The EU GDPR goes into effect in May, 2018. While that may seem far away, for many organizations the changes required to become compliant with the new law will take several quarters to implement. Some of the larger changes required will deal with the new “Right to Data Portability”, Identifying a lead supervisory authority, and appointing a “Data Protection Officer.” The Article 29 Working Party (WP29) has just released guidance on these three requirements. The guidance is summarized below, along with links to the full documents. 1) Right to Data Portability Article 20 provides data subjects with the right to … Continue reading Newly Released EU GDPR Guidance
Sr Product Counsel | TRUSTe
I recently travelled to Brussels for the Computers, Privacy and Data Protection (CPDP) Conference. With the proposed update to the EU’s privacy laws still under debate, the conference was full of politicians, academics and business people all discussing the future of privacy in the Europe.
While many topics were discussed at the conference, one of the most interesting questions that appeared over the week in Brussels was: what will be the impact of the new regulation on Small and Medium Enterprises (SMEs)? Some policy leaders suggested there would be little, if any impact, while others simply did not answer the question directly and/or did not care in any way about the issue. The SMEs themselves were generally fearful of the costs of compliance and the possibility of high fines. Read more “Small Business and the Future of Privacy in the EU”