February 2018 – Page 8 – Privacy Design®

WP29 has issued Opinion 01/2017 on the Proposed Regulation for the ePrivacy Regulation (2002/58/EC) – wp247

http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=610140

February 21, 2018February 21, 2018

WP29: [Open] Guidelines on the accreditation of certification bodies

Deadline:

30 March 2018

The Article 29 Working Party welcomes comments on the Guidelines on the accreditation of certification bodies (wp261). Such comments should be sent to the following address by 30 March 2018 at the latest.

http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=614486

February 21, 2018

CNIL: DPIA tools (templates and knowledge bases)

This is one of my favorite documents that I refer to on a day to day basis.

Nice list of privacy risks and severity examples.

https://www.cnil.fr/sites/default/files/typo/document/CNIL-PIA-2-Tools.pdf

February 21, 2018February 21, 2018

ENISA on European Data Protection Certifications

incl. an analysis of the following certifications:

ePrivacyseal EU
EuroPrise
CNIL Labels
ICO Privacy Seal (under development)
Certification based ON ISO/IEC 27001
Certification based on ISO/IEC 27018 – PrivacyMark system
Privacy by Design by Ryerson University and Deloitte Canada

https://www.enisa.europa.eu/publications/recommendations-on-european-data-protection-certification

Obviously, I am a bit partial to EuroPriSe – which does very well in the comparison.

February 21, 2018February 21, 2018

Germany: Kurzpapiere der Datenschutzkonferenz (in German)

Kurzpapier Nr. 1 – Verzeichnis von Verarbeitungstätigkeiten
Kurzpapier Nr. 2 – Aufsichtsbefugnisse/Sanktionen
Kurzpapier Nr. 3 – Verarbeitung personenbezogener Daten für Werbung
Kurzpapier Nr. 4 – Datenübermittlung an Drittländer
Kurzpapier Nr. 5 – Datenschutz-Folgenabschätzung
Kurzpapier Nr. 6 – Auskunftsrecht
Kurzpapier Nr. 7 – Marktortprinzip
Kurzpapier Nr. 8 – Maßnahmenplan
Kurzpapier Nr. 9 – Zertifizierung
Kurzpapier Nr. 10 – Informationspflichten
Kurzpapier Nr. 11 – Recht auf Vergessenwerden

https://www.datenschutz.hessen.de/neuesdatenschutzrecht.htm#entry4971

February 21, 2018

Germany/Hessen: Data Protection in Science and Research

In German – has some interesting passages on anonymisation.

https://www.datenschutz.hessen.de/download.php?download_ID=147

February 21, 2018

CNIL: free DPIA software

https://www.cnil.fr/en/cnil-releases-free-software-pia-tool-help-data-controllers-carry-out-data-protection-impact

February 21, 2018

ECJ: written answers + examiner’s comments in a professional examination constitute personal data

http://curia.europa.eu/juris/documents.jsf?num=C-434/16

February 21, 2018February 22, 2018

DataGuidance: France: Accelerated GDPR bill “limited in scope”

https://www.dataguidance.com/france-gdpr-bill/

Month: February 2018

UK/NHS: Data protection and information governance

WP29 Opinion 01/2017 on the Proposed Regulation for the ePrivacy Regulation (2002/58/EC) – wp247

WP29: [Open] Guidelines on the accreditation of certification bodies

CNIL: DPIA tools (templates and knowledge bases)

ENISA on European Data Protection Certifications

Germany: Kurzpapiere der Datenschutzkonferenz (in German)

Germany/Hessen: Data Protection in Science and Research

CNIL: free DPIA software

ECJ: written answers + examiner’s comments in a professional examination constitute personal data

DataGuidance: France: Accelerated GDPR bill “limited in scope”