPA introduces 10-step action plan for GDPR implementation
In the light of the upcoming EU General Data Protection Regulation (the “GDPR”) implementation in May 2018, the Bulgarian Personal […]
Did the WP29 misinterpret the GDPR on automated decision-making?
When the European Union’s data protection authorities last month released their draft guidelines interpreting the General Data Protection Regulation’s sections […]