News – Page 39 – Privacy Design®

October 29, 2020

EDPS: Strategy for Union institutions, offices, bodies and agencies to comply with the ‘Schrems II’ Ruling

https://edps.europa.eu/sites/edp/files/publication/2020-10-29_edps_strategy_schremsii_en_0.pdf

October 28, 2020October 28, 2020

Article: DPA Thüringen: Interessenkollision bei Personalunion: DSB und IT-Sicherheitsbeauftragter

https://dataagenda.de/interessenkollision-bei-personalunion-dsb-und-it-sicherheitsbeauftragter/

October 28, 2020October 28, 2020

Article: The Italian privacy authority rules on the definition of personal data and the relevance of the DPO’s opinion

(The concept of personal data might be broader than expected and the opinion of the DPO might be useful)

Requesting the opinion of teh DPO led to a lower fine.

https://www.gamingtechlaw.com/2020/10/italian-privacy-authority-definition-personal-data-dpo-opinion.html

October 28, 2020October 28, 2020

Article: Do I need to provide my DPIA on request? (in German)

Muss ich meine Datenschutz-Folgenabschätzung (DSFA) auf Anfrage herausgeben?
https://www.datenschutz-guru.de/muss-ich-meine-datenschutz-folgenabschaetzung-dsfa-auf-anfrage-herausgeben/

No – if requested by data subject
Yes – if requested by DPA – it depends, Art 58

(Data protection impact assessment)

October 26, 2020October 26, 2020

Slides (David Vasella): Intra-group data transfer/processing agreements

https://www.walderwyss.com/user_assets/publications/201020-Slides-Vasella-IAPP-EN-V003-copy.pdf

October 26, 2020October 26, 2020

FTC vs. Facebook – MandatedPrivacy Controls (Summer 2020)

VII. MANDATED PRIVACY PROGRAM at
https://www.ftc.gov/system/files/documents/cases/c4365facebookmodifyingorder.pdf

For context
https://www.ftc.gov/news-events/blogs/business-blog/2019/07/ftcs-5-billion-facebook-settlement-record-breaking-history

October 23, 2020October 23, 2020

Article: Summary of important change sin new Swiss Data Protection Law (revDSG)

Das neue Schweizer Datenschutzgesetz – Die wichtigsten Neuerungen für Unternehmen”
by Daniela Fábián Masoch

https://privacylegal.ch/download/162/Das%20neue%20Schweizer%20Datenschutzgesetz_FPL%20(2020-10-15).pdf

October 23, 2020October 23, 2020

AEPD: verification list for Privacy By Design audits

The AEPD gives a non-comprehensive verification list for PrivacybyDesign audits in chapter VIII of its guidance (in English!)

https://www.aepd.es/sites/default/files/2020-10/guia-proteccion-datos-por-defecto-en.pdf

October 22, 2020October 26, 2020

Article: In wake of the Schrems II, CNIL challenges use of Microsoft cloud storage to host public health data lakes (the Health Data Hub case – Part 1 and 2)

Good HoganLovell summary of French DataHub case.

https://www.engage.hoganlovells.com/knowledgeservices/news/in-wake-of-the-schrems-ii-cnil-challenges-the-use-of-microsoft-cloud-storage-to-host-public-health-data-lakes-the-health-data-hub-case-part-1_1

https://www.engage.hoganlovells.com/knowledgeservices/news/french-court-refuses-to-suspend-microsofts-hosting-of-a-public-health-data-lake-despite-cnil-opinion-the-health-data-hub-case-part-2

October 21, 2020October 21, 2020

Information portal (in German): Stiftung Datenschutz

https://stiftungdatenschutz.org/themen/dsgvo-praxis/