When looking over what happened this week, there were a couple of things I could talk about: EDPB’s guidelines on relevant and reasoned objection under the GDPR, or Ryanair being accused in a US court of hiding behind the GDPR or perhaps musing on the Schrems II ruling and its impact on international data transfers … Continued
Read MoreReflecting back on my post from Friday on joint controllers, I thought it might be useful to reflect on a couple of instances where your data processors might also be controllers. These are situations where you would probably just think about getting Data Processing Agreement in place, but you should really think about whether you … Continued
Read MoreOn Thursday, 16 July, the European Court of Justice issued a judgement which invalidates the use of the US Privacy Shield as a lawful basis for exporting personal data from the EU to the US. Guidance from supervisory authorities suggests that, if you are currently using Privacy Shield, to please continue to do so until new … Continued
Read MoreNew technology is always going to prompt questions about privacy for users. Free app users get so used to the convenience, and they eventually forget hidden cost. They might be sacrificing their privacy. When it comes to COVID-19, a contact tracing app could be an important tool for tracking the spread of the virus. But … Continued
Read MoreThe head of the organisation is responsible for demonstrating compliance. While some sole proprietors may find little risk in the use of spreadsheets, they are certainly in the minority. Using spreadsheets for compliance may increase the risk of non-compliance in your organisation. Many accountants will tell you about the security nightmare that is spreadsheet-accounting. And … Continued
Read More