Article 29 Working Party adopts an Opinion on the proposed ePrivacy Regulation

Article 29 Working Party, which is the EU Working Party that gathers the European Data Protection Supervisor and representatives of the EU Commission and the Member States’ privacy supervisory authorities, has adopted an Opinion on the ePrivacy Regulation proposed by the EU Commission.  The draft Regulation, which will be directly applicable in all Members States if adopted, aims at replacing the ePrivacy Directive 2002/58/EC.  Article 29 Working Party welcomes the draft Regulation, while is proposes some improvements to render it more consistent with the EU GDPR and rises some points of concern that should be addressed during the legislative process.

The ePrivacy Directive is accessible here

The Article 29 Working Party Opinion is accessible here

The EU Commission Proposal for a Regulation on Privacy and Electronic Communications is accessible here

President Trump signs a bill that repels the Federal Communications Commission BCPR

President Trump has signed today a bill that nullifies the Federal Communications Commission (FCC) Broadband Consumer Privacy Rules issued in October 2016.

Alibaba Cloud joins the EU Cloud CoC

The Alibaba Group’s cloud computing division has announced to have joined the Code of Conduct for Cloud Service Providers in Europe (EU Cloud CoC).  The CoC was adopted following a four-year development process involving industry and the European Commission with the Article 29 Working Party providing input to it.  Thanks to the involvement of European Commission and Member States’ Data Protection Authorities the CoC is unique and also a reliable tool to provide security to cloud users.  Many IT industries (IBM, Oracle, SalesForce among the others) have joined the CoC in order to strengthen the trust between Cloud providers and Cloud users.

The website of the Data Protection Code of Conduct for Cloud Service Providers is accessible here

The Alibaba Group press release is accessible here

EU Commissioner for Justice, Věra Jourová, announces in Washington the joint review of the EU-US Privacy Shield

Věra Jourová, the European Union Commissioner for Justice, Consumers and Gender Equality has announced today, in her speech at the Washington based Center for Strategic and International Studies, that the joint review of the EU-US Privacy Shield will take place in September 2017.  From the EU perspective the review is aimed at closely monitoring the conditions and possibilities for governmental access to data for national security reasons, and at carefully following-up the daily implementation of the Privacy Shield by those companies that have self-certified themselves.

The transcript of Commissioner Věra Jourová speech is accessible here

Gemalto releases findings of 2016 Breach Level Index

The release issued by Gemalto, a leading company in digital security, indicates that “the Breach Level Index is a global database that tracks data breaches and measures their severity based on multiple dimensions, including the number of records compromised, the type of data, the source of the breach, how the data was used, and whether or not the data was encrypted”.  The Index calculates that in 2016, “1,792 data breaches led to almost 1.4 billion data records being compromised worldwide during 2016, an increase of 86% compared to 2015. Identity theft was the leading type of data breach in 2016, accounting for 59% of all data breaches. In addition, 52% of the data breaches in 2016 did not disclose the number of compromised records at the time they were reported”.

You can access the Gemalto release