Some notes and links pertaining to the GDPR, here’s the text of the Law.
REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
of 27 April 2016
on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
- http://www.eugdpr.org/, claims to be a resource to educate the public about the main elements of the General Data Protection Regulation (GDPR)
- This article, entitled Impact of the European General Data Protection Regulation (GDPR) on Adequacy and 5 Tips to Weather the Changes at “Privacy and Cyber Security Law, argues that none of the adequacy decisions can be assumed to stand since the criteria are stricter or at least different in the 2016 Law.
The Article 29 Working Party
- Article 29 Working Party at europa.eu
- A29WP on the US Privacy Regime, they have some improvements they’d like to see
(I spoke to the ICO helpline which said that Iceland would be a permitted target for transfer. This page, The Basic Features of the EEA Agreement, describes the EEA and makes it clear that Data Protection is a single market issue. Iceland is in!
The European Council
- Convention 108 of the European Council, text.
- Council of Europe’s Data Protection home page
- ARS Technica reports on the CJEU striking down Safe Harbour
- I review the Safe Harbour ruling on my blog
- I review the Safe Harbour ruling at Linkedin, and Citihub.
- The Privacy Shield by the US Federal Government.
- A press release on the EU declaring the US Privacy Shield to be adequate and the text of the declaration
- The Register on the A29WP objections to the Privacy Shield
- Report to the Commission on the state of India’s DP Laws.
- Commentary from the Delhi Law University on India’s preparedness for EU designation as safe for personal data.
- http://ec.europa.eu/justice/data-protection/document/studies/files/new_privacy_challenges/final_report_country_report_b2_australia.pdf, are not deemed adequate