Data Protection & Cyber Security Law Update 1 st October 2015
|
|
- Marianna Thornton
- 8 years ago
- Views:
Transcription
1 Data Protection & Cyber Security Law Update 1 st October 2015 Robert Bond, Partner Janine Regan, Associate Viktoria Protokova, Data Protection Executive charlesrussellspeechlys.com
2 Brief introduction to Charles Russell Speechlys Leading law firm based in London with regional offices within the UK and international offices in Bahrain, Qatar, Geneva, Zurich, Luxembourg and Paris with a strong focus on the Technology, Media and Telecoms ( TMT ) Financial, Retail & Leisure and Life Science sectors. Recognised for our Data experience and advisory services in the latest legal directories Chambers UK and Legal 500 amongst others. Our clients range from large listed businesses, to small start-ups, governments, not-for-profit organisations and private individuals. We have specialised in data privacy and information security for 36 years. Our Data Protection & Information Law team provide a range of expertise on data privacy audit, compliance, risk management, information security and data breaches What I liked was the fact that the team was very willing for us to see itself as an extension of our existing in-house team. I like the way it integrated members sat alongside and guided us. That was what impressed. 2
3 Robert Bond Partner Robert Bond has over 36 years' experience in advising national and international clients on all of their commercial IP, technology and data protection requirements. He also provides international notarial services and compliance advice. He is a legal expert and author in the fields of e-commerce, computer games, media and publishing, data protection, information security and cyber risks. He is named in the National Law Journal's list of 50 Governance Risk & Compliance Trailblazers, listed in the top 10 in the Who s Who of Information Technology Lawyers 2014 and also in "Best Lawyers in UK "He continues to impress year on year. His spark of imagination and ability to grasp the technology is amazing." Tel: +44 (0) robert.bond@crsblaw.com Chambers UK,
4 Janine Regan Solicitor Janine has extensive experience advising on and managing global data protection compliance for multinationals in sectors such as financial services, pharmaceutical, technology, marketing and advertising, media and construction. She frequently advises on: notifications/approvals with relevant data protection authorities, drafting and negotiating data protection provisions in outsourcing and data sharing agreements, whistle blower hotlines, trans border data flows, privacy impact assessments, data breaches and subject access requests. She also provides tailored data protection training for clients. Recently, Janine has provided privacy advice on new technologies such as telemetry, wearable devices and big data. Tel: +44 (0) October
5 Viktoria Protokova Data Protection Executive Photo Placeholder Tel: +44 (0) Viktoria has experience in advising on and delivering data privacy and information security compliant solutions for clients in a variety of sectors. She frequently advises on registrations with the local data protection authorities, contractual data controller, processor obligations, data breach notifications and data protection and information security requirements for systems, processes and procedures. Before joining Charles Russell Speechlys, Viktoria was part of the core team that implemented the Global Privacy practises in one of the world s largest multinationals in the consumer goods sector. Viktoria speaks five languages (English, Russian, Spanish, Polish and Lithuanian) and is also certified Privacy Professional for Europe (CIPP/E) and US (CIPP/US). 05 October
6 TOPICS Is Safe Harbor a safe bet any more? Beware asset sales with personal data - no consent may mean no sale Global review of child focused websites Wyndham case confirms data security is a default not an option EDPS Opinion 4/2015 "Towards a new digital ethics Changes to Japanese Data Protection Law Update to South Korean Law 6
7 1. Is Safe Harbor a safe bet anymore?
8 Is Safe Harbor a safe bet anymore? Advocate General s Opinion in Case C-362/14: Maximillian Schrems v Data Protection Commissioner Background Data Protection Directive 95/46/EC (the Directive) provides that personal data may only be transferred outside of the European Economic Area if that third country provides an adequate level of protection The Directive also provides that the Commission may find that a third country ensures an adequate level of protection If the Commission adopts a decision to that effect, the transfers of personal data will be lawful Commission Decision 2000/520/EC of 26 July 2000 effected the Safe Harbor scheme 05 October
9 Is Safe Harbor a safe bet anymore? Advocate General s Opinion in Case C-362/14: Maximillian Schrems v Data Protection Commissioner Background Complaint Facebook Ireland EU subscribers personal data Facebook US (Safe Harbor) 05 October
10 Is Safe Harbor a safe bet anymore? Advocate General s Opinion in Case C-362/14: Maximillian Schrems v Data Protection Commissioner What has happened? 05 October
11 Is Safe Harbor a safe bet anymore? Advocate General s Opinion in Case C-362/14: Maximillian Schrems v Data Protection Commissioner Given such a finding of infringements of the fundamental rights of citizens of the Union the Commission ought to have suspended the application of the decision, even though it is currently conducting negotiations with the United States in order to put an end to the shortcomings found The Advocate General indeed observes, that, if the Commission decided to enter into negotiations with the United States, that is because it considered beforehand that the level of protection ensured by that third country, under the safe harbor scheme, was no longer adequate and that the decision adopted in 2000 was no longer adapted to the reality of the situation 05 October
12 Is Safe Harbor a safe bet anymore? Advocate General s Opinion in Case C-362/14: Maximillian Schrems v Data Protection Commissioner What next and what does this mean? The judges are deliberating and a judgement will be given on 6 October DPAs may enforce Safe Harbor differently Companies may need to re-think their internal and external mechanisms for data transfers Binding Corporate Rules = more appealing? 05 October
13 2. Beware asset sales
14 Beware Asset Sale! Germany 30 July 2015 Bavarian DPA announced it had fined both seller and purchaser for unlawfully transferring customer data as part of an asset deal The DPA said that the transfer of data during an asset deal without customer consent cannot be justified on the grounds of prevailing company interests; and That a transfer of data is only valid if customer consent has been obtained or if a corresponding opt-out has been provided 05 October
15 3. Global review of child focused website
16 Global review of child focused website Questions raised The Global Privacy Enforcement Network (GPEN) 67% of sites/apps examined collected children s personal information Only 31% of sites/apps had effective controls in place to limit the collection of personal information from children. Half of sites/apps shared personal information with third parties 22% of sites/apps provided an opportunity for children to give their phone number and 23% of sites/apps allowed them to provide photos or video 58% of sites/apps offered children the opportunity to be redirected to a different website Only 24% of sites/apps encouraged parental involvement 71% of sites/apps did not offer an accessible means for deleting account information. 05 October
17 Global review of child focused website Questions raised These are concerning results. The attitude shown by a number of these websites and apps suggested little regard for how anyone s personal information should be handled, let alone that of children. Internationally we saw some websites and apps gathering more information than we felt they needed, and sharing that data with third parties. The most common concern domestically was a lack of information being provided about how their information would be used. We saw generic privacy policies that simply weren t specific enough, and some without any information at all, which isn t good enough. We ll now be writing out to the sites and apps that caused us concern, making clear the changes we expect them to make. We wouldn t rule out enforcement action in this area if required. 05 October
18 4. Wyndham case
19 Wyndham case confirms data security is a default not an option After a series of hacks in 2008 and 2009, FTC investigated Wyndham Worldwide and held it liable to consumers affected by their failure to implement reasonable protections Wyndham brought proceedings against the FTC claiming that they had no authority to enforce against Wyndham In the Third Circuit decision on 24 th August 2015, the federal court reaffirmed the power of FTC to enforce against Wyndham claiming that Wyndham had committed unfair or deceptive acts or practices by failing to implement adequate cybersecurity Wyndham s privacy policy stated that it had suitable security in place. reaffirms the FTC s authority to hold companies accountable for failing to safeguard consumer data. Edith Ramirez, FTC Chair 05 October
20 5. EDPS Opinion 4/2015
21 EDPS Opinion 4/2015 "Towards a new digital ethics EDPS calls for Ethics and Dignity in the processing of personal data Opinion deals with Big Data, IoT and Connected Autonomous Vehicles and Drones Opinion references Art.1, EU Charter of Fundamental Rights Human dignity is inviolable. It must be respected and protected EDPS is setting up an Ethics Advisory Group NB UN Privacy Advisory Group is discussing same topic in The Hague on 24/25 October 2015 before the International Privacy Commissioners Conference in Amsterdam 05 October
22 6. Changes to Japanese Data Protection Law
23 AMENDMENTS TO JAPANESE DATA PROTECTION LAWS Bill to amend the Act on the Protection of Personal Information The amendments of the act is the part of Japan s strategy to make Japan the world's leading IT society, which is a vital part of Japan's industry revitalisation plan. Amendment New Data Protection Authority Data Transfers Extraterritorial application of the law Expanding definition of personal data Requirement Establishes Personal Information Protection Committee from 1 January Transfers abroad possible only if: i) consent is obtained; ii) adequate country and/or iii) transferee applied required measures.. APPI could apply to companies established outside Japan. Face recognition data, driver's license numbers, and passport numbers are included in personal data definition. 05 October
24 AMENDMENTS TO JAPANESE DATA PROTECTION LAWS Bill to amend the Act on the Protection of Personal Information Amendment Distinguishing "sensitive information Data anonymisation Requirement Race, belief, social status, disease, history, criminal records, facts related to suffering from crime. Consent is not needed to transfer data if PI is anonymised. Guidelines on data annonymisation will be issued by DPA. Other provisions Small size business are now subject to the legal obligations. Provisions are expected to come into force in October
25 7. Update to South Korean Data Protection Law
26 AMENDMENTS TO SOUTH KOREAN DATA PROTECTION LAW INFORMATION PROTECTION ACT (PIPA) Perhaps the strictest data protection law in the world Very active data protection authority Additional amendments came into force on 7 July 2015 Introduces punitive and statutory damages Consumers may claim up to 1700 damages 05 October
27 AMENDMENTS TO SOUTH KOREAN DATA PROTECTION LAW INFORMATION PROTECTION ACT (PIPA) Companies are banned from collecting resident registration numbers (RRNs) Guidelines for the collection and use of the mobile apps PIPA also provides incentives for companies to invest in fighting cyber attacks by reducing corporate tax RRN 05 October
28 charlesrussellspeechlys.com
Ethical hotlines and whistleblowing ensuring businesses are not in conflict with local laws
Ethical hotlines and whistleblowing ensuring businesses are not in conflict with local laws 16 January 2014 Robert Bond, CCEP Partner and Notary Public Our Team Speechly Bircham is an ambitious, full-service
More informationBIG DATA AND THE INTERNET OF THINGS
BIG DATA AND THE INTERNET OF THINGS 12 September 2013 Robert Bond Partner and Notary Public Janine Regan Solicitor Tughan Thuraisingam Paralegal Our team Speechly Bircham is an ambitious, full-service
More informationOUTSOURCING, HOSTING AND DATA PRIVACY ISSUES
OUTSOURCING, HOSTING AND DATA PRIVACY ISSUES 4 April 2013 James Castro-Edwards Solicitor Monica Salgado Advogada / Portuguese Lawyer OUR TEAM Speechly Bircham is an ambitious, full-service law firm with
More informationHOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU
HOW TO HANDLE A WHISTLEBLOWER REPORT IN THE EU 10 April 2014 Monica Salgado Advogada registered with the Portuguese Ordem dos Advogados Registered European Lawyer with the SRA Kirsti Laird Solicitor, (qualified
More informationPresentation by: Dr. Nathalie Moreno Partner. Cloud Computing and Data Protection: an Update 4 October 2012
Presentation by: Dr. Nathalie Moreno Partner Cloud Computing and Data Protection: an Update 4 October 2012 Our team Speechly Bircham is an ambitious, international mid-size fullservice law firm head-quartered
More informationTracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan. charlesrussellspeechlys.com
Tracking Compliance: Data Protection Risks and Remedies for Retail Janine Regan charlesrussellspeechlys.com Janine Regan Associate +44 (0)20 7427 6798 janine.regan@crsblaw.com Janine has extensive experience
More informationtechnical factsheet 176
technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection
More informationEU Data Protection and Information Security for Banking & Financial Service sectors 4 th December 2014
EU Data Protection and Information Security for Banking & Financial Service sectors 4 th December 2014 Janine Regan, Associate George Willis, Associate charlesrussellspeechlys.com Janine Regan Associate
More informationData and Cyber Laws Up-date 9 July 2015
Data and Cyber Laws Up-date 9 July 2015 Janine Regan Alexia Zuber Viktoria Protokova Simon Holdsworth charlesrussellspeechlys.com Topics Updates on the key aspects of, and commentary on, the proposed GDPR
More informationTHE TRANSFER OF PERSONAL DATA ABROAD
THE TRANSFER OF PERSONAL DATA ABROAD MARCH 2014 THIS NOTE CONSIDERS THE SITUATION OF AN IRISH ORGANISATION OR BUSINESS SEEKING TO TRANSFER PERSONAL DATA ABROAD FOR STORAGE OR PROCESSING, IN LIGHT OF THE
More informationImplementing and monitoring effective compliance policies & procedures. charlesrussellspeechlys.com
Implementing and monitoring effective compliance policies & procedures charlesrussellspeechlys.com Robert Bond Partner Robert Bond has over 36 years' experience in advising national and international clients
More informationData Protection and Information Security: The top 5 risks for 2013 1 November 2012
Robert Bond Head of Data Protection & Information Law Group Data Protection and Information Security: The top 5 risks for 2013 1 November 2012 Our team Speechly Bircham is an ambitious, full-service law
More informationCOMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
EUROPEAN COMMISSION Brussels, XXX [ ](2011) XXX draft COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE COUNCIL, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE REGIONS
More informationPersonal Data Protection Policy
Personal Data Protection Policy Please take a moment to read the following Policy. If there is anything you do not understand then please contact us. We are committed to protecting privacy. This Personal
More informationData controllers and data processors: what the difference is and what the governance implications are
ICO lo : what the difference is and what the governance implications are Data Protection Act Contents Introduction... 3 Overview... 3 Section 1 - What is the difference between a data controller and a
More informationESOMAR PRACTICAL GUIDE ON COOKIES JULY 2012
ESOMAR PRACTICAL GUIDE ON COOKIES JULY 2012 Copyright ESOMAR 2012 TABLE OF CONTENTS 2 Objectives 2 Introduction 3 Definitions 4 SECTION 1: APPLICABLE LAW 4 SECTION 2: WHAT YOU NEED TO KNOW SOME FAQs 5
More informationE-Discovery and EU Data Protection laws
Robert Bond robert.bond@speechlys.com Alexander Carter-Silk alexander.carter-silk@speechlys.com IP, Technology & Data Group E-Discovery and EU Data Protection laws Alex Carter-Silk, Partner, IP, Technology
More informationThe reform of the EU Data Protection framework - Building trust in a digital and global world. 9/10 October 2012
The reform of the EU Data Protection framework - Building trust in a digital and global world 9/10 October 2012 Questionnaire addressed to national Parliaments Please, find attached a number of questions
More informationCOMPLYING WITH THE E-COMMERCE REGULATIONS 2002
COMPLYING WITH THE E-COMMERCE REGULATIONS 2002 You should read this guide if you. advertise goods or services online (i.e. via the Internet, interactive television or mobile telephone) sell goods or services
More informationValue of the EU Data Protection Reform against the Big Data challenges. Keynote address 5th European Data Protection Days Berlin, 4.5.
Value of the EU Data Protection Reform against the Big Data challenges Keynote address 5th European Data Protection Days Berlin, 4.5.2015 Giovanni Buttarelli European Data Protection Supervisor (Check
More informationInhouse Masterclass: Data Developments - Cyber Security & the Right to be Forgotten. MHC.ie
Inhouse Masterclass: Data Developments - Cyber Security & the Right to be Forgotten MHC.ie Rewriting the Past Oisin Tobin otobin@mhc.ie Agenda 1. Background 2. Findings and impact: a) Jurisdiction b) A
More informationpharmaceutical & biotechnology
pharmaceutical & biotechnology Our specialist lawyers find practical solutions to legal problems and help pharma and biotech companies to operate and grow their businesses effectively and compliantly.
More informationFRANCE. Chapter XX OVERVIEW
Chapter XX FRANCE Merav Griguer 1 I OVERVIEW France has an omnibus privacy, data protection and cybersecurity framework law. As a member of the European Union, France has implemented the EU Data Protection
More informationwww.bonddickinson.com Cyber Risks October 2014 2
www.bonddickinson.com Cyber Risks October 2014 2 Why this emerging sector matters Justin Tivey Legal Director T: +44(0)845 415 8128 E: justin.tivey The government estimates that the current cost of cyber-crime
More informationAn overview of UK data protection law
An overview of UK data protection law Our team Vinod Bange Partner +44 (0)20 7300 4600 v.bange@taylorwessing.com Graham Hann Partner +44 (0)20 7300 4839 g.hann@taylorwessing.com Chris Jeffery Partner +44
More informationCloud computing and personal data protection. Gwendal LE GRAND Director of technology and innovation CNIL
Cloud computing and personal data protection Gwendal LE GRAND Director of technology and innovation CNIL 1 Data protection in Europe Directive 95/46/EC Loi 78-17 du 6 janvier 1978 amended in 2004 (France)
More informationData Protection in Ireland
Data Protection in Ireland 0 Contents Data Protection in Ireland Introduction Page 2 Appointment of a Data Processor Page 2 Security Measures (onus on a data controller) Page 3 8 Principles Page 3 Fair
More informationPrivacy & Data Security: The Future of the US-EU Safe Harbor
Privacy & Data Security: The Future of the US-EU Safe Harbor NAOMI MCBRIDE, LISA J. SOTTO AND BRIDGET TREACY, HUNTON & WILLIAMS LLP, WITH PRACTICAL LAW US INTELLECTUAL PROPERTY & TECHNOLOGY AND UK IP&IT
More informationCYBER SECURITY - CYBER RISK MANAGEMENT AND MITIGATION. Scott Thiel, Partner June 2015
CYBER SECURITY - CYBER RISK MANAGEMENT AND MITIGATIN Scott Thiel, Partner June 2015 Agenda 1. Current threat environment 2. Regulatory frameworks of countries in the Asia Pacific region 3. Key challenges
More informationDATA TRANSFERS WITHIN A MULTINATIONAL GROUP SAFELY NAVIGATING EU DATA PROTECTION RULES
DATA TRANSFERS WITHIN A MULTINATIONAL GROUP SAFELY NAVIGATING EU DATA PROTECTION RULES MAY 2013 INTRODUCTION Multinational corporations increasingly have a need to share their data throughout their group.
More information"Direct marketing" is not limited to advertising goods or services for sale. It also includes promoting an organisation s aims and ideals.
Direct Marketing Most direct marketing activities must comply with the requirements of the Data Protection Act 2002 (DPA) and, where that direct marketing is communicated by electronic mail, telephone
More informationGetting Serious about Privacy and Cyber Security in Asia Pacific
SESSION ID: CDS-F04 Getting Serious about Privacy and Cyber Security in Asia Pacific Scott Thiel Partner DLA Piper @DLA_Piper Peter Jones Partner DLA Piper @DLA_Piper Agenda Current threat environment
More informationPrivacy vs Data Protection. PRESENTATION TITLE GOES HERE Eric A. Hibbard, CISSP, CISA Hitachi Data Systems
Privacy vs Data Protection PRESENTATION TITLE GOES HERE Eric A. Hibbard, CISSP, CISA Hitachi Data Systems Introduction The terms privacy and data protection are often used interchangeable In reality they
More informationGARANTE PER LA PROTEZIONE DEI DATI PERSONALI WHEREAS
[doc. web n. 1589969] Spamming: How to Lawfully Email Advertising Messages GARANTE PER LA PROTEZIONE DEI DATI PERSONALI Prof. Stefano Rodotà, President, Prof. Giuseppe Santaniello, Vice-President, Prof.
More informationprivacy and credit reporting policy.
privacy and credit reporting policy. ME, we, us or our refers to Members Equity Bank Ltd and its subsidiary ME Portfolio Management Ltd. about ME Every Australian deserves to get the most out of their
More informationDirect Marketing Rules
Direct Marketing Rules Is your business compliant? June 2016 Our expertise Banking & Finance Charities Commercial Construction Corporate Corporate Tax Disputes Employment Family & Matrimonial Immigration
More informationCybersecurity in the Commonwealth: Setting the Stage
Cybersecurity in the Commonwealth: Setting the Stage Tim Unwin Secretary General Commonwealth Telecommunications Organisation CTO Cybersecurity Forum, Yaoundé 24 th April 2013 For governments Imagine if
More informationBHF Southern African Conference
BHF Southern African Conference Navigating the complexities of the new legislative framework Peter Hill, Director: IT Governance Network TOPICS TO BE COVERED The practical implementation of the PPI Act
More informationData Protection for Fundraisers
The Charity First Series Data Protection for Fundraisers Lawrence Simanowitz and Mairéad O Reilly The Charity First series aims to provide practical and straightforward guidance on the challenges confronting
More informationCOMMENTARY. European Commission Launches E-Commerce Sector Inquiry. What are Sector Inquiries?
MAY 2015 COMMENTARY European Commission Launches E-Commerce Sector Inquiry The European Commission (the Commission ) has launched a sector inquiry of the e-commerce sector in Europe. 1 This is a far-reaching
More informationEU Data Protection Directive and U.S. Safe Harbor Framework: An Employer Update. By Stephen H. LaCount, Esq.
EU Data Protection Directive and U.S. Safe Harbor Framework: An Employer Update By Stephen H. LaCount, Esq. Overview The European Union Data Protection Directive 95/46/EC ( Directive ) went effective in
More information7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data. Directive 7.08 Protection of Personal Data
Akzo Nobel N.V. Executive Committee Rules 7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data Source Directive Content Owner Directive 7.08 Protection of Personal Data AkzoNobel Legal
More informationI am grateful to Rod Freeman and Valerie Kenyon at Hogan Lovells for their invaluable contribution to these speaking points
Speaking points made by Robert MacDougall, Vodafone, during the IoT liability workshop as part of the Digital Revolution event at the University of Münster, 2 October 2015 1 Good afternoon everyone and
More informationIntellectual Property & Data Protection 2015: Legal developments you need to know about
Intellectual Property & Data Protection 2015: Legal developments you need to know about Welcome This is a short guide to some of the key legal developments for intellectual property and data protection
More informationThe eighth data protection principle and international data transfers
Data Protection Act 1998 The eighth data protection principle and international data transfers The Information Commissioner s recommended approach to assessing adequacy including consideration of the issue
More informationComments and proposals on the Chapter IV of the General Data Protection Regulation
Comments and proposals on the Chapter IV of the General Data Protection Regulation Ahead of the trialogue negotiations later this month, EDRi, Access, Panoptykon Bits of Freedom, FIPR and Privacy International
More informationContext. To cloud or not to cloud, that is a very serious question. Legal challenges in a post Safe Harbour and pre GDPR cloud world
To cloud or not to cloud, that is a very serious question EEMA / TrustCore Legal challenges in a post Safe Harbour and pre GDPR cloud world 18 November 2015 hans.graux@timelex.eu Context Major cloud providers
More informationINFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER
INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE
More informationHow To Protect Your Data From Hackers
Cyber Risk: What you need to know and what you can t afford to ignore! James Johnston Directors' and Officers' Insurance Underwriter Daniel Fletcher Cyber Insurance Underwriter Financial & Specialty Markets
More informationSouth East Asia: Data Protection Update
Data Privacy and Security Team To: Our Clients and Friends September 2013 South East Asia: Data Protection Update Europe has had data protection laws in place for over a decade. Such laws regulate how
More informationThe Manitowoc Company, Inc.
The Manitowoc Company, Inc. DATA PROTECTION POLICY 11FitzPatrick & Associates 4/5/04 1 Proprietary Material Version 4.0 CONTENTS PART 1 - Policy Statement PART 2 - Processing Personal Data PART 3 - Organisational
More informationDay 1: Lawyers Briefing Host and Venue: Wierzbowski Eversheds Sp.k., Warsaw With simultaneous Polish English and English Polish interpretation
Privacy Laws & Business Privacy Officers Network Poland s Changing Data Protection Law Lawyers Briefing and GIODO Roundtable 28 29 March 2012, Warsaw Programme Day 1: Lawyers Briefing Host and Venue: Wierzbowski
More informationOur specialist insurance services for Professionals risks
Our specialist insurance services for Professionals risks Price Forbes & Partners is an independent Lloyd s broker based in the heart of London s insurance sector. We trade with all of the major international
More informationPrivacy, the Cloud and Data Breaches
Privacy, the Cloud and Data Breaches Annelies Moens Head of Sales and Operations, Information Integrity Solutions Legalwise Seminars Sydney, 20 March 2013 About IIS Building trust and privacy through global
More informationWhat's Up with Apps in Hong Kong July 2013
What's Up with Apps in Hong Kong July 2013 In May this year, the Hong Kong Privacy Commissioner for Personal Data ("Privacy Commissioner") joined the Global Privacy Enforcement Network ("GPEN") to conduct
More informationBriefly summarised, SURFmarket has submitted the following questions to the Dutch DPA:
UNOFFICIAL TRANSLATION Written opinion on the application of the Wet bescherming persoonsgegevens [Dutch Data Protection Act] in the case of a contract for cloud computing services from an American provider
More informationSupported by. World Trademark Review. Anti-counterfeiting. Poland. Contributing firm Patpol Patent & Trademark Attorneys.
Supported by World Trademark Review Anti-counterfeiting 2012 Poland Contributing firm A Global Guide Poland Contributing firm Authors Jaromir Piwowar and Bartek Kochlewski Legal framework Rights holders
More informationData Protection Act. Privacy & Security in the Information Age. April 26, 2013. Ministry of Communications, Ghana
Data Protection Act Privacy & Security in the Information Age April 26, 2013 Agenda Privacy in The Information Age The right to privacy Why We Need Legislation Purpose of the Act The Data Protection Act
More informationManagement liability - Employment practices liability Policy wording
Special definitions for this section Benefits Claim Defence costs The General terms and conditions and the following terms and conditions all apply to this section. Any compensation awarded to an employee
More informationWork programme 2016 2018
ARTICLE 29 Data Protection Working Party 417/16/EN WP235 Work programme 2016 2018 Adopted on 2 February 2016 This Working Party was set up under Article 29 of Directive 95/46/EC. It is an independent European
More informationEU Regulatory Trends in Data Protection & Cybersecurity What should be on the industry s agenda?
EU Regulatory Trends in Data Protection & Cybersecurity What should be on the industry s agenda? Dr. Jörg Hladjk Counsel European Data Protection & Privacy Practice Hunton & Williams, Brussels Cyber Security
More informationData Protection for Charities
Data Protection for Charities CFG 15 May 2014 Overview Overview and key definitions The data protection principles Fair and lawful processing Data security and outsourcing Rights of data subjects Recent
More informationWhat is Cyber Security?
& Cyber Security The threat: trojans, trap doors malware, packet sniffers, worms, viruses, hacking and denial of service. Physical security is insufficient protection against these new forms of threat.
More informationThe potential legal consequences of a personal data breach
The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.
More informationWhat is Cyber Security? Why work with us?
& Cyber Security The threat: trojans, trap doors malware, packet sniffers, worms, viruses, hacking and denial of service. Physical security is insufficient protection against these new forms of threat.
More informationData Protection and Cloud Computing: an Overview of the Legal Issues
Data Protection and Cloud Computing: an Overview of the Legal Issues Christopher Kuner Partner, Hunton & Williams, Brussels Research Assistant, University of Copenhagen Nordic IT Law Conference Copenhagen,
More informationSafe Harbour Agreement no longer a valid basis for EEA to US transfers of personal data
Jisc Safe Harbour NOTE ON THE COURT OF JUSTICE OF THE EUROPEAN UNION'S JUDGMENT ON 'SAFE HARBOUR' ARRANGEMENTS FOR THE TRANSFER OF PERSONAL DATA FROM THE EEA TO THE USA KEY POINTS Safe Harbour Agreement
More informationEU Employment Law Euro Info Centre December 2006
EU Employment Law Euro Info Centre December 2006 CONTENTS EU Employment Law 2 1. Anti-discrimination 2 2 2 2. Equal treatment of men and women in the workplace 3 3 3 3. Fixed and part time work including
More informationGuidance on political campaigning
I ICO guidance Guidance on political campaigning 3 Guidance on political campaigning Data Protection Act Privacy and Electronic Communications Regulations Contents Introduction... 3 A. Why comply?... 5
More informationGSK Public policy positions
Safeguarding Personally Identifiable Information A Summary of GSK s Binding Corporate Rules The Issue The processing of Personally Identifiable Information (PII) 1 and Sensitive Personally Identifiable
More informationData Protection Avoiding Information Commissioner Fines. Caroline Egan 5 June 2014
Data Protection Avoiding Information Commissioner Fines Caroline Egan 5 June 2014 Why is data protection a hot topic in pensions? Pension schemes hold large amounts of personal data Individuals more aware
More informationThe Role and Function of a Data Protection Officer in the European Commission s Proposed General Data Protection Regulation. Initial Discussion Paper
The Role and Function of a Data Protection Officer in the European Commission s Proposed General Data Protection Regulation 1. Introduction Initial Discussion Paper The data protection officer ( DPO )
More informationPrivacy in the cloud. DNB has indicated that it considers cloud computing a form of outsourcing.
Privacy in the cloud computing, and the company concerned is required to submit a risk analysis to DNB. 3 Cloud computing entails the saving, processing and using of company data on the servers of a cloud
More informationCCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE
Représentant les avocats d Europe Representing Europe s lawyers CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION DIRECTIVE CCBE RECOMMENDATIONS FOR THE IMPLEMENTATION OF THE DATA RETENTION
More informationPersonal data and cloud computing, the cloud now has a standard. by Luca Bolognini
Personal data and cloud computing, the cloud now has a standard by Luca Bolognini Lawyer, President of the Italian Institute for Privacy and Data Valorization, founding partner ICT Legal Consulting Last
More informationOFFICE: London Dashwood 69 Old Broad Street London, EC2M. T: +44 (0) 20 7556 4425 E: mdeem@cooley.com
MARK DEEM PARTNER OFFICE: London Dashwood 69 Old Broad Street London, EC2M T: +44 (0) 20 7556 4425 E: mdeem@cooley.com PRACTICES: Aviation Commercial Litigation Communications Digital Media & Entertainment
More informationWho s next after TalkTalk?
Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many
More informationMaking a cross border claim in the EU
Making a cross border claim in the EU serving the community through the administration of justice Using the European Order for Payment procedure or the European Small Claims procedure Version: 2.0 Date
More information16 September 2015. Easier data transfer to countries outside the EU Legal newsletter
16 September 2015 Easier data transfer to countries outside the EU Legal newsletter Easier data transfer to countries outside the EU Deloitte Legal Szarvas, Erdős and Partners Law Firm provides its clients
More informationBRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS
BRITISH COUNCIL DATA PROTECTION CODE FOR PARTNERS AND SUPPLIERS Mat Wright www.britishcouncil.org CONTENTS Purpose of the code 1 Scope of the code 1 The British Council s data protection commitment and
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationSelling Telematics Motor Insurance Policies. A Good Practice Guide
Selling Telematics Motor Insurance Policies A Good Practice Guide April 2013 1 INTRODUCTION 1.1 The purpose of the guidance This guidance sets out high-level actions that insurers should seek to achieve
More informationBig Data for Law Firms DAMIAN BLACKBURN
Big Data for Law Firms DAMIAN BLACKBURN PUBLISHED BY IN ASSOCIATION WITH Big data means big business By Simon Briskman, partner, technology & outsourcing group, Field Fisher Waterhouse LLP BIG DATA is
More informationGDPR & Service Providers ( Cloud Focus )
OASIS / EEMA Digital Enterprise Europe 2015 Building Trust in the Hyperconnected World 8 July 2015 GDPR & Service Providers ( Cloud Focus ) Kuan Hon Senior Researcher, Cloud Legal Project & Microsoft Cloud
More informationThe Impact of EU Data Protection Legislation. Thomas Rivera Hitachi Data Systems
Privacy PRESENTATION vs Data TITLE Protection: GOES HERE The Impact of EU Data Protection Legislation Thomas Rivera Hitachi Data Systems SNIA Legal Notice The material contained in this tutorial is copyrighted
More informationE-commerce and Legal Compliance
E-commerce and Legal Compliance Moving all or part of your business online can be an exciting time, opening up a range of opportunities and new markets for you and your business. Hand in hand with these
More informationSurviving the Era of Hack Attacks Cyber Security on a Global Scale
Surviving the Era of Hack Attacks Cyber Security on a Global Scale Dr. Adriana Sanford ASU Lincoln Professor of Global Corporate Compliance and Ethics Clinical Associate Professor of Law and Ethics This
More informationGlobal Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister
2011 Morrison & Foerster LLP All Rights Reserved mofo.com Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister Presenter Miriam Wugmeister Morrison & Foerster LLP New York
More informationEmployment. CMS Cameron McKenna Supporting your needs
Employment CMS Cameron McKenna Supporting your needs 2014 Our Employment team We are a full service Employment team advising on all aspects of the employment relationship with a focus on high-level, complex
More informationCompliance guide: Data protection. A practical guide to meeting your regulatory and best practice obligations
Compliance guide: Data protection A practical guide to meeting your regulatory and best practice obligations Contents Introduction 3 5 Principle 1: Data must be fairly and lawfully processed 4 5 Principle
More informationCompetition litigation
FINANCIAL INSTITUTIONS ENERGY INFRASTRUCTURE, MINING AND COMMODITIES TRANSPORT TECHNOLOGY AND INNOVATION PHARMACEUTICALS AND LIFE SCIENCES Competition litigation in the UK Class act Competition litigation
More informationJan Philipp Albrecht Rapporteur, Committee on Civil Liberties, Justice and Home Affairs European Parliament
September 5, 2012 Jan Philipp Albrecht Rapporteur, Committee on Civil Liberties, Justice and Home Affairs European Parliament Lara Comi Rapporteur, Committee on Internal market and Consumer Protection
More informationE-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY
E-COMMERCE GOES MOBILE: SEEKING COMPETITIVENESS THROUGH PRIVACY Oana Dolea 7 th Annual Leg@l.IT Conference March 26th, 2013 Montreal, Canada INTRODUCTION Mobile e-commerce vs. E-commerce Mobile e-commerce:
More informationMulti-Jurisdictional Study: Cloud Computing Legal Requirements. Julien Debussche Associate January 2015
Multi-Jurisdictional Study: Cloud Computing Legal Requirements Julien Debussche Associate January 2015 Content 1. General Legal Framework 2. Data Protection Legal Framework 3. Security Requirements 4.
More informationDean Bank Primary and Nursery School. Secure Storage of Data and Cloud Storage
Dean Bank Primary and Nursery School Secure Storage of Data and Cloud Storage January 2015 All school e-mail is disclosable under Freedom of Information and Data Protection legislation. Be aware that anything
More informationData Protection for the Guidance Counsellor. Issues To Plan For
Data Protection for the Guidance Counsellor Issues To Plan For Author: Hugh Jones Data Protection Specialist Longstone Management Ltd. Published by the National Centre for Guidance in Education (NCGE)
More informationPlan for Growth: Promoting the UK s Legal Services Sector
Plan for Growth: Promoting the UK s Legal Services Sector Foreword by the Lord Chancellor and Secretary of State for Justice, and the Minister for Trade & Investment As Britain s economy emerges from a
More informationdiscover the secret Intellectual Property Legal Services in Russia and the CIS
discover the secret Intellectual Property Legal Services in Russia and the CIS With a Russian presence since the early 1990s, Gowlings is proud to have an internationally recognized intellectual property
More informationContracts, Consumer Rights and Trading Online
Neil Baylis and Noirin McFadden Contracts, Consumer Rights and Trading Online 20 January 2015 Copyright 2014 by K&L Gates LLP. All rights reserved. LEGAL BACKGROUND SETTING THE SCENE Contracts what are
More information