Certification and liability of the data controller

This paper aims to analyse a tool of the so-called “soft law”, that is the certification in the field of data protection. Art. 42, paragraph 2 of EU Regulation 2016/679 defines certification as voluntary. However, it is, more appropriately, a regulated certification, since it is based on rules issued by official institutions: particularly, certification criteria… Read More »

Share with...Tweet about this on TwitterShare on LinkedInShare on Google+Share on Facebook

Social Spam & Marketing

In the NEWSLETTER N. 435 del 29 novembre 2017 http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/7221009 the Italian Autority point attention on a type of questions that are often made to me during courses and / or conferences, id est if and within what limits it is possible to use the e-mail addresson socialfor marketing purposes. Our Autority reminds us that… Read More »

Share with...Tweet about this on TwitterShare on LinkedInShare on Google+Share on Facebook

Delegation to the Government for the transposition of European directives and the implementation of other European Union acts

On 25 October the Delegation to the Government for the transposition of European directives and the implementation of other European Union acts (European delegation law 2016-2017) was issued. Delegation to the Government for the Transposition of European Directives and the Implementation of Other Acts of the European Union – European Delegation Law 2016-2017. (17G00177) (OJ… Read More »

Share with...Tweet about this on TwitterShare on LinkedInShare on Google+Share on Facebook

What are standardization action to comply with art. 42 of EU Regulation 679/16?

Article 42 of EU Regulation 679/16 on Data Protection states: ” The Member States, the supervisory authorities, the Board and the Commission shall encourage, in particular at Union level, the establishment of data protection certification mechanisms and of data protection seals and marks, for the purpose of demonstrating compliance with this Regulation of processing operations… Read More »

Share with...Tweet about this on TwitterShare on LinkedInShare on Google+Share on Facebook

Controller and Processor standard clauses

The French DPA (CNIL) and Spanish DPA (AGDP) have issued two guides for data processors, namely “Règlement européen sur la protection des données : un guide pour accompagner les sous-traitants” and “Directrices para contratos responsable – encargado” respectively. Furthermore the English DPA (ICO) has published a draft gdpr contracts guidance. These have a positive impact… Read More »

Share with...Tweet about this on TwitterShare on LinkedInShare on Google+Share on Facebook