The Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados or CNPD) published, on 23 April 2019, its 2017-2018 activity report. This report provide us an overview of CNPD’s activities during the year of 2017 and two periods of the year 2018: from 1 January to 24 May (before the GDPR’s applicability) and from 25 May to 31 December (after the GDPR’s applicability). Among the information provided by the CNPD we highlight the following:
The National Data Protection Commission has published on its website a model of record of processing activities for controllers and a model for processors, in accordance with the requirements set forth in article 30 of the General Data Protection Regulation (Regulation (EU) 2016/679), which can be consulted aqui.
The European Parliament's Civil Liberties Committee has filed a motion for resolution for approval in plenary session, requesting that the European Commission suspend the “Privacy Shield” agreement between the European Union and the USA, in force since July 2016, designed to facilitate international data transfer between these two zones.
The General Data Protection Regulation (GDPR), which is compulsory as from today, is a complex regulation that extends beyond the borders of Europe. The new rules will affect all companies, regardless of their location, that handle data of individuals living in the European Union, even if the company in question has neither a physical nor a legal presence in Europe.
The General Council of the Spanish Judiciary (CGPJ) publishes its Report on the Preliminary Trade Secrets Bill: the new legislation continues to make progress with the publication of this report, which introduces certain recommendations, particularly in the definition of “trade secrets”.
With two months to go before the new EU General Data Protection Regulation (GDPR) becomes active, businesses are working against the clock in order to be up and ready when the time comes. The two year extension afforded by the European regulation is coming to an end and there are still many doubts raised as to how it can effectively be applied.
Alejandro Padín, counsel in the Commercial Department and head of Privacy and Data Protection, when he spoke on Tuesday 6 March to the Congress of Deputies Justice Commission, in view of the imminent application of the new GDPR on 25 May.
On May 25 2016, the General Data Protection Regulation (GDPR) became mandatory, having been published in the Official Journal of the European Union three weeks earlier. The regulation established a term of two years within which members states and businesses could adapt to the new regulation and prepare for its compulsory application by 25 May 2018.