Knowledge base  GDPR

View all AML - CDD - KYC Artificial Intelligence Basel Brexit ERM GDPR Governance - Behavioral Risk - Soft Controls Insurance MiFID Security 


The Foundation for Market Information Research (SOMI) conducts research into TikTok’s practices, GDPR regulation violations and the inadequate protection of children who use the app

05 September 2020
Knowledge Base

TikTok, the widely used Chinese video sharing social networking app, does not seem to protect children that use the app. Such findings have been revealed by the Dutch Foundation for Market Information Research (SOMI), which will continue its research into the business model and practices of the TikTok app. Moreover, the app most likely also gathers unauthorised personal information from its users, especially from minors. If these findings were found to be correct, then this would mean that TikTok would be violating the European General Data Protection Regulation (GDPR) regulations. If they decided to follow up on this, SOMI could potentially stand up against the app’s apparent disregard of the European regulations and also introduce increased supervision measures while children use the app to reassure parents that are concerned. Continue reading…

Lieve Lowet

Lieve Lowet

EU Affairs consultant and lobbyist

The European Green Deal and the Review of the Non-Financial Reporting Directive

24 February 2020
Knowledge Base

One of the 50 initiatives announced in the Commission’s Communication on the European Green Deal of 11 December 2019, is the review of the Non-Financial Reporting Directive (NFRD) (Directive 2014/95/EU) planned for Q4 2020. The NFRD requires large companies, including banks and insurers, to report information regarding the environment, social and employee issues, human rights, and bribery and corruption, on an annual basis. Companies have been required to include non-financial statements in their annual reports for the first time in 2018, for information covering the 2017 financial year. The NFRD covers approximately 6,000 large companies and groups across the EU. The NFRD amends the accounting directive 2013/34/EU. The NFRD should ensure that investors are better informed about the sustainability of their investments. It should also ensure that civil society and other interested parties have access to the information they need to hold companies to account for their impacts on society and the environment, avoiding an accountability deficit. At the same time the NFRD should not impose excessive reporting obligations on companies but encourage companies to develop a responsible approach to business. 

Continue reading…

Photo: https://pixabay.com

ICO launches consultation on the draft framework code of practice for the use of personal data in political campaigning

15 August 2019
Knowledge Base

The Information Commissioner’s Office (ICO) is consulting on a new framework code of practice for the use of personal data in political campaigning. The framework code will serve both as helpful guidance in its own right as well as having the potential to become a statutory code of practice if the relevant legislation is introduced. The framework code does not introduce new requirements for campaigners but seeks to explain and clarify data protection and electronic marketing laws as they already stand. It also seeks to provide practical guidance and useful examples on ways campaigners could comply with their obligations whilst carrying out common political campaigning activities.

Continue reading…

Photo: https://pixabay.com/

Data protection rules as a trust-enabler in the EU and beyond – taking stock

30 July 2019
Knowledge Base

The General Data Protection Regulation (hereafter ‘the Regulation’) applies across the European Union since over one year. It is at the centre of a coherent and modernised EU data protection landscape that also includes the Data Protection Law Enforcement Directive and the Data Protection Regulation for EU institutions and bodies. This framework is to be completed by the e-Privacy Regulation which is currently in the legislative process.

Continue reading…

Security of identity cards of Union citizens

21 August 2018
Knowledge Base

This article outlines he EDPS on the Proposal for a Regulation of the European Parliament and of the Council on strengthening the security of identity cards of Union citizens and of residence documents issued to Union citizens and their family members exercising their right of free movement. In this context, the EDPS observes that the Commission has clearly chosen to prioritise the free movement aspects of the Proposal and to treat the security-related objective as corollary. The EDPS remarks that this might have an impact on the analysis of necessity and proportionality of the elements of the Proposal.
Continue reading…

Photo: https://pixabay.com

EDPS welcomes agreement on new data protection rules for the EU institutions and bodies

25 May 2018
Knowledge Base

Today, the General Data Protection Regulation (GDPR) becomes fully applicable to all companies and organisations operating within the EU. The European Data Protection Supervisor welcomes the news that the EU legislator has now reached a political agreement on equivalent rules on data protection in the EU institutions and bodies and they will continue to support the EU institutions to ensure that they are ready to implement these rules from day one, the European Data Protection Supervisor (EDPS) said today.

Continue reading…

The main changes under GPDR and how they differ from the previous directive

19 February 2018
Knowledge Base

The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world that is vastly different from the time in which the 1995 directive was established. Although the key principles of data privacy still hold true to the previous directive, many changes have been proposed to the regulatory policies; the key points of the GDPR as well as information on the impacts it will have on business can be found below.
Continue reading…

GDPR: NEW SENSE OR URGENCY IN THE DIGITAL TRANSFORMATION

16 February 2018
Knowledge Base

Kenny van Ierlant

The digital transformation prompted by rapidly changing business models, as part of the chain reversal, has already turned the world upside down. Numerous companies and governments (organizations) have invested heavily in the digitization of their business processes as part of the chain reversal by automating non-automated processes in order to save heavily on the costs of labor to benefit the shareholders! The premise that this approach will lead to “agility” and lower cost-income ratios will not materialize the majority of case. This digitization also reveals a great sociological problem, namely that top management has no idea how such a transformation should be implemented. The lack of essential knowledge at the top level is a guarantee for many accidents and destruction of shareholder value.
Continue reading…

Photo: https://pixabay.com/

How to conduct GDPR gap analysis

22 January 2018
Knowledge Base

A cyber readiness assessment provides effective preparation for companies wanting to avoid the high cost of technology solutions, according to James Weare of Duff & Phelps. Organisations are less than five months away from being subject to the new General Data Protection Regulation (GDPR), making it critical that firms have begun to plan for the reporting and systemic changes required to comply.
Continue reading…

Data protection through regulation

28 October 2017
Knowledge Base

The aim of the  General Data Protection Regulation (GDPR) is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world that is vastly different from the time in which the 1995 directive was established. Although the key principles of data privacy still hold true to the previous directive, many changes have been proposed to the regulatory policies. Thies changes are approved bij the European Parlement on 14 april 2016 and will be directly application in all members states enforced. The enforcement date is 25 May 2018 for all organization. Organizations who are in non-compliance on this date will face heavenly fines.
Continue reading…