EU Data Privacy Reform Update: Make Mine A Skinny To Go…

Posted · Add Comment

“…simplicity and flexibility are key…” if the new EU Regulation is to work as a long term framework for the protection of privacy rights, according to the European Data Protection Supervisor (EDPS). The EDPS strongly advocates a simple and clear text to enable controllers to easily understand their obligations, and its’ proposed text is 30% […]

EU General Data Protection Regulation: one small step for privacy, or a giant leap?

Posted · Add Comment

In our blog post of 16 January 2015 HireRight reported on the progress of the EU data privacy reforms.  Excitingly, the Council of the European Union (“Council”) met their self-declared deadline of agreeing a general approach on the General Data Protection Regulation (“Regulation”) and announced on 15 June 2015 that “we have moved a great […]

Bulletin: Legal & Compliance – Binding Corporate Rules: a brave new world for data processors?

Posted · Add Comment

On 28th January 2015, the U.K. Information Commissioner’s Office (“ICO”) has cleared binding corporate rules (“BCRs”) in respect to First Data Corp., a global electronic commerce and payment card processing company.  This is the first time the ICO has authorised BCRs for a data processor and the UK is only the third member state to […]

Bulletin: Legal & Compliance – Singapore: how to notify individuals of the purposes of collection, use and disclosure of personal data

Posted · Add Comment

Since the Personal Data Protection Act 2012 (“PDPA”) came into force the principle of “notification” of individuals has been enshrined in the law.  However, the PDPA remained silent on how an organisation should achieve compliance. On September 11 2014 the Personal Data Protection Commission (“PDPC”) issued a “Guide to Notification” for organisations to follow in […]