A simple syllogism. Continue reading “The GDPR doesn’t work for Data Retention”
The EU Court of Justice: privacy and data protection are different rights. Data Protection Authorities are on notice
The press release 84/2017 issued by the EU Court of Justice on the EU-Canada PNR transfer contains ? an important (though unnoticed) statement:
… the transfer of PNR data from the EU to Canada, and the rules laid down in the envisaged agreement on the retention of data, its use and its possible subsequent transfer to Canadian, European or foreign public authorities entail an interference with the fundamental right to respect for private life (emphasis added). Similarly, the envisaged agreement entails an interference with the fundamental right to the protection of personal data (emphasis added).
A useful feature of the upcoming GDPR
The unified system of definitions set forth by the GDPR is its main strength because it prevents – at national level – the unauthorized modification of the EU provisions. Continue reading “A useful feature of the upcoming GDPR”
Enforcing the GDPR: Authority vs Legal Interpretation
In the last couple of days, commenting a Linkedin post about Article 29’s (the future European Data Protection Supervisor) opinions, I’ve been involved in an interesting thread that can be summarized as “Authority vs. Legal Interpretation”. Continue reading “Enforcing the GDPR: Authority vs Legal Interpretation”
No More Mandatory Data Retention in Italy? – Update
As a consequence of the Parliament/Govern inactivity, the huge quantity of traffic data that survived the June, 30 midnight – and that some ISP might still have in its own hand, maybe hoping for a last-minute, never passed, prorogation – is currently being deleted.
Right now, traffic-Database deleting schedules should have been re-set to the old standard: one year retention period as set forth by sec. 132 of the Italian Data Protection Act.
And the Data Protection Authority still hasn’t hissed a word.