On July 16, 2019, the UK’s Information Commissioner’s Office (“ICO”) released a new draft Data sharing code of practice (“draft Code”), which provides practical guidance for organizations on how to share personal data in a manner that complies with data protection laws. The draft Code focuses on the sharing of personal data between controllers, with a section referring to other ICO guidance on engaging processors. The draft Code reiterates a number of legal requirements from the GDPR and DPA, while also including good practice recommendations to encourage compliance. The draft Code is currently open for public consultation until September 9, 2019, and once finalized, it will replace the existing Data sharing code of practice (“existing Code”).
Continue Reading ICO Launches Public Consultation on New Data Sharing Code of Practice
General Data Protection Regulation
IoT Update: Expert Q&A on the EU Cybersecurity Act
An Expert Q&A with Mark Young of Covington & Burling LLP on the EU Cybersecurity Act and its new cybersecurity certification schemes for information and communication technology (ICT) products, services, and processes, especially internet of things (IoT) devices. It also discusses how the Act supports the EU Directive on the Security of Network and Information Systems (Directive 2016/1148/EC) (NIS Directive), the expanded role for the EU Agency for Cybersecurity (ENISA), and what companies need to know about timelines and enforcement.
Continue Reading IoT Update: Expert Q&A on the EU Cybersecurity Act
IoT Update: Expert Q&A on the EU Cybersecurity Act
An Expert Q&A with Mark Young of Covington & Burling LLP on the EU Cybersecurity Act and its new cybersecurity certification schemes for information and communication technology (ICT) products, services, and processes, especially internet of things (IoT) devices. It also discusses how the Act supports the EU Directive on the Security of Network and Information Systems (Directive 2016/1148/EC) (NIS Directive), the expanded role for the EU Agency for Cybersecurity (ENISA), and what companies need to know about timelines and enforcement.
Continue Reading IoT Update: Expert Q&A on the EU Cybersecurity Act