Privacy Shield up and running
On 12 July 2016 the European Commission adopted a decision under Directive 95/46/EC on the adequacy of the protection provided by the EU–US Privacy Shield, confirming that entities operating in the United States that meet the conditions specified in the Privacy Shield programme will be deemed to provide an adequate level of protection of personal data. This means that it will be permissible to forward personal data to such entities without the need to apply other mechanisms to ensure adequate protection of the data, such as binding corporate rules or approval of the data protection authority.
New era for personal data protection
Work is underway on a General Data Protection Regulation for the EU. The changes expected in the new legislation will be important for outsourcing companies. Among the planned changes, there will be severe sanctions for violation of data protection regulations.
Transfer of personal data to the United States: Privacy Shield v Safe Harbour
Invalidation of the Safe Harbour decision created a gap in the system for transfer of data from Europe to the US. The question arose of how to evaluate the legality of existing data transfer practices based on Safe Harbour, and what rules to apply in the resulting vacuum.
End of the Safe Harbour programme: What next?
The Court of Justice has issued a judgment invalidating the European Commission’s Safe Harbour decision. This means that participation in the Safe Harbour programme by US entities is no longer grounds for European companies to transfer personal data of EEA citizens to the United States.
Drones and data protection
The increasing commercial use of drones raises legal aspects of the operation of unmanned aerial vehicles. In this article we focus on one of the most hotly debated legal issues related to drones: the use of drones in light of regulations on protection of personal data.
New Council of Europe recommendation on processing of employee’s personal data in light of new technologies
The new recommendation on processing of data for purposes of employment is designed to meet challenges posed by greater digitisation.
Protection of personal data in internal investigations
Poland’s data protection regulations do not directly address internal investigations, but that does not mean they do not apply. In fact they can play a major role in drawing the line between lawful and unlawful investigative measures.
The new EU data protection framework and medical research
The EU’s proposed General Data Protection Regulation has raised issues about the impact that new privacy protections may have on how clinical trials are conducted and information about patients is used for research purposes. Sylwia Paszek of Wardyński & Partners discussed concerns about the draft regulation in an interview by Simon Fuller.
Consultation concerning intended redundancies and personal date protection
When an employer consults with a trade union concerning the intention to lay off workers, it is easy to run afoul of data protection regulations.
How many real changes in the Personal Data Protection Act?
A banner was posted at the beginning of 2012 on the website of Poland’s Inspector General for Personal Data Protection—”Notice: Change of law!”
New cookie regulations
Zgoda na instalację cookies – domyślna, świadoma czy wymagana każdorazowo? Zmiana dyrektywy o e-prywatności może przysporzyć sporo kłopotu polskiemu ustawodawcy.
Amendment of Personal Data Protection Act
The Polish Inspector General for Personal Data Protection will have authority to impose fines for failure to comply with data protection orders. The ability to withdraw consent to processing of personal data has also been clarified.