Guidance – Page 6 – Privacy Design®

April 30, 2018April 30, 2018

Corrigendum GDPR (EU Regulation 2016/679)

http://data.consilium.europa.eu/doc/document/ST-8088-2018-INIT/en/pdf

Baker McKenzie: Global Privacy Handbook 2018

https://www.bakermckenzie.com/en/insight/publications/2018/04/2018-global-privacy-handbook

DLA Piper: Data Protection Laws of the World

https://www.dlapiperdataprotection.com/index.html?t=about&c=AO

Germany: Neue Version Methodik Standard-Datenschutzmodell (1.1)

Das fortgeschriebene Methodik-Handbuch zum Standard-Datenschutzmodell wurde am 26.4.2018 von der 95. Konferenz der unabhängigen Datenschutzbehörden des Bundes und der Länder (DSK) in der Version V1.1 für Prüfungen und Beratungen (5 Enthaltungen, Evaluationsfassung) angenommen.

Das Methodik-Handbuch kann in der jeweils aktuellsten Version abgerufen werden unter https://www.datenschutzzentrum.de/sdm/

FTC: analysis of 47 enforcement cases since 2002

IAPP white paper looking at security best practices based on FTC enforcement actions.

https://iapp.org/media/pdf/resource_center/FTC-WhitePaper_V4.pdf

April 9, 2018April 9, 2018

CNIL: Recommendations on Passwords

The “Deliberation no. 2017-012 of 19 January 2017 on the adoption of a recommendation relating to passwords” covers e.g.

the need for protecting passwords by salts or keys
automatic lockouts after subsequent login failures
detailled guidance on password renewals on request
etc..

https://www.cnil.fr/sites/default/files/atoms/files/recommandation_passwords_en.pdf

April 5, 2018April 5, 2018

Belgium DPA: Guidance on DPIA whitelist and blacklist

https://datamatters.sidley.com/belgian-privacy-commission-issues-guidance-on-data-protection-impact-assessments-under-the-gdpr/

(Old) links related to the total revision of the Swiss Data Protection Law

Rosenthal, Der Vorentwurf für ein neues Datenschutzgesetz: Was er bedeutet, Jusletter v. 20.2.2017

This is excellent reading material – covers some very interesting aspects of Swiss privacy today (e.g. data subject access rights under current law)

http://datenrecht.ch/rosenthal-der-vorentwurf-fuer-ein-neues-datenschutzgesetz-was-er-bedeutet-jusletter-v-20-2-2017/

Results of the Vernehmlassung and Botschaft of the Bundesrat

https://www.ejpd.admin.ch/ejpd/de/home/aktuell/news/2017/2017-09-150.html

Summary of changes by David Vasella (post- vs. pre-Vernehmlassung Draft)

http://swissblawg.ch/2017/09/entwurf-des-datenschutzgesetzes.html

April 4, 2018May 26, 2019

CNIL guide 2018 – “Security of Personal Data”

in English, incl.

Raising user awareness
Authenticating users
Access Management
Logging access and managing incidents
Securing workstations
Securing mobile data processing
Protecting the internal network
Securing servers
Securing websites
Ensuring continuity
Archiving securely
Supervising maintenance and data destruction
Managing data processors
Securing exchanges with other organisations
Physical security
Supervising software development
Encrypting, guaranteeing integrity and signing
Assess the security level of the personal data in your organisation

https://www.cnil.fr/sites/default/files/atoms/files/cnil_guide_securite_personnelle_gb_web.pdf