All GDPR articles
-
Webinar
UK’s Post-Brexit GDPR Reforms: What to Expect, How to Adapt
On January 1 2021, the UK formally and effectively left the European Union. As a result, the EU GDPR no longer applies in the UK. Currently, the UK DPA 2018 sets out the data protection framework in the UK. Are you UK-DPA compliant?
-
Webinar
Data Retention - The blind spot in your privacy program (MEA region)
The increasing number and complexity of privacy laws have been the driving force for organisations to shift focus from tick-the-box compliance exercises to automated privacy solutions.
-
Feature
Profiling and Marketing: Why the ICO’s Latest Fine Against Easylife Matters
The Easylife fine shows how some companies may be engaged in profiling without realising. The decision reminds us of the dangers of carelessly processing health data and demonstrates the important interaction between the GDPR and direct marketing laws.
-
Feature
Conservative Party Conference 2022 Brings More Data Protection Uncertainty
At the Conservative Party Conference 2022 on Monday, newly-appointed Secretary of State for Digital, Culture, Media and Sport (DCMS) Michelle Donelan said the General Data Protection Regulation (GDPR) was “limiting the potential of our businesses”.
-
Report
Charting the UK Data Protection Profession: September 2022 Report
Data Protection World Forum and The DPO Centre are delighted to bring you the ninth Index survey report from the ground-breaking UK Data Protection Index.
-
Feature
Will the UK’s ‘Light Touch’ AI Regulation Plans Increase AI Risks?
The government claims its “innovation-friendly and flexible” plans for AI regulation could help businesses avoid the “uncertainty that comes with regulatory compliance”. But could lighter touch regulation increase risks for UK businesses and individuals alike?
-
Video
Conducting a Transfer Impact Assessment: Best Practice
The transfer impact assessment (TIA) might be among the most demanding of the GDPR’s requirements. Assessing the surveillance regime of a third country can be a daunting task even for an experienced legal department—not to mention the thousands of SMEs engaged in international data transfers.
-
Video
International Data Transfers: The Biggest GDPR Compliance Challenge
This panel will explore whether the situation post-Schrems II is sustainable, and consider the implications for practically every business in the EEA.
-
Video
GDPR: 4 Years On
Four years on from the entry into force of the GDPR and the privacy landscape is still as complex as ever. The past 12 months have continued to be wrought with action and a heightened sense of privacy awareness. Developments in the Schrems II case and the privacy implications of the Coronavirus have highlighted a new level of compliance considerations for organisations to navigate.
-
Video
What’s Wrong With the GDPR? Constructive Criticisms from Privacy Professionals
The GDPR is rightly celebrated as improving data protection rights in many areas. But the law has also been criticised—both by “big tech” lobbyists and dedicated privacy professionals.
-
Video
GDPR Four Years On: Reviewing the Most Significant Enforcement Decisions
The flood of GDPR fines anticipated by the media arguably never materialised—but four years on from the GDPR’s effective date, enforcement is ramping up.
-
Video
Reviewing Your GDPR Compliance Program
Many companies spent considerable time and resources in the run up to May 2018 on adapting their systems and processes toward GDPR compliance. Four years later, were all these changes necessary? Where should controllers have gone further from the outset? And what should change given the abundant post-2018 guidance and enforcement from DPAs?
-
Webinar
Data Retention - The blind spot in your privacy program (Nordic and Benelux region)
The increasing number and complexity of privacy laws have been the driving force for organisations to shift focus from tick-the-box compliance exercises to automated privacy solutions.
-
Webinar
Data Retention - The blind spot in your privacy program (DACH region)
The increasing number and complexity of privacy laws have been the driving force for organisations to shift focus from tick-the-box compliance exercises to automated privacy solutions.
-
Feature
GDPR Four Years On: How Has the Law Changed the World, and How Can It Be Improved?
The General Data Protection Regulation (GDPR) is perhaps the EU’s best-known and most-misunderstood law.
-
Article
The Splintering of Global Data Flows: Is the ‘Risk-Based Approach’ Dead?
To combat foreign government surveillance, European data protection regulators are taking an increasingly hardline stance on GDPR enforcement that could drastically change the internet. Some argue that a more pragmatic, “risk-based approach” could help avoid severe disruption. But a recent decision against Google suggests those people are losing the debate.
-
Webinar
Data Retention - The blind spot in your privacy program (Southern Europe region)
The increasing number and complexity of privacy laws have been the driving force for organisations to shift focus from tick-the-box compliance exercises to automated privacy solutions.
-
Event
PrivSec Focus: GDPR Four Years On
Four years on from the coming into effect of the General Data Protection Regulation (GDPR), it’s time to take stock: Has the GDPR truly improved data protection? How have organisations implemented the law’s requirements? And what questions remain unanswered after nearly half a decade of GDPR?
-
Feature
Is the UK Data Protection Regulator’s Independence Under Threat?
In an interview with POLITICO on 23 March, UK Information Commissioner John Edwards said he had “made it very clear” that the government’s proposed data protection reforms must not “undermine the independence” of the country’s data regulator, the ICO.
-
Webinar
GDPR enforcement trends – lessons from 2021
2021 was a landslide year for GDPR enforcement – but what’s actually changed for privacy teams and how they should prioritise?