Many European organisations share data with organisations outside the EU, or rather the EEA, with data often being transferred to the US. Most of these organisations, 60% of them, relied on the Privacy Shield as a data transfer mechanism to the US. However, on July 16, 2020, the Court of Justice of the European Union invalidated the Privacy Shield, making the transfer of personal data to more than 5,500 US organisations (including the most used software tools) be in violation of the EU privacy law, the GDPR. The reason for invalidation: the law and practice of access to personal data by US intelligence services means that the protection of personal data by EU standards does not have an adequate level of protection.
Veel Europese organisaties delen gegevens met organisaties in landen buiten de EU (of eigenlijk de EER: EU en Noorwegen, Liechtenstein en IJsland). Vaak is dit naar de VS. Op 16 juli 2020 zette het Hof van Justitie van de Europese Unie een streep door het PrivacyShield, waarop 60% van de organisaties die gegevens delen buiten de EU vertrouwt voor wettige doorgifte naar de VS. Dit maakt de doorgifte van persoonsgegevens aan meer dan 5.500 Amerikaanse organisaties (waaronder de meest gebruikte softwaretools) in een klap in strijd met de Europese privacywet AVG. De reden: het recht en de praktijk omtrent toegang tot persoonsgegevens door Amerikaanse inlichtingendiensten betekent dat de bescherming van persoonsgegevens naar EU-maatstaven niet een passend beschermingsniveau geniet.
As we slowly enter 2020, during the year of 2019, numerous studies have been conducted with the objective to see just how far companies fare in regards to their GDPR compliance efforts. As fines and penalties are still being issued from various data protection regulators in their respectful countries, it may be suggested that companies, ranging from multinational corporations to SMEs, are still struggling to be fully compliant with the GDPR. In this blogpost, we take a look at several key studies done by various types of organisations, the numbers in their findings, and how it all shapes the race for compliance.
Under CCPA, consumers will enjoy significant control over the ways in which businesses utilize their data. These expanded rights to data control are largely in line with the GDPR’s objectives. However, the California law differs from its European cousin in several important ways.
The age old question we ask ourselves on what we receive, is to what we have to give up in order to have it. Will data become the new aspect we give up in order for tech in the health field progress? With new ways to help improve the lives of millions of people who potentially can be at their most vulnerable, personal data continues to be of major importance in health progression. At the same time, it begs the question: what will happen if business and ethics clash as a result of bettering healthcare?
Consent banners are still flawed, dating apps discovered to expose your exact and real time location to anybody, and the UK’s ICO gives adtech an ultimatum. While you were catching up on your missed calls and emails, the privacy world was in constant movement. In this blog, we will have a look at the last two weeks of August.
The COM(2016) 117 document issued today by the Commission clarifies the EU U.S. Privacy Shield agreed on February 2. Its first part reads like an advertising brochure for the new Regulation (GDPR) which is not issued yet and will take another two years to become effective. Its current relevance to the demised Safe Harbour agreement is not at all clear. It seems more of an attempt to emphasise how serious the Commission’s