current trends in data protection law
play

Current Trends in Data Protection Law Berlin, 05 th December 2013 - PowerPoint PPT Presentation

Nov 24, 2022 •472 likes •725 views

Current Trends in Data Protection Law Berlin, 05 th December 2013 Dr. Annette Demmel Matei Ujica, LL.M. 37 Offices in 18 Countries 39 Offices in 19 Countries Who we are Dr. Annette Demmel Matei Ujica, LL.M. 2 and where we are We are

  1. Current Trends in Data Protection Law Berlin, 05 th December 2013 Dr. Annette Demmel Matei Ujica, LL.M. 37 Offices in 18 Countries 39 Offices in 19 Countries

  2. Who we are… Dr. Annette Demmel Matei Ujica, LL.M. 2

  3. … and where we are We are sitting here… … and have a view of one of the largest construction sites in Berlin Unter den Linden, Subway line U55 3

  4. Planned EU Data Protection Reform  How important is it for you that your personal information is Original draft of the Commission protected in the same way regardless in which EU country these dated 25 January 2012, information is collected and processed? amended by Parliament on 21 October 2013  EU Basic Regulation shall be directly applicable in all Member States  Date of entry into force still unknown, prospectively in 2014  Objective: Adjustment of EU data protection law to the Internet age  Affected: All citizens and companies as well as public authorities Source: European Commission, Eurobarometer 74.3, Results for 4 Germany, Attitude towards data privacy and electronic identity in the European Union

  5. Scope of Application • Content:  All automated processing of personal data is covered  Saving in filing systems • Personal:  Applicable for those individuals responsible for the processing (whoever makes decisions concerning the purposes, conditions and means of processing)  Applicable for commissioned data processors (whoever processes data on behalf of the responsible individual) • Territorial: Responsible bodies Responsible bodies outside of the within the EU, EU provided that the independent of whether concerned individual is based the data is processed in the EU and the processing serves the purpose of • Offering such individual goods and services in the EU or • Observing the individual’s behavior. 5

  6. Complete Harmonization? • Health data • Employment relationship Specific Exemptions • Processing by public Intended authorities • Other reasons of public interest 6

  7. Permissible Data Processing Processing special personal The processing of personal data principally data is permissible impermissible. • To the extent required for • Exceptions: • Fulfilling a contract with • Employment relationship the concerned individual; • Execution of a contract • Fulfilling a statutory with the concerned obligation; individual • Protecting vital interests of the concerned individual; • Performing a public task; • Safeguarding legitimate interests of the responsible individual provided such interests are not outweighed by the interests or basic rights of the concerned individual. Consent ?…. 7

  8. Consent Would you prefer that your explicit consent is obtained before personal information is collected and processed? 8 Source: European Commission, Eurobarometer 74.3, Results for Germany, Attitude towards data privacy and electronic identity in the European Union

  9. Consent  Data processing can in principle be based on consent  Exceptions o Consent within the context of an employment relationship only valid if voluntary o Other EU or national regulations can exclude such consent  Responsible body has burden of proof  If consent is given in writing, it must be clearly separate from the remaining text Text: blabla blabla blabla blabla blabla blabla blabla blabla blabla blabla blabla blabla blabla blabla blabla Consent: I consent to my personal data ….. 9

  10. Duties Privacy by design: Technical procedures are to be used, which offer the concerned individual the greatest amount of protection • e.g. Privacy by default settings for social networks Documentation • Replaces the general reporting obligations concerning data processing to the authorities; • Does not apply for companies, which do not process the data of more than 5,000 concerned individuals per year ! Children Observance of data protection standards Notification of public authorities and concerned individual of data protection violations Data protection – Risk analysis of certain activities Appointment of a company data protection officer • If the data of more than 5,000 concerned individuals is processed within one year 10

  11. Rights of the Concerned Individual If you decide to change the internet service provider or terminate the relationship how important is it for you that your personal information from this service may be transferred to another service? Source: European Commission, Eurobarometer 74.3, Results for Germany, Attitude towards data privacy and electronic identity in the European Union 11

  12. Rights of the Concerned Individual Right to object Right to data portability Right to “be • Right to demand a copy of the processed data in forgotten” a common format • Concerned individual can demand the deletion of his data and omission of any further processing 12

  13. Sanctions  Original requirement:  Monetary fine of up to EUR 1 million or 2 % of the annual worldwide turnover for severe breaches  New draft provides for higher fines of up to EUR 100 million and 5 % of the annual turnover worldwide 13

  14. PRISM & Co. According to an article in The Washington Post, the US National Security Agency has supposedly broken data protection rules thousands of times each year since 2008 or overstepped its authority. This was reported by the newspaper with reference to an internal investigation of the NSA and other strictly confidential documents. The newspaper received such documents during the summer from the former NSA employee Edward Snowden. 14 Quelle: Spiegel Online

  15. PRISM & Co. Press release of the German data protection authorities dated 24 July 2013: • For the time being, no new authorizations for data transfers to the USA, particularly for certain cloud services Excursus: How does the US transfer function under German law? Work arounds? • Investigation announced whether all transfers on the basis of Safe Harbor and EU standard contractual clauses are faulty (completion expected by the end of 2013) 15

  16. Excursus: How does the data transfer function in other countries? Two-step Assessment: Step 1: Data transfer from one company to another • Must be justified by particular interests • Interest in the transfer must be greater than the right of the concerned individual to exclusion of the transfer Step 2: Reasonable level of protection in the recipient country a) Exists in the EU, the EEA (Norway, Liechtenstein, Iceland) b) Exists in Canada, Switzerland, Argentina, Israel, Guernsey, Andorra, Faroe Islands, Australia, Isle of Man, Jersey, Uruguay, New Zealand c) Exists for Safe Harbor certification in the USA plus diverse and regular confirmations d) Exists for the stipulation of EU standard contractual clauses e) Exists in the case of agreement of binding corporate rules (for intra-group transfers) Transfers according to a) - d) are principally not subject to authorization – If a company data protection officer has been appointed and – Has assessed the data processing in advance and endorsed it 16

  17. Excursus: Safe Harbor from a German Perspective  Data protection authorities have already been demanding the regular review of the guarantees of US importers by German companies since 2010  PRISM has further increased the skepticism of the authorities  Politicians are demanding the renegotiation of the Safe Harbor Agreement  EU Commission is currently assessing a suspension of the agreement 17

  18. Cloud: Requirements of the German Authorities in 2011 • Resolution of the 82 nd conference on 28/29 September 2011: Data protection compliant design and use of Cloud computing services • Requirements for the use:  The duties of the responsible bodies must continue to be fulfilled,  The implementation of the data protection and IT security requirements has to have been reviewed • Which data protection and IT security requirements are to be reviewed?  Confidentiality  Integrity  Availability  Checkability  Transparency  Ability to influence the data processing. • Requirement in the resolution: The management of the body processing the data must continue to be able to bear responsibility for its own data processing. 18

  19. Cloud: Implementation of the Requirements from 2011 Cloud users should demand • Provision of straightforward, transparent and detailed information on the – Technical and organizational measures including security concepts and – Legal framework conditions. • Conclusion of transparent, detailed and clear contractual regulations, in particular concerning the – Location of the data processing, – Notification of any change of location, – Portability, – Interoperability, – Implementation of the agreed IT security and data protection measures => Current and persuasive proof (e.g. certificates of recognized and independent audit organizations) 19

  20. Cloud: Help with Implementation Paper: Guidance – Cloud Computing of the Technology and Media Task Force of the Conference of Data Protection Officers of the Federal and State Government Version 1.0 Effective date: 26 September 2011 http://www.datenschutz-bayern.de/technik/orient/oh_cloud.pdf 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Collateral Protection for Collateral Protection for Financial Assets: Current Legal Trends Best

Collateral Protection for Collateral Protection for Financial Assets: Current Legal Trends Best

Presenting a live 90 minute webinar with interactive Q&A Collateral Protection for Collateral Protection for Financial Assets: Current Legal Trends Best Practices for Protecting Collateral in a Post Lehman and MF Global World TUES DAY,

545 views • 30 slides
EU Data Protection Compliance Trends - What US Companies Need to Know 30 January 2013 Session

EU Data Protection Compliance Trends - What US Companies Need to Know 30 January 2013 Session

EU Data Protection Compliance Trends - What US Companies Need to Know 30 January 2013 Session Contents Why European data protection rules matter and an introduction to the main privacy rules Transferring data outside of Europe

510 views • 40 slides
Data Protection Reform preparing for the General Data Protection Regulation By Philip Brining

Data Protection Reform preparing for the General Data Protection Regulation By Philip Brining

Data Protection Reform preparing for the General Data Protection Regulation By Philip Brining Data Protection People 18 th April 2016 Agenda Introduction Current Rules (DPA 98 & PECR) Overview of GDPR Business-wide impact Practical

479 views • 28 slides
The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data

The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data

The Data Protection Landscape Before and aft fter GDPR: General Data Protection Regulation Data Protection regulations across Europe Current regulations & guidance European Directives 95/46/EC (Data Protection) and 2002/58/EC

440 views • 19 slides
Current Trends and Issues in Current Trends and Issues in Public Warning Public Warning

Current Trends and Issues in Current Trends and Issues in Public Warning Public Warning

I nternational Telecom m unication Union ITU-T Keynote Address Geneva, 19 Oct 2006 Current Trends and Issues in Current Trends and Issues in Public Warning Public Warning Activities in the Private S ector Tony Rutkowski, VeriS ign VP

579 views • 13 slides
Current Trends in Data Storage Backup and Restoration February 13, 2003 Tom Coughlin Coughlin

Current Trends in Data Storage Backup and Restoration February 13, 2003 Tom Coughlin Coughlin

Current Trends in Data Storage Backup and Restoration February 13, 2003 Tom Coughlin Coughlin Associates www.tomcoughlin.com Outline Storage Demand Drivers Backup and Recovery Trends Major Trends in Backup Storage Hierarchy

984 views • 65 slides
GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data Protection Regulation Came into force on May 25 th Replaces the current 1995 Data Protection Directive and Data Protection Act (1998). What is GDPR?

570 views • 18 slides
5 THINGS HR MUST DO IN THE ROLE OF THE DATA PROTECTION OFFICER GILLIAN ACHESON DATA PROTECTION

5 THINGS HR MUST DO IN THE ROLE OF THE DATA PROTECTION OFFICER GILLIAN ACHESON DATA PROTECTION

5 THINGS HR MUST DO IN THE ROLE OF THE DATA PROTECTION OFFICER GILLIAN ACHESON DATA PROTECTION DEIRDRE ALLISON RECORDS MANAGEMENT YEARN2LEARN TRAINING GENERAL DATA PROTECTION REGULATION What is it? GDPR represents the most significant

172 views • 14 slides
Transplant trends: Current data and statistics Sommer Gentry, Ph.D. Department of Mathematics,

Transplant trends: Current data and statistics Sommer Gentry, Ph.D. Department of Mathematics,

Transplant trends: Current data and statistics Sommer Gentry, Ph.D. Department of Mathematics, USNA and Department of Surgery, Johns Hopkins University Disclosure Information I have no conflicts of interest to disclose. My research is

711 views • 70 slides
Data Metrics and Current Inspection Trends Jenny Hantzinikolas Director, Inspections,

Data Metrics and Current Inspection Trends Jenny Hantzinikolas Director, Inspections,

Data Metrics and Current Inspection Trends Jenny Hantzinikolas Director, Inspections, Manufacturing Quality Branch Medical Devices and Product Quality Division, TGA International Regulatory Convergence for MTP GMP Overview Close out

648 views • 18 slides
Social Protection in Africa: Trends, Challenges and Opportunities Keynote Presentation 28 th

Social Protection in Africa: Trends, Challenges and Opportunities Keynote Presentation 28 th

#ZS ZSPW2017 Social Protection in Africa: Trends, Challenges and Opportunities Keynote Presentation 28 th November, 2017 2017 Social Protection Week Zambia New Government Complex Remarkable transformation of African Social Protection

434 views • 28 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
Data Protection & Availability Kaushal Devater Data Protection & Availability Discipline

Data Protection & Availability Kaushal Devater Data Protection & Availability Discipline

Plan & Deploy Data Protection & Availability Kaushal Devater Data Protection & Availability Discipline Lead - RDC Planning & Deploy Data Protection & Availability Industry Typical Data Retention Requirements Patient

662 views • 9 slides
Trends in Gold Transaction Values 2014-17 Current Trends in Mining Finance New York SME

Trends in Gold Transaction Values 2014-17 Current Trends in Mining Finance New York SME

Trends in Gold Transaction Values 2014-17 Current Trends in Mining Finance New York SME Conference William E. Roscoe and Paul Chamois RPA Inc. May 2, 2017 Toronto Denver London Vancouver Quebec City Rock Solid Resources. Proven

610 views • 22 slides
Data protection in the EU Area of Data protection in the EU Area of ection tection freedom,

Data protection in the EU Area of Data protection in the EU Area of ection tection freedom,

isor visor Superv Super Data protection in the EU Area of Data protection in the EU Area of ection tection freedom, security and justice under the Lisbon Treaty d th Li b T t ta Prot ta Pro ean Da an Da Bndicte Havelange

739 views • 10 slides
Processor Architecture: Current Trends A B Transfer a truckload at a time from A to B Processor

Processor Architecture: Current Trends A B Transfer a truckload at a time from A to B Processor

Processor Architecture: Current Trends A B Transfer a truckload at a time from A to B Processor Architecture: Current Trends A B Make it more powerful Faster: Engine, Lighter, Wheels, .. Bigger: More work per trip Processor

446 views • 10 slides
Automatically Determining Review Helpfulness Hyung Yul Choi Advisor: Kristina Striegnitz

Automatically Determining Review Helpfulness Hyung Yul Choi Advisor: Kristina Striegnitz

Automatically Determining Review Helpfulness Hyung Yul Choi Advisor: Kristina Striegnitz Motivation Too many reviews Automatically find the helpful reviews Goal Determining the features of reviews Learning algorithm for

455 views • 14 slides
Supporting Children with their Reading and Writing Year 1 Tuesday 13th November 2018 Reading :

Supporting Children with their Reading and Writing Year 1 Tuesday 13th November 2018 Reading :

Supporting Children with their Reading and Writing Year 1 Tuesday 13th November 2018 Reading : Word Reading Learning objectives Use phonic knowledge as the route to decode words. Read accurately by blending sounds, e.g. c-a-t Read

690 views • 20 slides
Learning in Year 2 Elephant Class September 2018 What we learn All subjects in the National

Learning in Year 2 Elephant Class September 2018 What we learn All subjects in the National

Learning in Year 2 Elephant Class September 2018 What we learn All subjects in the National Curriculum English speaking and listening, reading and writing Maths Science Art and design, computing, design technology,

333 views • 12 slides
Routes 2 Roots dreams of a peaceful world co-existing with diverse cultures, ruled by harmony.

Routes 2 Roots dreams of a peaceful world co-existing with diverse cultures, ruled by harmony.

The worlds largest interactive digital program of teaching performing arts with global reach An Initiative of Routes2Roots NGO twitter.com/Routes2RootsNGO Routes2Roots twitter.com/virsar2r virsabyroutes2roots.blogspot.in R-19 LGF , Hauz

323 views • 17 slides
DEFAMA Deutsche Fachmarkt AG June 2020 EQUITY STORY In order to build up a longterm

DEFAMA Deutsche Fachmarkt AG June 2020 EQUITY STORY In order to build up a longterm

Company Presentation DEFAMA Deutsche Fachmarkt AG June 2020 EQUITY STORY In order to build up a longterm portfolio, DEFAMA seeks and acquires: Wellestablished retail parks and small shopping centres With at least two chain

461 views • 28 slides
YOUR GLOBAL LEADING SOLAR PLATFORM JF4S - Exclusive Country Market Analysis: KINGDOM OF SAUDI

YOUR GLOBAL LEADING SOLAR PLATFORM JF4S - Exclusive Country Market Analysis: KINGDOM OF SAUDI

YOUR GLOBAL LEADING SOLAR PLATFORM JF4S - Exclusive Country Market Analysis: KINGDOM OF SAUDI ARABIA (KSA) Presentation @ KSA: Solar Industry Briefing and Networking, Business Meeting and 8th Business Development Forum Riyadh, May 8, 2018

448 views • 19 slides
Gender aspects for urban traffic planning 26 th ICTCT-Workshop in Maribor October 24th & 25th

Gender aspects for urban traffic planning 26 th ICTCT-Workshop in Maribor October 24th & 25th

Gender Mainstreaming and urban traffic planning Gender aspects for urban traffic planning 26 th ICTCT-Workshop in Maribor October 24th & 25th 2013 October 24th & 25th 2013 Dipl.-Ing. Gisela Stete Dipl.-Ing. Gisela Stete, University of

540 views • 20 slides
Work Cultures in Multimedia Production Hilda Tellioglu & Ina Wagner Vienna University of

Work Cultures in Multimedia Production Hilda Tellioglu & Ina Wagner Vienna University of

ALP-IS - 19-22.2.2005 - Carisolo ALP-IS - 19-22.2.2005 - Carisolo Work Cultures in Multimedia Production Hilda Tellioglu & Ina Wagner Vienna University of Technology Multidisciplinary Design Group http://media.tuwien.ac.at 1 Contents

271 views • 26 slides

More recommend