Search results

[…] regulator may reduce the fine. Additionally, the ICO is bound by national law to assess the fine’s broader economic impact, as it must consider the desirability of promoting economic growth. Thus, before issuing a fine and when deciding on its amount, it will consider its economic impact on the wider sector where the infringer […]

[…] and unnecessary compliance costs due to contradictory requirements in Asia Pacific. Modern data protection laws should shift the onus of data protection from users to organizations, by promoting an accountability-based approach to data protection over a “consent-centric” one. Different avenues may be used to rebalance consent and privacy accountability in APAC, including through concepts […]

[…] trend to modernize their regulatory approach, several of them proposing sandboxes (e.g., the CNIL and the Norwegian DPA), and pushing for more self-regulation, like the adoption of Codes of Conduct. DPAs also plan on dedicating efforts to make GDPR compliance work in practice on a large scale by targeting the empowerment of DPOs and […]

[…] Using a researcher-friendly version of Empatica’s E4 device that prevents the collection of geolocation data, IP address, or mobile International Mobile Equipment Identity (IMEI) identifiers. Using QR codes to link participants to specific wearable devices to ensure that participant names and study record IDs would not be shared. Learn more about the project, including […]

[…] all plans, processes, and frameworks throughout the research collaboration. Use Technology to Enhance Privacy. The Stanford research team and Empatica took advantage of technology, where possible, to promote privacy throughout the project. Stanford employed QR codes to prevent the need to share participant identifiers, including names and study record IDs, with Empatica. Use Privacy-Protective […]

[…] health information. Using a researcher-friendly device, Empatica’s E4, that prevents the collection of geolocation data, IP address, or mobile International Mobile Equipment Identity (IMEI) identifiers. Using QR codes to link participants to specific wearable devices to ensure that participant names and study record IDs would not be shared. “A large part of our job […]

[…] on the value of data for research and strategies for oversight. FPF has shared model bill language with lawmakers developing comprehensive privacy laws in California, Washington, and Virginia to encourage them to both protect data-driven research and create oversight by requiring it to be approved, monitored, and governed by an independent oversight entity. Exploring […]

[…] and scientific research, the EDPS recommends intensifying the dialogue between DPAs and ethical review boards for a common understanding of which activities qualify as scientific research, on codes of conduct for scientific research, and on closer alignment between EU research framework programs and data protection standards. In his keynote comments, the EDPS discusses the […]

[…] privacy when developing network protocols. Figure 1 – Overview of P802E applications (slide from the presentation by Jerome Henry) The purpose of the P802E recommendation is ‘to promote a consistent approach by IEEE 802 protocol developers to mitigate privacy threats identified in the specified privacy threat model and provide a privacy guideline.’  In order […]

[…] there is no immediate solution to provide an alternative lawful mechanism for transfers. The other options provided by the GDPR, like Binding Corporate Rules, certification mechanisms and Codes of Conduct (CoC) take a long time to be approved by Data Protection Authorities and very few are in place (particularly BCRs; there are currently no […]