Executive order on strengthening cybersecurity issued by Trump Administration

Posted on by Federica Romanelli
On May 11, 2017, the Administration Trump issued an executive order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. The executive order contains three sections. The first section deals with cybersecurity of federal networks. Agencies shall implement the NIST framework for risk management and risk reduction, federal IT for shared services shall use the cloud to be more efficient. The second section deals with critical infrastructure cybersecurity effort. Read more [...]

Facebook fined EUR 150,000 by French DPA for WhatsApp’s unlawful tracking

Posted on by Federica Romanelli
On May 16, 2017, the French, Belgian and Dutch members of the Data Protection Contact Group published the results of their investigations after WhatsApp issued its new privacy policy in August 2015, after joining Facebook. See here. The DPAs all over the world watched the changes closely and several EU authorities initiated national investigations to verify, among others: the quality of the information provided to users; and the validity of consent and the processing of personal data Read more [...]

Legge privacy canadese da applicarsi fuori da confine nazionale, secondo Corte Federale del Canada

Posted on by Federica Romanelli
Il 30 gennaio, 2017, il Tribunale Federale del Canada ha ritenuto Globe24h.com, un sito web basato in Romania, e il suo unico proprietario e gestore, in violazione della normativa canadese in tema di tutela delle informazioni personali e dei documenti elettronici (il Personal Information Protection and Electronic Documents Act, PIPEDA). Il sito web rumeno condannato indicizzava e ripubblicava sentenze canadesi, peraltro già rese pubbliche su banche dati legali canadesi. La differenza: le Read more [...]

Consent to data processing should not be consideration for a free service, EDPS says

Posted on by Federica Romanelli
On March 14, 2017, the European Data Protection Supervisor (EDPS) released Opinion 4/2017 on the 2015 Proposal for a Directive (1) on certain aspects concerning contracts for the supply of digital content  (1) on certain aspects concerning contracts for the supply of digital content and  (2) on certain aspects concerning contracts for the online and other distance sales of goods goods. See legislative proposals. The two proposals have the common objective to remove obstacles to cross-border Read more [...]

Canadian statute PIPEDA applied extraterritorially

Posted on by Federica Romanelli
On January 30, 2017, the Federal Court of Canada found Globe24h.com, a Romanian based website and its sole owner and operator, in violation of the Personal Information Protection and Electronic Documents Act (PIPEDA). By way of background, the Romanian based website indexed and reposted Canadian court and tribunal decisions that were also available on Canadian legal websites. Other Canadian legal websites generally are not indexed and a person seeking information must go directly to each site Read more [...]