Tag: GDPR

Categories
Life with GDPR

Happy Birthday GDPR, Part 1

 
In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today we begin a special two-part episode in honor of the 3rd anniversary of the go-live of GDPR. We review five key developments in GDPR review, regulation and enforcement over the past 3 years. In this Part 1, we look at the increased militancy in GDPR enforcement, both from regulators and in private actions and enforcement trends over the past 3 years.
Resources
Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Life with GDPR

Looking Back and Looking Forward

In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we take a look back at some of Jonathan’s most significant cases, enforcement actions and events in data privacy/data protection in 2020. We also consider the potential impact of Brexit on data transfers between the UK and the EU and how this will impact data transfers between the UK and US.

Resources

Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Life with GDPR

Reduction to GDPR Fines by EU Courts


In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we consider EU courts reducing fines and penalties assessed by data protection regulators. The case reminds us that, as we said before, data protection authorities are likely to face challenges to high fines in the courts. In some respects, the fine mechanism in GDPR is based on the system in use in competition law cases where the success rate in appeals has been high. Some of the highlights are:

  1. Background to several cases.
  2. What did the court say?
  3. What did the regulators say?
  4. What are the lessons learned for the data protection/data privacy compliance specialist?
  5. What steps can your organization take?

Resources
Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
FCPA Compliance Report

Jonathan Armstrong on the UKBA, GDPR and Modern Slavery Compliance

The FCPA Compliance Report is the longest running podcast in compliance, premiering on July 31, 2015. This week begins a series of podcasts leading up to the 500th anniversary episode of the FCPA Compliance Report, which will post on Monday, August 31. Over the next five episodes, I will post podcasts of 5 top FCPA and compliance commentators. Over this week, I will be joined by Mike Volkov, Matt Kelly, Jonathan Armstrong, Jay Rosen and Jonathan Marks. Each will speak about the evolution of compliance from their own unique perspective. In this episode, I visit with Jonathan Armstrong, co-founder of Cordery Compliance. We take a look back at the evolution of UK and EU laws around bribery, data privacy/data protection and modern slavery and the compliance response.
Some of the highlights include:

  • The UK Bribery Act was a seminal law for international anti-corruption enforcement which brought another sheriff to town.
  • How tech monopolies have led to greater enforcement in the UK and EU.
  • How one person can make a change. Max Schrems was a law school student in 2011.
  • How the US model of FCPA enforcement influenced regulators across the globe.
  • The evolution of DPAs in the UK and elsewhere.
  • Armstrong believes the fight against slavery is a job only half well done.

Lineup 
I hope you will listen in to each episode over this week. The lineup will be:
Monday, August 24-Episode 495-Mike Volkov on changes in FCPA enforcement.
Tuesday, August 25- Episode 496-Matt Kelly in changes he has observed in compliance from the business journalist perspective.
Thursday August 27-, August Episode 498-Jay Rosen in changes in compliance from the business development perspective.
Friday August 28-, August Episode 499-Joanthan Marks on changes compliance mirroring those from internal audit.
Monday, August Episode 500-the Anniversary Episode.

Categories
Life with GDPR

Requirements for the DPO

In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we consider recent decision by the Belgian Data Protection Authority which imposed a fine of €50,000 ($54,203) on an un-named organization for non-compliance with the GDPR conflict of interest requirement; in the selection of its Data Protection Officer.  Some of the highlights are:

  1. What were the issues and interests involved in this case?
  2. What are the requirements for a DPO under GDPR?
  3. How and why was the company ‘seriously negligent’?
  4. What are the implications going forward?
  5. What is this decision’s precedential value?
  6. How much expertise, authority and autonomy must a DPO have going forward?

Check out the Cordery Compliance, client alert on this case, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Everything Compliance

Everything Compliance-Episode 60


Welcome to the only roundtable podcast in compliance. Today, we have a serving of Jonathan Armstrong, Jay Rosen, Matt Kelly, and our newest panelist Jonathan Marks with a veritable potpourri of topics and issues. Rants and shouts outs (with commentary) conclude this episode.

  1. Jonathan Armstrong celebrates the anniversary of GDPR by looking back over the past year at some of the key decisions and enforcement actions.
  2. Jay Rosen takes a look at a rare release of a monitor’s report, in the Wynn Casino monitorship and data mines it for the compliance professional.
  1. Matt Kelly considers the difference in response by Facebook v. Twitter in the incendiary and racist tweets by Donald Trump.
  1. Jonathan Marks looks at the DOJ’s 2020 Update to the 2019 Evaluation of Corporate Compliance Programs.
  1. Tom Fox talks about how fighting racism and white supremacy is the responsibility of everyone. It is based on piece by Ben DiPietro here.

The members of the Everything Compliance are:

  • Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
  • Mike Volkov – One of the top FCPA commentators and practitioners around and the Chief Executive Officer of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com
  • Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
  • Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com
  • Jonathan Marks is Partner, Firm Practice Leader – Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at marks@bakertilly.com

The host and producer (and sometime panelist) of Everything Compliance is Tom Fox the Compliance Evangelist. Everything Compliance is a part of the Compliance Podcast Network. He can be reached at tfox@tfoxlaw.com

Categories
Life with GDPR

Verbal Reporting under GDPR


In this episode I visit with Jonathan Armstrong are back to discuss issues relating to data privacy, data protection and GDPR. Today, we consider the issue of verbal reporting under GDPR, in the context of the case of Scott v. LGBT Foundation. Some of the highlights are:

  1. What were the issues and interests involved in this case?
  2. What is a relevant filing system for automated data under GPDR?
  3. When does the public health and safety outweigh data privacy?
  4. Was Scott’s data processed by the LGBT Foundation?
  5. What is the necessity test?

Check out the Cordery Compliance, client alert on the case of Scott v. LGBT Foundation, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Compliance Kitchen

CCPA – GDPR Comparison, ETIAS Registration for EU Travel


Stop by for a quick visit on CCPA and GDPR and how to register for your future EU travel, when we can hopefully travel again.

Categories
Daily Compliance News

April 28, 2020-the Mike Ward edition


In today’s edition of Daily Compliance News:

  • Has there been too little GDPR enforcement? (NYT)
  • Lessons for these ‘uncertain times’? (WSJ)
  • Tech tools can help compliance. (WSJ)
  • OSHA issues guidance. (WaPo)
Categories
Life with GDPR

Episode 35- What does Brexit Mean for GDPR?

In this episode Jonathan Armstrong and I consider the implications of GDPR enforcement going forward after Brexit. Recognizing the situation is incredibly fluid, there are nevertheless some areas of risk management that you can begin to prepare for in the event of a deal for an orderly Brexit, a no-deal Brexit or an extension of the deadline Some of the highlights in this episode include:

  1. What does Brexit mean for GDPR enforcement?
  2. How will the UK-ICO move forward after Brexit?
  3. What are the implications of a no-deal Brexit? What can a company do to prepare at this point?
  4. How will the Irish regulators react to Brexit?
  5. What will Brexit mean for internal investigations, both in the UK and EU?
  6. What happens if there is an extension?