Search results

[…] facing activities, including the completion of DPIAs, dissemination of information about data subjects’ rights, and upskilling of DPOs and other privacy professionals. DPAs will also seek to promote the approval and adoption of Codes of Conduct (CoCs) and certification mechanisms as ways to enable organizations to easily demonstrate compliance with the EU’s privacy acquis. […]

[…] to clarify when and how PETs should be deployed in different scenarios to ensure compliance with privacy laws; and providing tailored advice to lawmakers that wish to promote the use of PETs for the pursuit of public interest tasks and the responsible use of data.  On this note, Gilad Semama noted that PETs seem […]

[…] is going on in youth & education privacy today…What’s one thing that you are optimistic or encouraged about? I am encouraged by the move to age-appropriate design codes in some jurisdictions since it should lead to more products mapping better to the expectations of parents, educators, and children. What’s one thing that you are […]

[…] risks’ (which trigger a set of stringent obligations, including conducting a CA), ‘limited risks’ (with associated transparency obligations), to ‘minimal risks’ (where stakeholders are encouraged to build codes of conduct). The draft AIA is being introduced in an already existing system of laws that regulate products and services intended to be placed on the […]

[…] the disclosure of personal data held by certain regulated entities (e.g., providers of financial services, medical practitioners), the PDP Commissioner has approved and registered seven Personal Data Codes of Practice, which provide more detailed requirements for entities in certain sectors to comply with the PDPA. These sectors include: insurance and takaful;  banking and finance;  […]

[…] the Act. The Act also empowers the Commissioner to, firstly, investigate complaints regarding entities’ privacy practices, resolve disputes, and issue binding compliance notices, and secondly, issue binding codes of practice in relation to specific sectors or classes of personal information.  In 2012, New Zealand also became one of the few jurisdictions in APAC that […]

[…] regulator may reduce the fine. Additionally, the ICO is bound by national law to assess the fine’s broader economic impact, as it must consider the desirability of promoting economic growth. Thus, before issuing a fine and when deciding on its amount, it will consider its economic impact on the wider sector where the infringer […]

[…] and unnecessary compliance costs due to contradictory requirements in Asia Pacific. Modern data protection laws should shift the onus of data protection from users to organizations, by promoting an accountability-based approach to data protection over a “consent-centric” one. Different avenues may be used to rebalance consent and privacy accountability in APAC, including through concepts […]

[…] trend to modernize their regulatory approach, several of them proposing sandboxes (e.g., the CNIL and the Norwegian DPA), and pushing for more self-regulation, like the adoption of Codes of Conduct. DPAs also plan on dedicating efforts to make GDPR compliance work in practice on a large scale by targeting the empowerment of DPOs and […]

[…] Using a researcher-friendly version of Empatica’s E4 device that prevents the collection of geolocation data, IP address, or mobile International Mobile Equipment Identity (IMEI) identifiers. Using QR codes to link participants to specific wearable devices to ensure that participant names and study record IDs would not be shared. Learn more about the project, including […]