Some notes and links pertaining to the GDPR, here’s the text of the Law.

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCILof 27 April 2016on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

The ICO

  1. https://iconewsblog.wordpress.com/2016/10/31/how-the-ico-will-be-supporting-the-implementation-of-the-gdpr/
  2. https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf
  3. https://ico.org.uk/media/for-organisations/documents/1595/pia-code-of-practice.pdf

ISO

  1. ISO/IEC 29100:2011 Information technology — Security techniques — Privacy framework

eugdpr.org

  1. http://www.eugdpr.org/, claims to be a resource to educate the public about the main elements of the General Data Protection Regulation (GDPR)

The EU

  1. http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm
  2. This article, entitled Impact of the European General Data Protection Regulation (GDPR) on Adequacy and 5 Tips to Weather the Changes at “Privacy and Cyber Security Law, argues that none of the adequacy decisions can be assumed to stand since the criteria are stricter or at least different in the 2016 Law.

The Article 29 Working Party

  1. Article 29 Working Party at europa.eu
  2. A29WP on the US Privacy Regime, they have some improvements they’d like to see

The EEA

(I spoke to the ICO helpline which said that Iceland would be a permitted target for transfer. This page, The Basic Features of the EEA Agreement, describes the EEA and makes it clear that Data Protection is a single market issue. Iceland is in!

The European Council

  1. Convention 108 of the European Council, text.
  2. Council of Europe’s Data Protection home page
  3. http://www.coe.int/t/dghl/standardsetting/dataprotection/Modernisation_en.asp
  4. http://www.coe.int/t/dghl/standardsetting/dataprotection/TPD_documents/T-PD(2012)04Rev4_E_Convention%20108%20modernised%20version.pdf

The USA

  1. ARS Technica reports on the CJEU striking down Safe Harbour
  2. I review the Safe Harbour ruling on my blog
  3. I review the Safe Harbour ruling at Linkedin, and Citihub.
  4. The Privacy Shield by the US Federal Government.
  5. A press release on the EU declaring the US Privacy Shield to be adequate and the text of the declaration
  6. The Register on the A29WP objections to the Privacy Shield

India

  1. Report to the Commission on the state of India’s DP Laws.
  2. Commentary from the Delhi Law University on India’s preparedness for EU designation as safe for personal data.

Australia

  1. http://ec.europa.eu/justice/data-protection/document/studies/files/new_privacy_challenges/final_report_country_report_b2_australia.pdf, are not deemed adequate
Dave Politics , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.