Free tools and resources for Data Protection Officers!

Tag Archives for " guidance "

Latest papers on privacy and data protection – June

Recommendations for Implementing Transparency, Consent and Legitimate Interest under the GDPR

Centre for Information Policy Leadership (CIPL) published its paper on transparency, consent and legitimate interest under the GDPR.

Download paper

Designing Without Privacy

This Article presents findings from an ethnographic study of how, if at all, technologists doing the work of technology product design think about privacy, integrate privacy into their work, and consider user needs in the design process.

Access paper

Privacy and Human Behavior In the Age of Information

This review summarizes and draws connections between diverse streams of empirical research on
privacy behavior.

Read the review

User-Centered Privacy Communication Design

This paper describes a user-centered privacy policy design project at Stanford Legal Design Lab aimed to generate new models of business-to-consumer communications around data privacy.

Read paper

Internet of Things. Status and implications of an increasingly connected world.

US Government Accountability Office (GAO) released a technology assessment of the Internet of Things (IoT) for Congressional members of the IoT Caucus.

Read assessment

New GDPR guidelines on consent, profiling, breach notification and data transfers to be issued in 2017

The Article 29 Working Party (WP29), a consultative body made up of all the national data protection authorities in the EU, in 2017 will issue new guidelines on General Data Protection Regulation (GDPR). First ones to issue will cover profiling, breach notification and data transfers. WP29 will also issue guidance on transparency, high risk processing, certification and application of administrative fines under the GDPR.

Read more

GDPR guidance on data portability, DPOs and lead authority

In December the Article 29 Working Party (WP29), an advisory body made up of all the EU national data protection authorities, has published three long awaited guidelines and frequently asked question (FAQ) on General Data Protection Regulation (GDPR). Guidelines covers following topics:

You can submit any additional comments on guidelines until the end of January 2017.

DPAs to issue GDPR guidance

Chair of the Article 29 Working Party, Isabelle Falque-Pierrotin, has promised that EU Data Protection Authorities will issue the first parts of their guidance on the EU Data Protection Regulation (GDPR) soon after their plenary meeting on 12-13 December. She also invited companies to provide their input to the Article 29 Working Party’s action plan for next year.

Companies are awaiting guidance from Working Parties and  Data Protection Authorities to sooner and better adjust their business practices and policies with upcoming data protection law. Guidance can be expected on Data Protection Officers (DPOs), data portability and designation of lead data protection authorities.

Source: http://www.privacylaws.com/Int_enews_01_12_16

Irish DPC issues guidance on anonymisation and pseudonymisation

In August 2016, Data Protection Commissioner (“DPC”) of Ireland published guidance on the use of data anonymisation and pseudonymisation. Guidance provides recommendations on effective use of anonymisation and pseudonymisation techniques.

Anonymisation and pseudonymisation techniques help organisations to better comply with security requirements of data protection law. General Data Protection Regulation (GDPR) encourages organisations to use pseudonymisation techniques while effectively and irreversibly anonymised data is not “personal data” and the data protection principles do not to such data.

Read the guidance

ICO publishes guidance on privacy notices under GDPR

UK’s Information Commissioner’s Office (ICO) has published guidance on privacy notices under EU General Data Protection Regulation (GDPR). GDPR introduces new requirements for controllers on notifying data subjects about processing of their data. GDPR requires privacy notices to be understandable and accessible. ICO’s guidance provides best practice on communicating privacy information to individuals.

Access guidance

>