Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Tag Archives: Future-proofing privacy

Posted in Data Protection & Privacy Eduardo Ustaran

Future-Proofing Privacy: The Time Has Come

It has taken several years but we have finally made it to the start line. The modernisation of European privacy laws has reached a critical milestone and with the formal adoption of the new data protection framework, we can now begin to lay the foundations for the future.

Influenced by overwhelming technological advances and the Snowden revelations, the EU Data … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Tim Wybitul

Part 11: Data Protection in the Workplace

Relevance of employee data protection
 for enterprises


Data privacy in an employment context remains
 an important challenge for companies. On the one hand, employers have a strong interest in monitoring personnel conduct or performance; few controllers are likely to have collected more personal data about an individual than their employer. On the other hand, employees have a legitimate expectation of … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Dr. Marcus SchreibauerJan SpittkaLilly Taranto

Part 10: Enforcement and the Risk of Non-Compliance

One of the major purposes of the Regulation is to ensure a consistent application of data protection law throughout the EU, not only to provide a high level of data protection but also to guarantee legal certainty for businesses when handling personal data. This has presented legislators with one of their biggest challenges: how to maintain the existing network of … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Dr. Martin PflüegerHannah JacksonRik Zagers

Part 9: International Data Transfers 2.0

What’s the deal?

The Data Protection Directive and the Regulation both impose restrictions on the transfer of personal data by EU based businesses to destinations outside the EEA.

Recap on current framework

Transfers of personal data to a third country outside the EEA are allowed under the current Data Protection Directive only if:… Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Sarah TaiebMac Macmillan

Part 7: The New Accountability Regime

Background of the notion of accountability

Accountability has been described by the Article 29 Working Party as a way of “showing how responsibility is exercised and making this verifiable”.

Accountability is far from being a new concept. It was introduced back in 1980 in the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.

In 2010, … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Joke BodewitsPatrice Navarro

Part 6: Profiling Restrictions v. Big Data

A stricter regime for profiling

Profiling and Big Data analytics are set to play a pivotal role in the growth of the digital economy. From cookie-based tracking to people’s interaction through social media, the size and the degree of granularity of our digital footprints have created unprecedented opportunities for business development and service delivery. The scale of data collection, data … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation Marco BerliriMassimiliano MasnadaSian Rudgard

Part 5: New and Stronger Rights

What’s the deal?

The Regulation aims to strengthen the rights of individuals. It does so by retaining rights that already exist under the Data Protection Directive and introducing the new rights of data portability, the right to be forgotten, and certain rights in relation to profiling. In this chapter we look at each of these rights in turn and assess … Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation

Part 4: Future-proofing privacy: Justifying Data Uses – From Consent to Legitimate Interests

Grounds for processing

Under the Data Protection Directive, each instance of data processing requires a legal justification – a “ground for processing”. This fundamental feature of EU data protection law remains unchanged under the draft Regulation. However, the bar for showing the existence of certain grounds for processing will be set higher, particularly in relation to consent.

Stringent and uncertain Continue Reading

Posted in Data Protection & Privacy, Policy & Regulation

Part 3: Future-Proofing Privacy: The Concept of Personal Data Revisited

Pseudonymisation enters the stage

Along with the concept of personal data, as opposed to anonymous data, the Regulation introduces a third category, that of pseudonymous data. Pseudonymous data is information that no longer allows the identification of an individual without additional information and is kept separate from it. In exchange for the lower level of privacy intrusion, the applicable requirements … Continue Reading