WP art.29 published on public consultation wp260 titled “Guidelines on transparency under Regulation 2016/679”. This document details how to comply with art. 12 to 22 and 34. Great attention is devoted to art.13 and art. 14.. WP art.29 on paragraph 2 make clear that privacy statements/ notices shall comply with Transparency, as expressed is in the document,… Read More »
The GDPR was born one year ago (on the 27th April, published on GUE on 4th May 2016) and many have not yet outlined an adjustment plan. There is only one year left to comply to (the deadline is established on 25th May 2018). Some data protection authority of each EU Member State have published… Read More »
The Directive 95/46/EC deal with the argument in the following terms: The processing of personal data for scientific research purposes is not considered incompatible with other processing (art. 6) For scientific use, personal data may be stored for longer periods (art. 6) The provision of information to the data subject may not be given when… Read More »
The customer data protection needs to be included under the logics inspiring the principles and measures of Data Governance. In this sense, the measures to protect customers’ personal data can only be effective if they follow the same principles that drive the measures to corporate Data Governance. A healthy setting of Data Governance rules is… Read More »
Sorry, this entry is only available in Italian.
As discussed in a previous post, the new GDPR underlines the importance of the right to be forgotten, to some extent already present in the current Italian legislation. Here we want to think about the technical implications of this requirement. How much can it cost to organizations the right to be forgotten, in a society… Read More »
Europrivacy.info is organizing a meeting to start talking and working on the recently approved text of the GDPR on January 29 in Milan. This is just a “save the date”: more info will follow soon.
As mentioned in the previous post, on November 13th the XI National Congress of ANSSAIF (National Association of Security Specialists in Companies of Financial Intermediation) was held in Rome, on the theme of ‘Digital Services, Security, Network – What knowledge and what tools to address new threats?’. The appointment, rich of illustrious and interesting interventions,… Read More »
The recent scandal of the data theft suffered by Canadian extramarital dating website Ashley Madison astonished and continues to create consequences; nearly 10 GBs of data stolen by a hacker group and containing highly sensitive information about the private life of the users involved, whose lives have been however inevitably affected only for being part… Read More »
There is a frequent error about the conviction that the privacy impact assessment (also known as Data Protection Impact Assessment DPIA but hereafter named just PIA) is a new topic introduced only from the prevision of regulatory or by some member state regulation. Actually, the PIA is the base of every “privacy assessment” from the… Read More »