Showing Posts In "General Data Protection Regulation & Data Protection Laws" Category

Why Should My Company Join the EU-US Data Privacy Framework?

Now fully effective, the EU-U.S. Data Privacy Framework provides both advantages and disadvantages. For starters, participation in DPF would address the General Data Protection Regulation (GDPR) legal requirement to protect cross-border personal data transfers from the EU to the U.S. Companies, however, would be subject to the U.S. Federal Trade Commission enforcement authority for the […]

NAVIGATING DATA PRIVACY REGULATIONS IN THE LANDSCAPE OF GLOBAL SCREENING

The background screening industry is blooming. Whether it is the mainstream adoption of background checks triggered by compliance awareness, the development of major corporations partnering with independent contractors, or the globalization of the practice, the market is keen to find the right fit and ensure a safe environment.

Read more

COMPARATIVE TABLE OF PERSONAL INFORMATION PROTECTION LAWS

A Comparative Table of Personal Information Protection Laws from Fasken compares the information protection laws of Canada (Personal Information Protection and Electronic Documents Act), California (California Consumer Privacy Act), the European Union (General Data Protection Regulation), and Quebec (Act Respecting the Protection of Personal Information in the Private Sector).

Read more

EMPLOYEE DATA PROTECTION IN INDIA

Although there is no requirement for an employer to register with a data protection agency or other government body, employers do have an obligation to ensure that any sensitive personal data or information (SPI) that it collects from an employee is kept secure and confidential. In addition, employers in India generally complete background checks before […]

GDPR Privacy FAQs: Does a Processor That is Located Only in the United States, or That is Processing Data Only from the United States, Need to Appoint an Article 27 Representative

The General Data Protection Regulation (GDPR) requires some foreign companies to designate a “representative” that is present in the European Union (EU), not to be responsible for compliance, but to facilitate communication between data subjects and the controller or processor represented. The need to designate a representative occurs when a company that is not based […]

Can European Union Authorities Enforce Their Laws on U.S-Based Companies?

There recently have been cases of inconsistent applications of the European Union (EU) law by European Courts against U.S.-based companies. One law implicated a portion of General Data Protection Regulation law (GDPR) and the other involved the EU’s e-commerce directive. Questions, however, remain as to the jurisdiction of the EU’s privacy enforcement authorities on U.S.-based […]

GDPR: What Impact Has It Really Made During Its First Year?

It has been one year since the enactment of the General Data Protection Regulation (GDPR) and European Union (EU) officials believe that the GDPR has raised awareness and helped the public understand their data privacy rights. In fact, EU stats show that Data Protection Authorities logged more than 95,000 complaints since May 2018. Even so, […]

HOW ARE EU REGULATORS FLEXING THEIR MUSCLES?

A new brief from Osborne and Clarke discusses recent data breaches; the recurring themes of transparency and consent; the exercise of data subjects’ rights; and the increasingly important role that audits and dawn raids are likely to play, as DPAs emerge from behind their computer screens. It notes that 2018 was a busy year for […]

DETERMINING WHETHER YOUR ORGANIZATION’S HR DATA PROCESSING IS COVERED BY GDPR

A four-part series of articles examines national legislation, opinions, and enacted guidelines clarifying the GDPR’s requirements. Subsequent articles in the series will cover data protection impact assessments, claims alleging violations of the GDPR, enforcement actions, and fines that have been issued. The first article helps companies to clarify whether their organization’s HR data processing is […]

EUROPEAN COMMISSION RELEASES STUDY ON GDPR DATA PROTECTION CERTIFICATION MECHANISMS

The European Commission has released a study on GDPR data protection certification mechanisms. The study’s key takeaways include: the GDPR does not limit the subject matter to one specific area; valuable insight can be gained from analyzing existing certifications, assessment methodologies, contractual arrangements and audit processes in other industries; data protection authorities will need to […]