TechGDPR’s review of international data-related stories from press and analytical reports. EU-US Data Privacy Framework Effective Immediately: On 10 July, the European Commission’s decision on the adequacy of the level of data protection in the US within the new data privacy framework entered into force. If an American-based business is on the approved list, you […]
Tag: GDPR
EU-US Data Privacy Framework Adopted
This afternoon, the European Commission has adopted an adequacy decision for the EU-US Data Privacy Framework. This decision finds that the United States provides an equivalent level of data protection to that of the European Union, enabling the safe and unrestricted flow of personal data from the EU to U.S. companies under the new framework. EU […]
Data protection digest 17 June – 2 July 2023: rules on GDPR fines, controllers’ BCRs and ‘right to know’
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes New rules on GDPR fines: New rules, issued by the EDPB, are now in effect for calculating fines for companies that violate the GDPR. All privacy supervisors in the EU will calculate the size of fines in the same way. The size […]
Data protection digest 2 – 16 June 2023: rules on electronic evidence, explainable AI, and wildcat telemarketing
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes and redress Electronic evidence: The European Parliament voted to adopt new rules on the exchange of electronic evidence by law enforcement authorities to make cross-border investigations more effective. It will allow national authorities to request evidence directly from service providers in other […]
Misconceptions about the role of a Data Protection Officer (DPO)
For many organisations, the appointment of a DPO has become mandatory. Although Articles 37 to 39 of the GDPR make provisions for the designation, position and tasks of a DPO, somee misconceptions still exist about who needs one, who can be one and what kind of tasks a DPO can undertake. Who is a DPO? […]
Processing children’s data and implementing age assurance mechanisms
It is undeniable that children (individuals under 18) take up a large portion of the online population. With more content being created to specifically target children, a UK study from Ofcom has shown that many start as young as 3 to 4 years old to consume content on video sharing platforms such as Youtube, and […]
Using ChatGPT with personal data? Think again!
Recently we see more and more posts popping up on LinkedIn and elsewhere on how to optimize sales pipelines and other business processes using ChatGPT or some of its siblings. While the proposition is very tempting, there are huge problems for privacy and the protection of personal data, in particular as required under the GDPR. […]
Understanding GDPR Compliance in Recruitment
In the process of recruitment and scouting for new potential hires for a vacancy in an organization, the collection and processing of personal data of those candidates is inevitably involved. Therefore, it is important to understand GDPR compliance. In most cases, the company that posts its vacancy and embarks on the recruitment process will be […]
Data protection & privacy digest 18 Feb – 3 Mar 2023: practical application of the EU-US Data Privacy Framework remains a concern
TechGDPR’s review of international data-related stories from press and analytical reports. Legal processes: EU-US data privacy framework, China’s outbound data rules, international transfer risk assessment, Australian small business to adopt data protection The EDPB sees improvements under the EU-US Data Privacy Framework, but many more concerns remain. The improvements include the introduction of requirements embodying […]
Hardware identifiers: Is an IMEI number personal data?
Elements of personal data With the introduction of the GDPR in 2018, data protection has become a popular topic both from a legal and technical perspective. The importance of efforts around privacy and data protection is personal data and its protection. Under the EU GDPR, there are key elements in the definition of personal data. […]