This cartoon is about the GDPR’s lawful basis requirement to process personal data. One of the biggest differences between U.S. and EU privacy law is that in the U.S., organizations can collect and use personal data in nearly any way they choose as long as they state what they are doing in their privacy notice […]
I had the opportunity to interview Mark Singer and Raf Sanchez, both at Beazley, about the issue of profiling and the GDPR. Mark Singer is a member of the Cyber & Executive Risk Group at Beazley. Mark handles insurance coverage issues arising out of cybersecurity, technology errors and omissions, data privacy, intellectual property, media and advertising liabilities. Raf […]
This cartoon is about the GDPR’s right to data portability under Article 20. This right allows data subjects to take their data from one organization and transfer it easily to other organizations. Pursuant to the GDPR Article 20: 1. The data subject shall have the right to receive the personal data concerning him or her, […]
For global organizations as well as organizations in the EU, the GDPR has brought significant attention and resources to privacy. Finally, many executives are beginning to take privacy seriously. As I recently wrote in my article, Prime Time for Privacy, at Bloomberg Law: The GDPR has taken privacy to the next level. Before the GDPR, nothing […]
In the past few weeks, with enforcement of the General Data Protection Regulation (GDPR) beginning on May 25, countless organizations launched emails and pop up notices about changes in their privacy notices in light of GDPR. This cartoon pokes a little fun at the blizzard of changed privacy notice notices.
This is a momentous week. On Friday, May 25, 2018, the General Data Protection Regulation (GDPR) will begin being enforced. Organizations are racing against the clock to be prepared. What will the day look like when the sun rises on May 25?
The General Data Protection Regulation (GDPR) has actually been with us for quite a long time (in various forms), but this month is the moment of truth. On May 25, the GDPR will start being enforced. Here’s a quick timeline of the evolution of the GDPR: October 1995: Data Protection Directive (95/46/EC) is adopted. The […]
I have a confession to make, one that is difficult to fess up to on the US side of the pond: I love the GDPR. There, I said it. . . In the United States, a common refrain about GDPR is that it is unreasonable, unworkable, an insane piece of legislation that doesn’t understand how […]
This cartoon makes fun of the fact that these days, there seem to be so many GDPR experts. There are, indeed, many experts who know a lot about GDPR. The problem is that there are a lot more “experts” out there who know only a little about GDPR.
Organizations are racing to get ready for the GDPR implementation date of May 25, 2018. Complete GDPR compliance in a few months is likely not feasible for many organizations, but this shouldn’t mean that these organizations should give up. Making a good-faith effort and continuing to strive to improve are quite worthwhile.