EU Commission’s ePrivacy Regulation Proposal to align electronic communications privacy to GDPR

Posted on by Federica Romanelli
On January 10, 2017, the European Commission issued a draft for a new ePrivacy Regulation (“Proposal”) that would replace Directive 2002/58/EC (‘the ePrivacy Directive’), implementing a higher level of privacy for all electronic communications. Scope of application: The Proposal applies to all electronic communication providers – including EU institutions – and aim at aligning the existing rules, which date back to 2002, with the newer data protection framework set out by Read more [...]

WP29 issues guidelines on data portability, DPO, and lead authority (and lays foundation for much more)

Posted on by Federica Romanelli
On December 13, 2016, EU Article 29 Data Protection Working Party "(WP29") dealt with several critical matters with regards to the implementation of the General Data Protection Regulation (GDPR) and the Privacy Shield. It also dealt with the enforcement measures on cases having a cross-border effect. As for the GDPR's implementation, the WP29 importantly adopted: Guidelines on the right to "data portability". Data portability  allows data subjects to receive the personal data provided Read more [...]

Privacy Shield update: around 1300 active participants after over 4 months from start

Posted on by Federica Romanelli
As of mid December 2016, around 1300 companies were active under the EU-US Privacy Shield, according to the US Department of Commerce official website. The Privacy Shield Framework has now been effective for almost 4 months and it replaced the Safe Harbor, which had around 5,500 participants by 2016. The US Department of Commerce, International Trade Administration (ITA), maintains the Privacy Shield official website where companies may find helpful information on the new framework. More Read more [...]

Italian DPA issued order allowing tracking of employees through their smartphones

Posted on by Federica Romanelli
On May 18, 2016, the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) issued an order allowing for the processing of personal geo-localization data collected through the employees’ smartphones. An Italian company, SITE S.p.A., submitted a preliminary request for examination of the DPA with reference to the processing of personal data gathered by activating a geo-location application installed on the company’s smartphones supplied to the employees working Read more [...]

EDPS’s Opinion on Personal Information Management Systems

Posted on by Federica Romanelli
On October 20, 2016, the European Data Protection Supervisor (EDPS) published Opinion 9/2016 on Personal Information Management Systems, PIMS. The opinion acknowledges that the recently adopted GDPR provides for increased transparency, powerful rights of access and data portability, giving individuals more control over their data. However, the EDPS highlighted how market conditions and business practices can create obstacles for the effective exercise of data protection rights (Opinion 8/2016). The Read more [...]