Singapore Joins the Accountability-based APEC System

While companies work to comply with the General Data Protection Regulation (GDPR), the European law that takes effect on May 25, it is important to remember that countries in other parts of the world also are adopting new approaches to information privacy protection. Companies that plan to do business in new markets should take note of these and understand that the steps they take to comply with the GDPR – particularly with respect to accountability – can lay the groundwork for compliance in other regions. On March 6, 2018, Singapore’s Ministry of Communications and Information announced that Singapore has joined the APEC Cross-border Privacy Rules (CBPR). The APEC CBPR system…

READ MORE

New Guidance about Transparency: Notices Must Be Accurate, Clear and Easy To Locate

Important guidance about the General Data Protection Regulation’s (GDPR) transparency requirements has been released from Europe. The Article 29 Working Party, an advisory body that oversees data protection in the EU, issued a paper that provides practical guidance and clarity about the obligations of data controllers with respect to informing individuals about the collection, use and protection of their data. The GDPR requires that notices must: be concise, transparent, intelligible and easily accessible (Article 12.1); use clear and plain language (Article 12.1); the requirement for clear and plain language is of particular importance when providing information to children (Article 12.1); be provided in writing “or by other means, including where…

READ MORE

U.S. Regulators Convene Workshop on Privacy Risks and Harms

Compliance with the European Union’s General Data Protection Regulation (GDPR), scheduled to take effect in May 2018, has taken center stage for companies. But it is important to remember that regulators in the U.S. continue their own work to protect the privacy interests of consumers. The Federal Trade Commission (FTC) took the spotlight on December 12, 2017, when it hosted a one-day workshop titled “Informational Injury” in Washington DC. The event brought together a variety of stakeholders – including industry representatives, consumer advocates, academics and government researchers – to discuss issues related to the injuries consumers suffer when information about them is misused. In opening remarks, Acting FTC Chairwoman…

READ MORE

The Five Essential Elements of Accountability Under the GDPR Every Business Should Know

The General Data Protection Regulation (GDPR), which comes into effect in May 2018 (only six months from now) has been the subject of countless conference discussions, press stories, and company meetings about the challenges of compliance. The GDPR is a lengthy and complex read, and its requirements – ranging from detailed consent requirements to the need to conduct data protection impact assessments – can seem daunting. What is often lost in the concern about specifics is that the most important change the GDPR represents is the shift in thinking it requires. The GDPR provides that companies change their mindset from one of “check-box” compliance to accountability. It requires…

READ MORE

Achieved Compliance Participates in the 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong

Last month, Achieved Compliance attended the 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong. Stephen Kai-yi Wong, Privacy Commissioner for Personal Data, Hong Kong, hosted the event, which was attended by over 3,000 data protection authorities, privacy professionals, industry representatives and non-governmental organizations. The Commissioners’ Conference convenes annually and offers one of the best opportunities to learn not only about the current state of data protection law, but to understand what is top-of-mind for regulators and what new challenges they see on the horizon. Among its goals is to promote and enhance personal data protection and privacy rights around the world, and to provide a forum…

READ MORE