Showing posts with label EU General Data Protection Regulation (GDPR). Show all posts
Showing posts with label EU General Data Protection Regulation (GDPR). Show all posts

Wednesday, May 23, 2018

No one’s ready for GDPR; The Verge, May 22, 2018

Sarah Jeong, The Verge; No one’s ready for GDPR

"The General Data Protection Regulation will go into effect on May 25th, and no one is ready — not the companies and not even the regulators...

GDPR is only supposed to apply to the EU and EU residents, but because so many companies do business in Europe, the American technology industry is scrambling to become GDPR compliant. Still, even though GDPR’s big debut is bound to be messy, the regulation marks a sea change in how data is handled across the world. Americans outside of Europe can’t make data subject access requests, and they can’t demand that their data be deleted. But GDPR compliance is going to have spillover effects for them anyway. The breach notification requirement, especially, is more stringent than anything in the US. The hope is that as companies and regulatory bodies settle into the flow of things, the heightened privacy protections of GDPR will become business as usual. In the meantime, it’s just a mad scramble to keep up."

Thursday, February 1, 2018

GDPR is coming. Here are four simple steps to help you prepare; Wired, January 4, 2018

Matt Burgess, Wired; GDPR is coming. Here are four simple steps to help you prepare

"If you've made it this far without hearing of GDPR, or don't know where to start with preparing for its obligations, we've put together a few simple steps to get you started. GDPR is a dense piece of law so these shouldn't be treated as an all-encompassing list of actions to get you underway."

Tech Giants Brace for Europe’s New Data Privacy Rules; New York Times, January 28, 2018

Sheera Frenkel, New York Times; Tech Giants Brace for Europe’s New Data Privacy Rules

"Ms. Jourová said as the new rules take effect, countries outside Europe could begin demanding similar data protection measures for their citizens.

“There will be a moment, especially as more and more people in the U.S. find themselves uncomfortable with the channels monitoring their private lives,” she said."

WTF is GDPR?; TechCrunch, January 20, 2018

Natasha Lomas, TechCrunch; WTF is GDPR?

"The EC’s theory is that consumer trust is essential to fostering growth in the digital economy. And it thinks trust can be won by giving users of digital services more information and greater control over how their data is used. Which is — frankly speaking — a pretty refreshing idea when you consider the clandestine data brokering that pervades the tech industry. Mass surveillance isn’t just something governments do.

The General Data Protection Regulation (aka GDPR) was agreed after more than three years of negotiations between the EU’s various institutions.

It’s set to apply across the 28-Member State bloc as of May 25, 2018. That means EU countries are busy transposing it into national law via their own legislative updates (such as the UK’s new Data Protection Bill — yes, despite the fact the country is currently in the process of (br)exiting the EU, the government has nonetheless committed to implementing the regulation because it needs to keep EU-UK data flowing freely in the post-brexit future. Which gives an early indication of the pulling power of GDPR.

Meanwhile businesses operating in the EU are being bombarded with ads from a freshly energized cottage industry of ‘privacy consultants’ offering to help them get ready for the new regs — in exchange for a service fee. It’s definitely a good time to be a law firm specializing in data protection."

Tuesday, August 1, 2017

Companies brace for European privacy rules; Axios, August 1, 2017

Sara Fischer, Kim Hart, Axios; Companies brace for European privacy rules

"U.S. companies are largely unprepared for what's about to hit them when sweeping new EU data laws take effect next year. The regulation — the General Data Protection Regulation (or GDPR) — is intended to give users more control of how their personal data is used and streamline data processes across the EU. Companies that fail to comply with the complex law will face steep fines of up to 4% of their global annual revenue.

Why it matters: Europe has by far taken the most aggressive regulatory stance on protecting consumer privacy and will in many ways be a litmus test for regulating the currency of the data economy. It impacts a huge number of businesses from advertisers to e-commerce platforms whose data flows through EU countries. That means everyone from Google to your neighbor who sells shoes on eBay could be affected."

Tuesday, July 4, 2017

GDPR Mastered: Preparing For History’s Biggest Data Privacy Revolution; Data economy, June 29, 2017

João Marques Lima, Data Economy; GDPR Mastered: Preparing For History’s Biggest Data Privacy Revolution

"Are GDPR sanctions enough to deter companies and make them change their behaviour?

SF: It has already got their attention. It certainly is the one area where C-level executives are starting to pay attention. Four percent of a global annual revenue is pretty substantial and will put some companies out of business.
It will still be those large multinational organisations that their entire business relies on data that will try to push back and in their head they might think: there is no way we will be fined this.
However, what is going to happen is that the data protection authority is going to look for that first case, and that first case that they find, that first company that they can actually hold it accountable and sanction will become the poster child to get companies to rethink their position. They cannot be arrogant any longer."

Tuesday, June 20, 2017

EU seeks to outlaw 'backdoors' in new data privacy proposals; Guardian, June 19, 2017

Samuel Gibbs, Guardian; EU seeks to outlaw 'backdoors' in new data privacy proposals

"The ePrivacy directive change proposals seek to bring the 2002 law in line with the newer GDPR and attempt to keep pace with technological development. They also cover the tracking of users for advertising, the collection of metadata and behavioural data, an the explicit consent required to do so.

The amendments will have to journey through a multi-stage process including approval by the European parliament and European council before becoming law, but they were welcomed by privacy and security experts."

Wednesday, June 7, 2017

Israel firms urged to align with new EU privacy rules; The Times of Israel, June 7, 2017

Shoshanna Solomon, The Times of Israel; Israel firms urged to align with new EU privacy rules

"Personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, photo, email address, bank details, posts on social networking websites, medical information, or even a computer’s IP address...

The new EU rules will affect all organizations — whether in Israel or globally — that store or process personal data of European citizens. It doesn’t matter in which country the organization is based, said Ido Naor, a senior security researcher at cybersecurity firm Kaspersky Lab...

The new European rules may also prompt Israel to tighten its own privacy rules to align them with the new European norms, Tevet said."

GDPR: EU Goes Against The Global Grain To Protect Privacy; Forbes, June 7, 2017

Simon Crosby, Forbes; GDPR: EU Goes Against The Global Grain To Protect Privacy

"Could it be that the EU is about to save the internet? At a time when internet users worldwide are increasingly under surveillance by governments, service providers, advertising networks and social media websites, it seems that one of the internet’s greatest promises -- open communication for all -- has been lost. But the EU has an opportunity to sway the outcome with the recently adopted General Data Protection Regulation, which will become law next year.

The EU’s implementation of GDPR has an opportunity to become the most important globally recognized set of principles to protect online privacy. In recent developments, President Donald Trump and his administration promised to mandate rapid improvements in U.S. cybersecurity, but they quickly acquiesced to commercial interests by overriding regulations that the Federal Communications Commission had set up to legitimize the sale of subscriber information by ISPs.

What does GDPR mean for consumers? In short, it will strengthen the practice of fundamental privacy rights of individuals and put users back in control of their personal data. This level of regulation will apply to both corporations and governments and will have the potential to inherently disrupt the protocols for data protection on a global scale."


Tuesday, May 30, 2017

US and Europe have different ideas about data and privacy; Beta News, May 30, 2017

Nigel Tozer, BetaNews; US and Europe have different ideas about data and privacy

"With a recent, but less publicized executive order from President Trump, there are things happening on both sides of the Atlantic with regard to personal data, and it looks like the US and the EU have very different ideas about which direction to take...

Much of this you might not care about, but personal medical records, mental health, legal records, finance etc. or other areas probably cross the line for you, it's personal after all. The trouble is, the lines between what's shared and what’s kept truly private are blurring.
Some camps think that the pendulum has swung too far in favor of business, and that there should be a rebalancing with more power handed back to the individual.  While this view can be found in the US as well, it's the EU that has chosen to legislate to protect its citizens. This comes in the form of the General Data Protection Regulation (GDPR) coming into force in May 2018."

Thursday, May 25, 2017

One Year Until EU Privacy Regime Change: Prep Time is Now; Bloomberg BNA, May 25, 2017

Jimmy H. Koo and Daniel R. StollerBloomberg BNA; One Year Until EU Privacy Regime Change: Prep Time Is Now



"Companies should start preparing for the new EU General Data Protection Regulation (GDPR), which takes effect May 25, 2018, privacy attorneys said. But regardless of how much they prepare, full compliance with the GDPR is an elusive goal, attorneys said...

The GDPR, which takes effect May 25, 2018, provides one EU-wide regulation to replace a more than 20-year-old directive that required each country to pass its own privacy laws. The GDPR will bring stricter standards for user consent to the use of their personal data, mandatory data breach notification, and fines as high as $20 million euros ($22.4 million) or 4 percent of a company’s annual worldwide income, among other things...

The GDPR “at its core is about information governance,” Clarissa Horowitz, vice president of communications at Mountain View, Calif.-based software company MobileIron Inc., told Bloomberg BNA."