The EU-US Privacy Shield program was launched in early 2019 primarily as a response to two external causes; the ruling by the Court of Justice of the European Union (CJEU) which invalidated the Safe Harbour program in 2015, and the enactment of the General Data Protection Regulation (GDPR) introduced by the European Union in 2018.
Category: GDPR
Delve into GDPR compliance essentials—from lawful processing and data subject rights to cross-border transfers and regulatory updates. Stay informed with practical guides and expert insights to enhance your EU-focused data privacy strategy.
-
How to Become EU-US Privacy Shield Self-Certified
The latest in data privacy frameworks have come in the form of the EU US privacy shield. This framework has come about as a response to the EU General Data Protection Regulation (GDPR). The framework has been decided to meet the adequacy determination of the European commission, and now the transfer of personal data from the EU to the US can be made easier if US organizations choose to join the privacy shield framework.
-
What is EU-US Privacy Shield and Why Does it Exist?
More customers are becoming aware of data privacy when engaging with businesses online. With data breaches on the increase, many customers face issues regarding the adequate protection of personal data, especially following the event of a data breach or cyberattack. In a report given by RAND corporation, it was found that 11 percent of customers would change organization, and 23 percent would give the existing organization less business. These realities have spawned an ecosystem of regulation and data privacy awareness.
-
What GDPR Means for These Five Industries
The General Data Protection Regulation (GDPR) came into effect last year giving pressure to data brokers and tech firms to adequately protect, process and store customer information. Developed by the European Parliament and the Council of the European Union, the new EU data regulation laws threaten businesses with hefty fines of roughly 20 million euros or four percent of their turnover should they fail to adhere to the new legislation geared towards giving people more control over their personal information.
-
What Is Considered PII Under GDPR?
There has often been confusion around what is Personally Identifiable Information under GDPR and how businesses can protect themselves against getting hit with a fine for lack of compliance. At times though it is difficult to distinguish what personally identifiable information (PII) is in general and what your business needs to do to remain compliant. Thankfully, we’ve created this comprehensive guide that can help you understand what PII is and how you can maintain compliance with GDPR’s rules that pertain to PII.
(more…) -
The Future of Data Privacy in the US
In 2019, data privacy was a big topic of discussion for everyone from the regular Joe/Jane user to the Supreme Court and the European Union. Now that we have crossed over the bridge to 2020, data privacy in the U.S. is about to become just as important as data security.
(more…) -
Data Protection & Social Media: How GDPR Influences Today’s Social Media Platforms
Roughly 57% of the global population now have access to the internet. While being connected to the largest database in the world does bring a host of advantages, it does come at a price. Recent statistics revealed that about 53% of online users are currently more concerned about their online privacy compared to a year ago.
-
Active Consent Required for Storing Cookies in the EU
The Court of Justice of the European Union has ruled that website users must give active consent for cookies to be stored on their equipment.
The European Union’s Ruling
The European Union Court Rules that Active Consent is Required for Storing Cookies.
Big changes with regard to privacy are coming out of the EU. A press announcement from the Court of Justice of the European Union reveals that active consent is required by internet users for strong cookies to be placed on their equipment. The court ruled that active consent is not a pre-checked box that the user must deselect in order to refuse his or her consent.
This ruling was the judgment in Case C-673/17, Bundesverband der Verbraucherzentralen und Verbraucherverbände ? Verbraucherzentrale Bundesverband eV v Planet49 GmbH.
Cookies, of course, are files that websites store on the site user’s computer that the website provider can access when the user visits the website again. The purpose is to facilitate transactions or navigation of the site or to access information about the user’s behavior.
Whether or not the information stored or accessed on the user’s equipment is personal data does not affect the decision.
The Court stated that consent must be specific. Therefore, a user selecting a button to participate in, say, some sort of promotion does NOT mean that the user gave his or her consent to the storage of cookies.
In addition, the Court decided that website service providers must inform users of the duration of the operation of cookies and whether or not third parties may have access to those cookies.
Want to learn more about compliance with EU regulations like GDPR? Contact RSI Security today.
-
Challenges of Managing Personally Identifiable Information
It’s difficult in the current technological environment to determine what falls under private or personal information, especially considering how many social media platforms exist. People post a plethora of information about themselves causing the concept of privacy to become skewed. All of this information provides companies with a window into the consumers’ minds and consequently their wallets. But, with information collection comes the responsibility to protect personal data from malicious individuals.
-
Which Industries Are Most Affected By GDPR?
Since the General Data Protection Regulation (GDPR) was enforced on May 25, 2018, many have complied with it lest they face unprecedented non-compliance fines and other consequences. GDPR, at its core, is the new set of rules designed for EU individuals to give them more control over their data. Its objective is to make the regulatory environment simple so that both businesses and their customers in the EU can ultimately benefit from the digital economy.
In this article, we’ll be tackling the top industries affected by GDPR, the challenges that they face since the regulation has come into effect over a year ago, and the benefits they receive from this data privacy law. These industries are the following: social media, online retail, digital banking, cloud computing, and healthcare.