All GDPR articles
-
ArticleComplying with the EU Data Act – What companies should know
Companies could face significant compliance challenges in trying to meet new EU legal requirements about how companies share data with third parties.
-
PremiumNew EU Data Act may impact companies’ GDPR compliance efforts
New rules that have recently come into effect across the EU will allow for greater transfers of data between companies, though experts fear the changes could conflict with Europe’s strict privacy legislation, which protects personal information.
-
PremiumShadow AI: Another element of TPRM
Companies may face significant financial and legal risks if they fail to vet suppliers and third parties over their use of unauthorized AI and how the technology may use and share their corporate data.
-
ArticleU.K. to introduce mandatory ransomware reporting, raising risk of ‘box-ticking’ compliance
The U.K. will require companies to report ransomware payments, but experts warn this could lead to “box-tick” compliance rather than real cyber-resiliency, since it’s cheaper.
-
ArticleDigital wallets should speed up compliance, but companies must focus on trust and security
The EU has one, the U.K. is getting one, many U.S. states are working with Google and Apple to provide one, and now industry sectors are developing their own digital wallet.
-
PremiumU.K. prepares to prosecute firms under new Failure to Prevent Fraud rules
The U.K. will start cracking down on companies under the new Failure to Prevent Fraud law on Sept. 1, with the Crown Prosecution Service and Serious Fraud Office ready to enforce it.
-
PremiumU.K. data law tightens compliance rules, expands complaints process and raises penalties
The U.K.’s Data (Use and Access) Bill, passed into law on June 19, aims to boost the economy and simplify access to services like healthcare and policing. Businesses must understand the changes and ensure data policies and complaints procedures are current.
-
Article10 tips to comply with the U.K.’s new data law
Changes to the U.K.’s privacy regime will immediately affect how companies handle AI-driven decisions, cookie usage, and responses to data subject requests. As a result, experts are warning compliance teams to ensure their organizations take the legislation seriously and make plans to review data governance.
-
News BriefEuropean Commission unveils a simpler, more competitive EU Single Market, but businesses remain skeptical
The EU’s new strategy aims to boost SME growth and cut market barriers, but businesses doubt reforms will happen, and consumer groups fear weaker data protections.
-
ArticleSeven years in, GDPR faces growing challenges from AI and ‘consent or pay’ models
Europe’s pioneering data protection legislation turned seven years old in May, but the compliance and enforcement difficulties that have dogged the rules since they came into force look set to present both companies and data regulators with fresh headaches for some time to come.
-
PremiumQ&A: Symphony general counsel Corinna Mitchell on regulators’ push for supply chain resilience
Secure, resilient communications and trading platforms are critical both to financial services firms and to governments that know their economies depend upon them, says Corinna Mitchell, General Counsel at FS digital communications provider Symphony. That’s why her company is investing more in managing rapidly evolving compliance demands from multiple regulators ...
-
PremiumUK’s deregulation drive raises compliance risk, say top lawyers
The United Kingdom’s latest effort to encourage regulators to pare down rules to attract companies and investment as a way to stimulate the economy has received mixed reviews from lawyers.
-
PremiumAI regulation: U.K. sits on regulatory fence between U.S. and E.U.
The U.K. has pressed pause on artificial intelligence regulation as its government comes under twin pressures from those who fear the growing power of unregulated AI and the overriding need to generate growth. The postponement of long-expected legislation means that the U.K. is left sitting on the fence between federal ...
-
PremiumEDPB shift forces AI firms to embed procurement, risk management in GDPR considerations
Efforts to clarify the circumstances in which artificial intelligence models may or may not be violating the General Data Protection Regulation could result in yet more confusion for tech firms, companies deploying the technology, and even data protection authorities, according to experts.
-
News BriefIrish DPC fines LinkedIn $335M over GDPR violations related to targeted advertising
The Irish Data Protection Commission fined Microsoft-owned LinkedIn 310 million euros (U.S. $335 million) over violations of the European Union’s General Data Protection Regulation related to the social media company’s data processing and targeted advertising.
-
ArticleAdtech firm Criteo facing $61M GDPR fine in France
Adtech firm Criteo faces a proposed fine of €60 million (U.S. $61.4 million) from France’s data protection authority for noncompliance with the European Union’s General Data Protection Regulation.
-
ArticleIntroducing: Cybersecurity training customized for compliance
The professor who created CW’s first-ever self-directed learning module explains what compliance practitioners can expect to get out of the course—and why it’s an essential tool in an evolving cyber-risk landscape.
-
TrainingOn-demand training: Protect your company from cyber risks
Take this self-directed, interactive course to deepen your understanding of cybersecurity risks and learn about the latest regulations to keep your organization compliant and prepared for today’s dangerous cyber environment.
-
ArticlePreparing for China’s new GDPR-like data privacy law
China is set to enact a tough data privacy law that mirrors the EU’s General Data Protection Regulation in content but likely will be more strictly enforced, experts say.
-
ArticleNew chief compliance officer, same Facebook
It isn’t surprising to see Facebook think it doesn’t have an ethical obligation to alert users to its latest data leak, writes Kyle Brasseur, but it is disappointing knowing the company now has a chief compliance officer in place.