Tag Archives: EU

Goodbye Safe Harbour, hello Privacy Shield

Safe Harbor, declared invalid last October by ECJ, will be soon replaced by the EU-US Privacy Shield. “For the first time ever, the United States has given the EU binding assurances that the access of public authorities for national security purposes will be subject to clear limitations, safeguards and oversight mechanisms” states Commissioner Věra Jourová into press release. .@EU_Commission… Read More »

GDPR, safe harbour and terrorism.

Cyber intelligence is probably one of the important weapons against terrorism. GDPR is a barrier against the freedom of intrusion of a wide variety of powers in the personal life of common people. These two statements are strictly connected: that’s why one of the most heard statements in these dark days is “less privacy for… Read More »

New EU Regulation requires a more structured approach to personal data security

The New Regulation, through the art. 30 and 33, implicitly stresses the concept of “process for security management”, imposing an holistic and risk-based approach to the protection of personal data that takes into account important technological and behavioral changes happened in the last few years (Cloud, Big Data, Social Networks, right to oblivion, right to data… Read More »

Privacy by design and privacy by default

Today personal data are the new “oil”, they are among the most interesting source of income both for organizations and criminal activities, then, it is very important and necessary to protect them.  In this context, the concept of privacy by design and privacy by default, has to be considered a mandatory solution. The “privacy by… Read More »

Data breach: key contents of the new regulation

Article 31 of the EU regulation proposal on personal data protection is aimed at making the notification of data breaches to the supervisory Authority mandatory for every controller, without undue delay. Of course, processors must notify, again without undue delay, every data breach to the controller to allow him to proceed. The communications must include at least the… Read More »

Data Protection Officer: professional skills and requirements

Pursuant to article 35 c. 5 of the General Data Protection Regulation (Regulation COM(2012)11), Data Protection Officer (DPO) must have professional qualities and, in particular, expert knowledge of data protection law and practices and ability to fulfill the tasks referred into the following article 37. This would means that the level of required expert knowledge… Read More »