Upgrade to Pro — share decks privately, control downloads, hide ads and more …

EU Privacy Background for the Upcoming GDPR

D4e0e61ea324265a1dbca99fdec6614d?s=47 Ben Holt
January 23, 2017

EU Privacy Background for the Upcoming GDPR

Ben Holt gives some background of privacy for US attorneys in light of the upcoming changes with the GDPR. This presentation was given in conjunction with presenters from Taylor Wessing.


Ben Holt

January 23, 2017

More Decks by Ben Holt

Other Decks in Technology


  1. EU Privacy Background for GDPR Presented by Ben Holt Privacy

    Law Presentation with Taylor-Wessing and Stoel Rives January 2017
  2. 2 US VS EU PRIVACY EU Privacy Article 8 and

    Data Protection Principles German Regulator UK Regulator General Data Protection Regulations French Regulator US Privacy HIPAA PCI Banking (GLB) Data Breach FCRA / FACTA COPPA DPPA

    Protection Regulations (2018) – Repeals • Data Protection Directive (95/46/EC) - Individuals • Council Framework Decision 2008/977/JHA – Police and Judicial • Privacy Shield Framework – Replacement for Safe Harbor – Are you in? • Brexit • Data Breach Plan
  4. 4 SOME DEFINITIONS • Personal Data-Art. 4(1) – Personal data

    means any information relating to an identified or identifiable natural person ("data subject"); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person. – Online Cookies!
  5. 5 SOME DEFININTIONS • Sensitive Personal Data - Rec.10, 34,

    35, 51; Art.9(1) – Sensitive Personal Data are personal data, revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; data concerning health or sex life and sexual orientation; genetic data or biometric data. Data relating to criminal offences and convictions are addressed separately.
  6. 6 SOME DEFINITIONS • Processing - Art.4(2) – Processing means

    any operation or set of operations performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  7. 7 SOME DEFINITIONS • Controller - Art.4(7) – Controller means

    the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by EU or Member State laws, the controller (or the criteria for nominating the controller) may be designated by those laws.
  8. 8 SOME DEFINITIONS • Processor - Art.4(8) – Processor means

    a natural or legal person, public authority, agency or any other body which processes personal data on behalf of the controller.
  9. 9 SOME DEFINITIONS • Data Breach - Art.4(12) – Data

    breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
  10. 10 CAN DATA BE SILOED? US Data Storage EU Data

  11. 11 EU REGULATIONS HAVE BITE Your Business Upcoming EU Regulations