From May 2018, the General Data Protection Regulation 2016/679 (GDPR) replaces the Data Protection Directive 95/46/EC, representing a significant overhaul of data protection law in the European Union. Applicable to all EU Member States, the GDPR's relevance spans not only organizations operating within the EU, but also those operating outside the EU. This commentary, published in association with German Law Publishers, provides a detailed look at the individual articles of the GDPR and is an essential resource aimed at helping legal practitioners prepare for compliance. Content includes: full text of the GDPR's articles and recitals, article-by-article commentary explaining the individual provisions and elements of each article; a general introduction to data protection law with a focus on issues such as: how to adapt a compliance management programme; whether or not to appoint a data protection officer; 'privacy by design' and 'privacy by default'; the consequences of non-compliance with the GDPR; data portability; and, the need for data protection impact assessments, a detailed index. In addition to lawyers and in-house counsel, this book is also suitable for law professors and students, and offers comprehensive coverage for law professors and students, and offers comprehensive coverage of this increasingly important area of data protection legislation. Book jacket.
This new book provides an article-by-article commentary on the new EU General Data Protection Regulation. Adopted in April 2016 and applicable from May 2018, the GDPR is the centrepiece of the recent reform of the EU regulatory framework for protection of personal data. It replaces the 1995 EU Data Protection Directive and has become the most significant piece of data protection legislation anywhere in the world. The book is edited by three leading authorities and written by a team of expert specialists in the field from around the EU and representing different sectors (including academia, the EU institutions, data protection authorities, and the private sector), thus providing a pan-European analysis of the GDPR. It examines each article of the GDPR in sequential order and explains how its provisions work, thus allowing the reader to easily and quickly elucidate the meaning of individual articles. An introductory chapter provides an overview of the background to the GDPR and its place in the greater structure of EU law and human rights law. Account is also taken of closely linked legal instruments, such as the Directive on Data Protection and Law Enforcement that was adopted concurrently with the GDPR, and of the ongoing work on the proposed new E-Privacy Regulation.
The updated second edition of the bestselling guide to the changes your organisation needs to make to comply with the EU GDPR. “The clear language of the guide and the extensive explanations, help to explain the many doubts that arise reading the articles of the Regulation.” Giuseppe G. Zorzino The EU General Data Protection Regulation (GDPR) will supersede the 1995 EU Data Protection Directive (DPD) and all EU member states’ national laws based on it – including the UK Data Protection Act 1998 – in May 2018. All organisations – wherever they are in the world – that process the personal data of EU residents must comply with the Regulation. Failure to do so could result in fines of up to €20 million or 4% of annual global turnover. This book provides a detailed commentary on the GDPR, explains the changes you need to make to your data protection and information security regimes, and tells you exactly what you need to do to avoid severe financial penalties. Product overview Now in its second edition, EU GDPR – An Implementation and Compliance Guide is a clear and comprehensive guide to this new data protection law, explaining the Regulation, and setting out the obligations of data processors and controllers in terms you can understand. Topics covered include: The role of the data protection officer (DPO) – including whether you need one and what they should do.Risk management and data protection impact assessments (DPIAs), including how, when and why to conduct a DPIA.Data subjects’ rights, including consent and the withdrawal of consent; subject access requests and how to handle them; and data controllers’ and processors’ obligations.International data transfers to “third countries” – including guidance on adequacy decisions and appropriate safeguards; the EU-US Privacy Shield; international organisations; limited transfers; and Cloud providers.How to adjust your data protection processes to transition to GDPR compliance, and the best way of demonstrating that compliance.A full index of the Regulation to help you find the articles and stipulations relevant to your organisation. New for the second edition: Additional definitions.Further guidance on the role of the DPO.Greater clarification on data subjects’ rights.Extra guidance on data protection impact assessments.More detailed information on subject access requests (SARs).Clarification of consent and the alternative lawful bases for processing personal data.New appendix: implementation FAQ. The GDPR will have a significant impact on organisational data protection regimes around the world. EU GDPR – An Implementation and Compliance Guide shows you exactly what you need to do to comply with the new law.
Now in its third edition, this invaluable handbook offers practical solutions to issues arising in relation to data protection law. It is fully updated and expanded to include coverage of all of the significant developments in the practice of data protection, and takes account of the wealth of guidance published by the Information Commissioner since the last edition. The third edition includes new material on the changes to the Commissioner's powers and new guidance from the Commissioner's office, coverage of new cases on peripheral aspects of data protection compliance and examples of enforcement, the new code on CCTV processing, the new employment code, clarification on the definition of "personal data", the binding corporate rules on the exemption to the export data ban and the new ICT set of model contractual provisions for data exports, and the proposed action by the EU against the UK for failing to implement the Data Protection Directive appropriately. There are new chapters on terminology and data security.
This book provides expert advice on the practical implementation of the European Union’s General Data Protection Regulation (GDPR) and systematically analyses its various provisions. Examples, tables, a checklist etc. showcase the practical consequences of the new legislation. The handbook examines the GDPR’s scope of application, the organizational and material requirements for data protection, the rights of data subjects, the role of the Supervisory Authorities, enforcement and fines under the GDPR, and national particularities. In addition, it supplies a brief outlook on the legal consequences for seminal data processing areas, such as Cloud Computing, Big Data and the Internet of Things.Adopted in 2016, the General Data Protection Regulation will come into force in May 2018. It provides for numerous new and intensified data protection obligations, as well as a significant increase in fines (up to 20 million euros). As a result, not only companies located within the European Union will have to change their approach to data security; due to the GDPR’s broad, transnational scope of application, it will affect numerous companies worldwide.
Compared to the US, European data and privacy protection rules seem Draconian. The European rules apply to any enterprise doing business in the EU. The new rules are far more stringent than the last set. This book is a quick guide to the directives for companies, particularly US, that have to comply with them. Where US organizations and businesses who collect or receive EU personal data fail to comply with the rule, the bottom line can suffer from very significant official fines and penalties, as well as from users, customers or representative bodies to pursuing litigation. This guide is essential for all US enterprises who directly or indirectly deal with EU personal data.
EU Regulation of E-Commerce
Author: Arno R. Lodder, Andrew D. Murray
Publisher: Edward Elgar Publishing
For the last twenty years the European Union has been extremely active in the field of e-commerce. This important new book addresses the key pieces of EU legislation in the field of e-commerce, including the E-commerce Directive, the Services Directive, the Consumer Directive, the General Data Protection Regulation, and the eID Regulation. The latest in the Elgar Commentaries series, EU Regulation of E-Commerce is the first book to apply this well-established format to a dynamic and increasingly significant area of law.
Présentation de l'éditeur : "Guide to the General Data Protection Regulation provides comprehensive coverage of the new EU General Data Protection Regulation and commentary on how it will impact on the UK national level. Intended as a companion to Data Protection Law and Practice (4th edition), the key and sole focus of this title is the General Data Protection Regulation. Guide to the General Data Protection Regulation will provide a detailed and stand-alone account of the most significant development in UK Data Protection law since the 1998 Act itself."
This study examines a key aspect of regulatory policy in the field of data protection, namely the frameworks governing the sharing of data for law enforcement purposes, both within the EU and between the EU and the US and other third party countries. The work features a thorough analysis of the main data-sharing instruments that have been used by law enforcement agencies and the intelligence services in the EU and in the US between 2001 to 2015. The study also explores the challenges to data protection which the current frameworks create, and explores the possible responses to those challenges at both EU and global levels. In offering a full overview of the current EU data-sharing instruments and their data protection rules, this book will be of significant benefit to scholars and policymakers working in areas related to privacy, data protection, national security and EU external relations.
The 'General Data Protection Regulation' on the protection of natural persons with regard to the processing of personal data and on the free movement of such data is a landmark that will disrupt the rules in the world of data and the digital environment of businesses. 00Adopted on 27 April 2016, its provisions will be directly applicable in all Member States starting from 25 May 2018. The countdown is on. Both public and private enterprises need to get started now by knowing and understanding the obligations it creates and the innovative concepts it introduces (such as privacy by design, security by default, accountability, data protection officer) in order to be able to proactively grasp how it is going to impact their activities. The stakes are high and the risks are great for all organisations: harm to brand and reputation, misappropriation of trade secrets, data theft (not only their data but also those of their partners and customers) and civil and criminal suits, especially where their computer network has been hacked and used for unlawful activities. 00.
The EU General Data Protection Regulation (GDPR) unifies data protection and unifies data protection across the EU. It applies to every organisation in the world that handles EU residents’ personal data – which includes schools. The Regulation introduces a number of key changes for schools – and the change from compliance with the Data Protection Act 1998 (DPA) to GDPR compliance is a complex one. We have revised our popular EU GDPR – A Pocket Guide to include specific expectations of and requirements for schools, and provide an accessible overview of the changes you need to make to comply with the Regulation. EU GDPR – A Pocket Guide Schools’ Edition sets out: A brief history of data protection and national data protection laws in the EU, including as the UK’s DPA);Explanations of the terms and definitions used in the GDPR;The key requirements of the GDPR;The need to appoint a data protection officer (DPO);The lawful basis of processing data and when consent is needed;How to comply with the Regulation; andA full index of the Regulation, enabling you to find relevant articles quickly and easily. This pocket guide is the ideal resource for anyone wanting a clear, concise primer on the GDPR.
Contains a succinct summary of the key changes being introduced by the GDPR and what needs to be done practically in response. Written in an accessible style with lots of useful resources. Suitable for lawyers and non-lawyers alike who seek to better understand this topic and to comply with their obligations in a common sense, risk focussed manner.
EU Internet Law
Author: Tatiana-Eleni Synodinou, Philippe Jougleux, Christiana Markou, Thalia Prastitou
This book provides an overview of recent and future legal developments concerning the digital era, to examine the extent to which law has or will further evolve in order to adapt to its new digitalized context. More specifically it focuses on some of the most important legal issues found in areas directly connected with the Internet, such as intellectual property, data protection, consumer law, criminal law and cybercrime, media law and, lastly, the enforcement and application of law. By adopting this horizontal approach, it highlights – on the basis of analysis and commentary of recent and future EU legislation as well as of the latest CJEU and ECtHR case law – the numerous challenges faced by law in this new digital era. This book is of great interest to academics, students, researchers, practitioners and policymakers specializing in Internet law, data protection, intellectual property, consumer law, media law and cybercrime as well as to judges dealing with the application and enforcement of Internet law in practice.