LAST WEEK IN PRIVACY & DATA PROTECTION

The Last Week in Privacy & Data Protection is a weekly newsletter provided to you by Data Privacy Recruitment Ltd.In it we gather the most important, business relevant, and generally interesting news articles, court judgments, and professional opinions related to privacy and data protection.

37th Weekly Newsletter -> 18–25 March 2017

___________________________________________________________________

MEPs Adopted a Resolution on Privacy Shield

Last Thursday the MEPs joined in Civil Liberties Committee adopted a new resolution dealing with sufficiency of Privacy Shield Agreement. In this resolution the Committee members pointed out that the EU Commission must ensure that the EU — U.S. Privacy Shield for data transfers for commercial purposes provides sufficient personal data protection to comply with the Charter of Fundamental Rights and the new EU data protection rules.

The MEPs also listed the following concerns:

  • lack of specific rules on automated decision-making or the general right to object,
  • lack of clear principles on how the Privacy Shield Principles apply to data processors,
  • that “bulk surveillance” remain possible with regards to national security and surveillance,
  • that neither the Privacy Shield Principles nor letters from the US administration demonstrate the existence of effective judicial redress rights for individuals in the EU whose personal data are transferred to the US, and
  • the Ombudsperson mechanism set up by the US Department of State is not sufficiently independent and is not vested with sufficient effective powers to carry out its duties.

Read more HERE

___________________________________________________________________

UK ICO Fines a Council for Leaving Sensitive Files in a Cabinet

The UK Information Commissioner’s Office (ICO) last week fined a county council £60,000 for leaving files that included sensitive information about children in a cabinet that was sent to a second hand shop. The breach by Norfolk County Council came to light after social work case files were discovered in a cabinet purchased by a member of the public from a second hand shop. The case files included information relating to seven children.

Read more HERE

___________________________________________________________________

BayLDA Issue New GDPR Related Paper

Last week the Bavarian Data Protection Authority (BayLDA) released a new Privacy Impact Assessment (PIA) document based on Article 35 of the General Data Protection Regulation (GDPR). The notion of a privacy impact assessment (PIA) is not a new one in the international comparison but it presents novelty for the German data protection environment. For this reasons the BayLDA has summarised the essential conditions about PIA in a new paper, and in particular addressed the issue of “privacy risk”.

Read more HERE

Read the Paper HERE (in German)

___________________________________________________________________

Compiled by Jernej Mavrič, email: jm@dp-recruitment.com

___________________________________________________________________

Follow us on Twitter @LastWeekInPDP and visit our WEBSITE

For privacy jobs and vacancies follow @dprecruitment