EUROPE: Data and tech governance for the connected retail sector 2. Retailers as tech operators

In the previous post we discussed how sound personal data governance will help retailers to seize the opportunities provided by digital transformation. Retailers are aiming to grow globally, in part to offset the limited growth available in mature markets. Within such a wider perspective, governance should also address reputational risks with a holistic approach. Data …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/europe-data-and-tech-governance-for-the-connected-retail-sector-2-retailers-as-tech-operators/

Canada – Important CASL changes in effect on July 1, 2017

Canada’s anti-spam law (CASL) came into effect on July 1, 2014. Almost three years later, Canadian businesses and their lawyers are still grappling with CASL compliance issues and trying to understand how CASL’s broad and often unclear provisions apply in practice. And, on July 1, 2017, two new things happen under CASL. Basis of implied …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/canada-important-casl-changes-in-effect-on-july-1-2017/

FRANCE: The French Data Protection Authority (CNIL) Publishes 6-Step Methodology For Compliance With GDPR

By Carol A.F. Umhoefer (carol.umhoefer@dlapiper.com) and Caroline Chancé (caroline.chance@dlapiper.com)   On March 15, 2017, the CNIL published a 6-step methodology for companies that want to prepare for the changes that will apply as from May 25, 2018 under the EU the General Data Protection Regulation (“GDPR”). The abolishment under GDPR of registrations and filings with …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/france-the-french-data-protection-authority-cnil-publishes-6-step-methodology-for-compliance-with-gdpr/

ITALY: Italian authorities send a message with EU’s highest data protection fine as GDPR looms

The Italian Data Protection Authority (Garante per la protezione dei dati personali, “Garante”) has this month imposed fines of more than €11 million on five companies operating in the money transfers sector for unlawful processing of personal data. This is the largest fine ever imposed by a European Data Protection Authority. Sigue Global Service Limited, …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/italy-italian-authorities-send-a-message-with-eus-highest-data-protection-fine-as-gdpr-looms/

FRANCE: France’s Highest Administrative Court Requests a Preliminary Ruling from the ECJ on the Right To Be Forgotten

By Carol A.F. Umhoefer (carol.umhoefer@dlapiper.com) and Caroline Chancé (caroline.chance@dlapiper.com)   On February 24, 2017, France’s highest administrative court (the “Conseil d’Etat”) submitted to the European Court of Justice (“ECJ”) a series of questions raising serious issues with regard to the interpretation of the 1995 Data Protection Directive in light of the ECJ’s 2014 ruling in …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/france-frances-highest-administrative-court-requests-a-preliminary-ruling-from-the-ecj-on-the-right-to-be-forgotten/

EUROPE: Data and tech governance for the connected retail sector #1. Keep compliant to thrive in an era of digital transformation

Data and tech governance for the connected retail sector 1: Keep compliant to thrive in an era of digital transformation The retail sector is embracing digital transformation, with the connected retail market expected to reach more than USD 50 billion by 2022, according to Grand View Research). An increasing amount of personal data is used …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/europe-data-and-tech-governance-for-the-connected-retail-sector-1-keep-compliant-to-thrive-in-an-era-of-digital-transformation/

UK: The perils of indirect marketing consents

A credit broker has been fined £120,000 by the Information Commissioner’s Office (“ICO”) under section 55A of the Data Protection Act 1998 for sending millions of marketing texts, all of which were sent without proper consent. The news was released on the ICO’s website on 15 February 2017 as an investigation had revealed that Digitonomy …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/uk-the-perils-of-indirect-marketing-consents/

CHINA: new Cybersecurity watchdog suggests greater compliance challenges ahead for overseas companies in China

Developments this month continue to signpost a more challenging compliance environment ahead for non-Chinese technology companies and those operating online in China. The Chinese Government’s continued scrutiny over cyberspace continues apace, with the announcement of a new cybersecurity watchdog. As well as monitoring cybersecurity threats and co-ordinating national cyberspace policy and practices, of greatest significance …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/china-new-cybersecurity-watchdog-suggests-greater-compliance-challenges-ahead-for-overseas-companies-in-china/

AUSTRALIA: Mandatory data breach reporting comes to Australia

By Peter Jones (Partner, Sydney) and Josephine Gardiner (Associate, Sydney) After a gestation period that would make African Bush Elephants proud, it is finally here… It would be an understatement to say that data breach notification laws have been on the table for some years in Australia. The long-awaited mandatory data breach laws, which passed …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/australia-mandatory-data-breach-reporting-comes-to-australia/

POLAND: GIODO special team publishes the “Proposed procedures before the Inspector General”

By Damian Karwala (Senior Associate, Warsaw) The Polish Data Protection Authority, GIODO (Generalny Inspektor Ochrony Danych Osobowych), as well as data controllers and data processors in Poland are currently preparing for the General Data Protection Regulation (GDPR). Among other things, GIODO has recently proposed that Administrators of Information Security (so-called “ABIs”, or Administratorzy Bezpieczeństwa Informacji – the Polish …

Continue reading »

Permanent link to this article: http://blogs.dlapiper.com/privacymatters/poland-giodo-special-team-publishes-the-proposed-procedures-before-the-inspector-general/

Older posts «