The Article 29 Working Party, with the opinion n. 1/2017 WP247 of 4 April 2017, and the European Data Protection Supervisor, with the opinion n. 6/2017 of 24 April 2017, have released their respective views on the proposed Regulation.
La nota affronta il tema delle condizioni di validità del consenso raccolto nel vigore del Codice Privacy quale base giuridica del trattamento che perdura oltre il 25 maggio 2018: in pratica, il consenso raccolto correttamente secondo le prescrizioni del Codice Privacy si può considerare valido anche sotto il regime del GDPR, e pertanto costituisce idonea base giuridica del trattamento senza bisogno di raccoglierne uno nuovo?
On March 28th 2017, the attorney at law Maria Roberta Perugini will take part as a speaker in Milan at a very particular meeting, dedicated to the presentation of an application model of GDPR developed by Giancarlo Butti and Alberto Piamonte and represented analytically in the book “GDPR: NEW PRIVACY – TAILORED COMPLIANCE”, just published (please find here attached the link to the publisher’s site, where you can also download an excerpt: http://www.iter.it/gdpr/) and of which Maria Roberta Perugini has edited the preface that you will find below reported.
We deal the interesting topic concerning individuation of the role assigned to bodies in charge of vigilance and control within instances of personal data processing; these bodies are by their nature independent to the entity they supervise, even when being part of it.
We publish the slides of the event.
Among the topics of current interest in the field of protection of personal data are the limits on use of the information published on social networks, especially in view of the regulatory changes introduced by the EU General Data Protection Regulation (“GDPR”). This article identifies the consequences of this issue arising from the exception on the prohibition of “processing special categories of personal data” (Art. 9 GDPR) for cases where the processing relates to “personal data which are manifestly made public by the interested party “(paragraph 2, lett. e).
On 10 January, the European Commission presented a proposal for a Regulation (hereafter, the “Regulation”) concerning the processing of personal data and the protection of privacy in electronic communications, aimed at repealing Directive 2002/58/EC (hereafter, the “ePrivacy Directive”).
As is widely known, the European Union General Data Protection Regulation, which replaces Directive 95/46/EC, will come into force in May 2018 and will bring relevant changes to all stakeholders: DPAs, individuals, controller and processor organizations. In order to help organizations understand the key operational impacts of the regulation and to stimulate their internal change, the Centre for Information Policy Leadership – a global privacy and security think tank that works to advance privacy and security policy, law and practice – launched a survey (respondents were both data controllers and data processors of multinational organizations with an annual revenue size ranged from less than $1 million to more than $100 billion, that predominantly operated in Europe and in the US) to evaluate their progress towards true operationalization for GDPR readiness.
