Data breaches, privacy programs and what will change for processors, Tobias Bräutigam, Bird & Bird
Exove and Bird & Bird seminar on Nov 23rd 2016: "GDPR - Practical Effects on Digital Business - juridical, technical, and customer point of view"
How does GDPR affect the design of user experiences? Exove
How does GDPR affect the design of user experiences? Heidi Tulensalo, Exove Design
Exove and Bird & Bird seminar on Nov 23rd 2016: "GDPR - Practical Effects on Digital Business - juridical, technical, and customer point of view"
Developer view on new EU privacy legislation (GDPR)Exove
Kalle Varisvirta's slides about developer view on the EU privacy legislation (GDPR) from DrupalCamp Baltics 2016 in Riga.
The key items of the presentation are:
What are the requirements for the processors (Drupal maintainers in this view)?
What technical challenges complying with the law might bring to a Drupal developer?
What are the open questions in the legislation from a technical point of view right now?
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
Recommendations from The United Kingdom's Information Commissioner's Office (ICO) to Prepare for May 2018.
The European General Data Protection Regulation, better known as GDPR, will take effect on May 25, 2018. When it does, every business, organization, or government agency that collects information on European Union (EU) citizens (in other words, just about everyone) will be forced to radically change how it manages customer data and security. If you don’t, the cost of noncompliance is significant: fines can reach up to €20M ($23.5M) or 4 percent of annual sales, whichever is higher.
Teleran Data Protection - Addressing 5 Critical GDPR RequirementsChris Doolittle
Learn how to quickly and cost effectively meet 5 critical General Data Protection Regulation (GDPR) requirements for structured data with Teleran's Data Protection and Compliance solution. Teleran's solution addresses these key GDPR mandates: Impact Assessments, Purpose Limitation, Data Security, Accountability and Documentation, and Breach Notification. Teleran’s software solution delivers integrated sensitive data discovery, audit and controls. There is little time left to address GDPR. Flexibility, automation, integration and flexibility are key to getting there quickly and cost efficiently.
The General Data Protection Regulation and the DAMA DMBOK – Tools you can use for Compliance
Abstract: The General Data Protection Regulation will be the law governing data privacy in Europe in 2018. Surveys show that less than 50% of organisations are aware of the changes within the legislation, and even fewer have any plan for achieving compliance. In this session, Daragh O Brien takes us on a high level overview of the GDPR and how the disciplines of the DMBOK can help compliance.
Notes: DMBOK is an abbreviation for the "Data Management Book of Knowledge" which is published by DAMA International (The Data Management Association)
How does GDPR affect the design of user experiences? Exove
How does GDPR affect the design of user experiences? Heidi Tulensalo, Exove Design
Exove and Bird & Bird seminar on Nov 23rd 2016: "GDPR - Practical Effects on Digital Business - juridical, technical, and customer point of view"
Developer view on new EU privacy legislation (GDPR)Exove
Kalle Varisvirta's slides about developer view on the EU privacy legislation (GDPR) from DrupalCamp Baltics 2016 in Riga.
The key items of the presentation are:
What are the requirements for the processors (Drupal maintainers in this view)?
What technical challenges complying with the law might bring to a Drupal developer?
What are the open questions in the legislation from a technical point of view right now?
GDPR Guide: The ICO's 12 Recommended Steps To Take NowHackerOne
Recommendations from The United Kingdom's Information Commissioner's Office (ICO) to Prepare for May 2018.
The European General Data Protection Regulation, better known as GDPR, will take effect on May 25, 2018. When it does, every business, organization, or government agency that collects information on European Union (EU) citizens (in other words, just about everyone) will be forced to radically change how it manages customer data and security. If you don’t, the cost of noncompliance is significant: fines can reach up to €20M ($23.5M) or 4 percent of annual sales, whichever is higher.
Teleran Data Protection - Addressing 5 Critical GDPR RequirementsChris Doolittle
Learn how to quickly and cost effectively meet 5 critical General Data Protection Regulation (GDPR) requirements for structured data with Teleran's Data Protection and Compliance solution. Teleran's solution addresses these key GDPR mandates: Impact Assessments, Purpose Limitation, Data Security, Accountability and Documentation, and Breach Notification. Teleran’s software solution delivers integrated sensitive data discovery, audit and controls. There is little time left to address GDPR. Flexibility, automation, integration and flexibility are key to getting there quickly and cost efficiently.
The General Data Protection Regulation and the DAMA DMBOK – Tools you can use for Compliance
Abstract: The General Data Protection Regulation will be the law governing data privacy in Europe in 2018. Surveys show that less than 50% of organisations are aware of the changes within the legislation, and even fewer have any plan for achieving compliance. In this session, Daragh O Brien takes us on a high level overview of the GDPR and how the disciplines of the DMBOK can help compliance.
Notes: DMBOK is an abbreviation for the "Data Management Book of Knowledge" which is published by DAMA International (The Data Management Association)
With a fine of up to 4% of an organisation’s annual turnover on the line, Individuals accountable and responsible for data protection are actively seeking clarification and advice regarding the impending changes to the EU General Data Protection Regulation.
The question now? How prepared are you to meet the EU General Data Protection Regulation?
IRM’s resident Data Protection expert Paul Sexby, addresses the areas that need to be considered in order to prepare for the new requirements.
SureSkills GDPR - Discover the Smart Solution Google
In today’s digital business, information is currency. But is your data really protected and delivering value? How can you gain competitive advantage, while ensuring you stay compliant with the onerous upcoming EU General Data Protection Regulation?
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
Presentation on GDPR which is not technical, nor product specific, focusing on manufacturing industry and providing a non expert view on what the regulation is all about.
Targeted to Senior Management who has a direct responsibility on the treatment (direct or indirect) of personal data.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
This GDPR primer highlights key aspects of the new EU regulation regarding the protection of EU citizens data. It also presents a basic approach and key activities for GDPR preparedness. Useful as a discussion starter with senior management.
How GDPR works : companies will be expected to be
fully compliant from 25 May 2018. The regulation
is intended to establish one single set of data
protection rules across Europe
If you are in the UK and need to check that you will comply with the General Data Protection Regulations when they come into force in May 2018, this checklist might help. Developed for use in my own business it is shared without liability. Please use it wisely to start the process of complying.
For more information on making your processes and your legal documents simple, especially if you are in the UK construction industry, go to http://500words.co.uk/
This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
GDPR From Implementation to OpportunityDean Sappey
GDPR presents new challenges for law firms across Europe. This presentation explains the implications of GDPR and simple strategies to ensure firms are compliant for its launch in May 2018
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
Preparing for the new General Data Protection Regulation? Here is a presentation to help you to engage your employees with their new information security requirements. In this ppt presentation, you will find out: why GDPR, steps to manage compliance, important information security facts and some of the key articles.
Slides from my CIO Summit talk on the impact of EU General Data Protection Regulations.
Quick take away: GDPR is not a technology challenge as such, there is no single piece of software to meet its requirements. It is more about people and your organisations processes.
IT alone will not successfully achieve compliance. The regulation promotes good information management. If the opportunity is take it is a great opportunity to engage with different parts of business such as marketing.
Getting to grips with General Data Protection Regulation (GDPR)Zoodikers
Leading employment lawyer Pam Loch, and digital expert Katie King share their advice on how to get to grips with the topic of the moment - GDPR.
They look at who is liable, the impact of Brexit, how it affects marketing and what steps you can take to prepare.
Key highlights of the General Data Protection Regulation (GDPR), which organisations will need to consider when preparing for its coming into force on 25 May 2018.
For more information visit https://www.brightpay.co.uk
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Employers process large amounts of personal data, not least in relation to their customers and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How to prepare for GDPR
How we are working to help you
For more information visit thesaurus.ie or brightpay.ie
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Employers process large amounts of personal data, not least in relation to their customers and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How to prepare for GDPR
How we are working to help you
With a fine of up to 4% of an organisation’s annual turnover on the line, Individuals accountable and responsible for data protection are actively seeking clarification and advice regarding the impending changes to the EU General Data Protection Regulation.
The question now? How prepared are you to meet the EU General Data Protection Regulation?
IRM’s resident Data Protection expert Paul Sexby, addresses the areas that need to be considered in order to prepare for the new requirements.
SureSkills GDPR - Discover the Smart Solution Google
In today’s digital business, information is currency. But is your data really protected and delivering value? How can you gain competitive advantage, while ensuring you stay compliant with the onerous upcoming EU General Data Protection Regulation?
Full GDPR toolkit: https://quality.eqms.co.uk/gdpr-general-data-protection-regulation-eu-toolkit
This free online training presentation provides you with information about how to comply with the General Data Protection Regulation, managing breaches, engaging employees, key requirements and more.
General Data Protection Regulations (GDPR): Do you understand it and are you ...Cvent
Whether you’re an event or hospitality professional in a small, medium or large organization, the General Data Protection Regulation (GDPR) is going to affect you. Get prepared with Cvent and Debrah Harding of Market Research Society before the 25th May deadline. GDPR is a new EU regulation, designed for the digital age. GDPR will strengthen an individual's rights and increase business accountability for data privacy and holding personal information. Organizations found breaching the regulations can face fines of up to 20 million Euros or up to 4% of annual global turnover. At Cvent we are already on track to becoming GDPR compliant and we want to advise our industry partners on how to become compliant too.
Presentation on GDPR which is not technical, nor product specific, focusing on manufacturing industry and providing a non expert view on what the regulation is all about.
Targeted to Senior Management who has a direct responsibility on the treatment (direct or indirect) of personal data.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
This GDPR primer highlights key aspects of the new EU regulation regarding the protection of EU citizens data. It also presents a basic approach and key activities for GDPR preparedness. Useful as a discussion starter with senior management.
How GDPR works : companies will be expected to be
fully compliant from 25 May 2018. The regulation
is intended to establish one single set of data
protection rules across Europe
If you are in the UK and need to check that you will comply with the General Data Protection Regulations when they come into force in May 2018, this checklist might help. Developed for use in my own business it is shared without liability. Please use it wisely to start the process of complying.
For more information on making your processes and your legal documents simple, especially if you are in the UK construction industry, go to http://500words.co.uk/
This is a slightly modified version of a presentation that I gave to fellow lawyers last week. It explains what GDPR is, the policy of data protection and the evolution of data protection legislation from the OECD Guidelines and Council of Europe Convention to the GDPR. It explores the regulation focusing on the data protection principles and, in particular, the lawfulness requirement and the validity of consent. The presentation mentions the Law enforcement data protection directive, the Data Protection Bill and the arrangements post Brexit. Finally, it considers the preparations recommended by the Information Commissioner for small busiesses
GDPR From Implementation to OpportunityDean Sappey
GDPR presents new challenges for law firms across Europe. This presentation explains the implications of GDPR and simple strategies to ensure firms are compliant for its launch in May 2018
Preparing for GDPR: General Data Protection Regulation - Stakeholder Presenta...Qualsys Ltd
Preparing for the new General Data Protection Regulation? Here is a presentation to help you to engage your employees with their new information security requirements. In this ppt presentation, you will find out: why GDPR, steps to manage compliance, important information security facts and some of the key articles.
Slides from my CIO Summit talk on the impact of EU General Data Protection Regulations.
Quick take away: GDPR is not a technology challenge as such, there is no single piece of software to meet its requirements. It is more about people and your organisations processes.
IT alone will not successfully achieve compliance. The regulation promotes good information management. If the opportunity is take it is a great opportunity to engage with different parts of business such as marketing.
Getting to grips with General Data Protection Regulation (GDPR)Zoodikers
Leading employment lawyer Pam Loch, and digital expert Katie King share their advice on how to get to grips with the topic of the moment - GDPR.
They look at who is liable, the impact of Brexit, how it affects marketing and what steps you can take to prepare.
Key highlights of the General Data Protection Regulation (GDPR), which organisations will need to consider when preparing for its coming into force on 25 May 2018.
For more information visit https://www.brightpay.co.uk
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Employers process large amounts of personal data, not least in relation to their customers and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How to prepare for GDPR
How we are working to help you
For more information visit thesaurus.ie or brightpay.ie
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Employers process large amounts of personal data, not least in relation to their customers and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How to prepare for GDPR
How we are working to help you
The General Data Protection Regulation (GDPR) in Ireland-What You Should KnowTerry Gorry
The General Data Protection Regulation (GDPR) came into effect on 25th May, 2018. This presentation looks at the key principles and concepts in the GDPR regulation
This presentation was prepared to accompany my talk at Montreal All Girls Hack Night.
I think that Data and Privacy should be the foundation for all businesses moving forward to maintain a healthy Digital life for everyone.
General Data Protection Regulation plays a great role in to enforcing such acts that ensure Data Protection and Privacy of the users. GDPR is a very brief topic, but in this presentation I will share with you some core values of GDPR and some basic actions that you can take to make your business compliant to GDPR.
Note: This is not a legal advice. This information is collected from different resources. All the guides and resources used in the presentation are listed below.
Important Definitions and Notes from the presentation:
GDPR
The General Data Protection Regulation (GDPR) (EU) is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA).
Impact of GDPR on Third Party and M&A SecurityEQS Group
GDPR impact has been dissected and examined to death - however, M&A activities, as well as third-party security posture, can be greatly affected as well, and this aspect has not been very often pursued. This session hopes to be useful for that.
When becoming GDPR compliant, what factors do you need to consider and what methods are you adhering to? This slide deck explores the challenges, best practices and a step-by-step approach to becoming GDPR compliant.
ABM Display Advertising Success in the World of GDPR [PPT]Kwanzoo Inc
In this webinar, see the specific impacts of GDPR on B2B companies as they plan, budget, launch and measure success from ABM advertising programs that reach and engage the 500 Million+ citizens of EU countries and the UK. Our panel of experts will cover the IT, Legal, Marketing, Data and Technology Provider side of GDPR compliance. All of these dimensions need to be addressed as you plan for the world of GDPR.
General Data Protection Regulation (GDPR) ControlCase
ControlCase discusses the following:
- What is GDPR?
- How will it impact me?
- How can I become compliant?
- What is the timeline?
- What are consequences if not met?
ControlCase discusses the following: - What is GDPR? - How will it impact me? - How can I become compliant? - What is the timeline? - What are consequences if not met?
For more information visit https://www.brightpay.co.uk
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Employers process large amounts of personal data, not least in relation to their customers and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How to prepare for GDPR
How we are working to help you
For more information visit https://www.thesaurus.ie or https://www.brightpay.ie
The General Data Protection Regulation (GDPR) comes into effect on 25 May 2018 with the aim of protecting all EU citizens from privacy and data breaches in an increasingly data driven world.
Payroll bureaus process large amounts of personal data, not least in relation to their customers, their customers’ employees, and their own employees. Consequently, the GDPR will impact most if not all areas of the business and the impact it will have cannot be overstated.
In this CPD accredited webinar, we will peel back the legislation to outline clearly:
What is GDPR and why is it being implemented?
Why employers need to take it seriously
How it will impact payroll bureaus
How to prepare for GDPR
How we are working to help you
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
The General Data Protection Regulation is the biggest change to the law on data in years. This webinar features Vicky Brown, Deputy General Counsel at WPP, and Paul King, Head of Data at OgilvyOne discussing what it is, why it matters and what companies are doing.
General Data Protection Regulation (GDPR) Implications for Canadian Firmsaccenture
The General Data Protection Regulation (GDPR) represents significant challenges for financial institutions to comply with the new data processing and record keeping requirements. This Accenture Finance & Risk presentation explores the impact of GDPR on Canadian firms, including lessons learned from our work with clients and knowledge gained that can be used for an effective GDPR journey.
In this first edition, the head of Match-Maker Ventures' GDPR align focus area Christoph Prager will translate the regulatory framework into business language and give recommendations for organizations departing on their GDPR journey.
Joining us for this one-hour session will be Monika Kuschewsky, partner from Squire Patton Boggs' Data Privacy and Cybersecurity practice. She will share her views on GDPR and data protection, which she gained from over 15 years of working with organizations all over the globe. In particular, she will highlight the implications that the growth of IoT devices and "Bring your own device"-policies at companies have on data protection.
GDPR what you should know and how to minimize impact on your businessOlivier BARROT
The upcoming General Data Protection Regulation (GDPR) that will be applicable to all data of EU citizens starting May 2018 enforces new data privacy obligations on the management and the retention of personally identifiable information (PII) including data collection, retention, protection, modification and deletion processes.
Learn what are the impacts on your business and how to prepare with IBM solutions
Similar to Data breaches, privacy programs and what will change for processors (20)
Exove's CTO Kalle Varisvirta shares his insights on diversity in recruitment. Kalle has many years of experience in recruiting software developers. Exove is a company with a diverse & inclusive workforce – and we are very proud of it! Read more about us: exove.com.
Kalle was one of the speakers in the Agile Search HR meetup on 28 March and he gave this presentation there.
Mitä saavutettavuusdirektiivi pitää sisälläänExove
Mitä saavutettavuusdirektiivi pitää sisällään, Kimmo Sääskilahti, Annanpura
Kimmo Sääskilahden puheenvuoro Exoven seminaarissa "Saavutettavuus ja käytettävyys verkkopalveluissa" 15.2.2019
Life with digital services after GDPR by Kalle Varisvirta, Exove
Seminar Exove and Bird & Bird 26th April 2018: GDPR tulee - mitä tapahtuu h-hetken jälkeen
Exove Extends keynote on Dec 13th, 2017
Developing truly personalised experiences by Simon Chapman from Acquia
Acquia powers some of the world’s biggest and most well-known websites, delivering personalised content whatever the channel, location or device. We’ll take a deep dive into the technologies and components of the Acquia platform and explore traditional development methods versus headless or decoupled architectures. We’ll outline the benefits of using modern JS frameworks whilst delivering personalised experiences that capture your customers ‘in the moment’, which ultimately can be measured through analytics...and as your customer data grows, we’ll talk about how this ‘big data’ can be used to drive reporting, customer journeys and the ‘next best action’.
Adventures In Programmatic Branding – How To Design With Algorithms And How T...Exove
IxDA Helsinki x Exove meetup 19.10.2017
Adventures In Programmatic Branding – How To Design With Algorithms And How To Tame Metaballs?
by AKI-VILLE PÖYKIÖ
We created a fluid, ever-changing brand for Women in Tech, a diversity in technology movement kickstarted in Singapore. ED’s design director Aki-Ville Pöykiö tells the story and how we survived an algorithm gone rogue.
In 2020, the Ministry of Home Affairs established a committee led by Prof. (Dr.) Ranbir Singh, former Vice Chancellor of National Law University (NLU), Delhi. This committee was tasked with reviewing the three codes of criminal law. The primary objective of the committee was to propose comprehensive reforms to the country’s criminal laws in a manner that is both principled and effective.
The committee’s focus was on ensuring the safety and security of individuals, communities, and the nation as a whole. Throughout its deliberations, the committee aimed to uphold constitutional values such as justice, dignity, and the intrinsic value of each individual. Their goal was to recommend amendments to the criminal laws that align with these values and priorities.
Subsequently, in February, the committee successfully submitted its recommendations regarding amendments to the criminal law. These recommendations are intended to serve as a foundation for enhancing the current legal framework, promoting safety and security, and upholding the constitutional principles of justice, dignity, and the inherent worth of every individual.
Car Accident Injury Do I Have a Case....Knowyourright
Every year, thousands of Minnesotans are injured in car accidents. These injuries can be severe – even life-changing. Under Minnesota law, you can pursue compensation through a personal injury lawsuit.
ASHWINI KUMAR UPADHYAY v/s Union of India.pptxshweeta209
transfer of the P.I.L filed by lawyer Ashwini Kumar Upadhyay in Delhi High Court to Supreme Court.
on the issue of UNIFORM MARRIAGE AGE of men and women.
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptxOmGod1
Victims of crime have a range of rights designed to ensure their protection, support, and participation in the justice system. These rights include the right to be treated with dignity and respect, the right to be informed about the progress of their case, and the right to be heard during legal proceedings. Victims are entitled to protection from intimidation and harm, access to support services such as counseling and medical care, and the right to restitution from the offender. Additionally, many jurisdictions provide victims with the right to participate in parole hearings and the right to privacy to protect their personal information from public disclosure. These rights aim to acknowledge the impact of crime on victims and to provide them with the necessary resources and involvement in the judicial process.
PRECEDENT AS A SOURCE OF LAW (SAIF JAVED).pptxOmGod1
Precedent, or stare decisis, is a cornerstone of common law systems where past judicial decisions guide future cases, ensuring consistency and predictability in the legal system. Binding precedents from higher courts must be followed by lower courts, while persuasive precedents may influence but are not obligatory. This principle promotes fairness and efficiency, allowing for the evolution of the law as higher courts can overrule outdated decisions. Despite criticisms of rigidity and complexity, precedent ensures similar cases are treated alike, balancing stability with flexibility in judicial decision-making.
How to Obtain Permanent Residency in the NetherlandsBridgeWest.eu
You can rely on our assistance if you are ready to apply for permanent residency. Find out more at: https://immigration-netherlands.com/obtain-a-permanent-residence-permit-in-the-netherlands/.
Military Commissions details LtCol Thomas Jasper as Detailed Defense CounselThomas (Tom) Jasper
Military Commissions Trial Judiciary, Guantanamo Bay, Cuba. Notice of the Chief Defense Counsel's detailing of LtCol Thomas F. Jasper, Jr. USMC, as Detailed Defense Counsel for Abd Al Hadi Al-Iraqi on 6 August 2014 in the case of United States v. Hadi al Iraqi (10026)
DNA Testing in Civil and Criminal Matters.pptxpatrons legal
Get insights into DNA testing and its application in civil and criminal matters. Find out how it contributes to fair and accurate legal proceedings. For more information: https://www.patronslegal.com/criminal-litigation.html
WINDING UP of COMPANY, Modes of DissolutionKHURRAMWALI
Winding up, also known as liquidation, refers to the legal and financial process of dissolving a company. It involves ceasing operations, selling assets, settling debts, and ultimately removing the company from the official business registry.
Here's a breakdown of the key aspects of winding up:
Reasons for Winding Up:
Insolvency: This is the most common reason, where the company cannot pay its debts. Creditors may initiate a compulsory winding up to recover their dues.
Voluntary Closure: The owners may decide to close the company due to reasons like reaching business goals, facing losses, or merging with another company.
Deadlock: If shareholders or directors cannot agree on how to run the company, a court may order a winding up.
Types of Winding Up:
Voluntary Winding Up: This is initiated by the company's shareholders through a resolution passed by a majority vote. There are two main types:
Members' Voluntary Winding Up: The company is solvent (has enough assets to pay off its debts) and shareholders will receive any remaining assets after debts are settled.
Creditors' Voluntary Winding Up: The company is insolvent and creditors will be prioritized in receiving payment from the sale of assets.
Compulsory Winding Up: This is initiated by a court order, typically at the request of creditors, government agencies, or even by the company itself if it's insolvent.
Process of Winding Up:
Appointment of Liquidator: A qualified professional is appointed to oversee the winding-up process. They are responsible for selling assets, paying off debts, and distributing any remaining funds.
Cease Trading: The company stops its regular business operations.
Notification of Creditors: Creditors are informed about the winding up and invited to submit their claims.
Sale of Assets: The company's assets are sold to generate cash to pay off creditors.
Payment of Debts: Creditors are paid according to a set order of priority, with secured creditors receiving payment before unsecured creditors.
Distribution to Shareholders: If there are any remaining funds after all debts are settled, they are distributed to shareholders according to their ownership stake.
Dissolution: Once all claims are settled and distributions made, the company is officially dissolved and removed from the business register.
Impact of Winding Up:
Employees: Employees will likely lose their jobs during the winding-up process.
Creditors: Creditors may not recover their debts in full, especially if the company is insolvent.
Shareholders: Shareholders may not receive any payout if the company's debts exceed its assets.
Winding up is a complex legal and financial process that can have significant consequences for all parties involved. It's important to seek professional legal and financial advice when considering winding up a company.
4. New rights for individuals?
Page 4
Article What is it about New?
13/14 Transparency, right to be informed More details
15 Access to personal data Clarification, more detail
16 Rectification of inaccurate data Old
17 Right to be forgotten Not so new like you think
18 Right to restrict processing Clarification, more detail
20 Data portability New
21 Automated decision making More detail, larger scope
5. Page 5
Much ado about nothing?
1. Fines from authorities for the violation of rights
• 4%, i.e. higher level
2. Enforcement via private action, Article 79
• Also "non-material" damage is covered, Article 82
3. Can be delegated
• Consumer organizations will take care of it
Summary
• As such relatively small changes, modifications, clarifications
• Enforcement: Huge change
8. Page 8
Processor's new obligations
Assisting controllers
● Only act on the controller's documented instructions;
● Assisting the Controller for responding to requests from data subjects for:
access, rectification, suppression, limitation, objection, portability of data
● Return or delete personal data upon Controller's choice at the end of
services
● Assisting the controller to notify security breaches, implement DPIAs,
provide information
● Contribute to audits, including directly made by the Controller
● Mandatory contract clauses
Own responsibility
● List of technical and organizational measures
● Processor's staff must be bound by confidentiality obligations
● Compliance with international data transfers
9. Page 9
Key action items as a processor
Build your privacy program
● Hire a privacy officer where needed
● Define security measures, processes and
responsibilties
Indemnity and liability
● Push back on indemnities (strict liability)
● Push back on unlimited liability clauses, tie to
negligence
Define the lines of responsibilities
● Only process based on instructions and GDPR
11. Page 11
Article 33
In the case of a personal data breach,
the controller shall without undue delay
and, where feasible, not later than 72
hours after having become aware of it,
notify the personal data breach to the
supervisory authority […], unless the
personal data breach is unlikely to
result in a risk to the rights and
freedoms of natural persons.
12. What amounts to a ‘breach’ under the new
rules and to whom the regime applies?
Page 12
● Relevant provisions in the GDPR can be found in:
• Recitals: 73, 85-88
• Articles: 4, 33, 34, 66 and 83
● The regime applies to data controllers but indirectly also to
their processors
● The GDPR refers to "a breach of security leading to the
accidental or unlawful destruction, loss, alteration,
unauthorised disclosure of, or access to, personal data
transmitted, stored or otherwise processed"
● It’s important to note that the wilful destruction or alteration of
data is as much a breach as theft
13. Practical scenarios for your organisation to
consider
Page 13
Breach?
Four laptops containing 5,000 employee records are stolen from
the HR department…
A flash drive containing 5,000 customer records is forgotten in a
bus and never retrieved. There is no evidence that customer
records were compromised.
An employee has given to a third party the login and password
for an account with global access read only right to the client
database. Logs evidence use of the account by this third party.
A rogue employee supresses all contact details provided in the
consumer records of his organisation before resigning.
14. Bird & Bird is an international legal practice comprising Bird & Bird LLP and its affiliated and associated businesses.
Bird & Bird LLP is a limited liability partnership, registered in England and Wales with registered number OC340318 and is authorised and regulated by the
Solicitors Regulation Authority. Its registered office and principal place of business is at 12 New Fetter Lane, London EC4A 1JP. A list of members of Bird & Bird
LLP and of any non-members who are designated as partners, and of their respective professional qualifications, is open to inspection at that address.
twobirds.com
Thank you
15. Page 15
Demonstrate compliance with the GDPR's principles
● Implement appropriate security policies and measures
● Privacy impact assessment and prior consultation (when applicable)
● Adopt certain "data protection by design" measures
● Record of all processing activities
● Undertake audits
● Adherence to approved codes of conduct and certifications
● Implement Privacy Policies
● Appropriate staffing (e.g. data protection officer)
● Staff training programs
General obligations
16. Page 16
Work on your privacy program
● Audit your privacy practices (use self-assessments
and interviews)
● Start designing governance and risk management
elements first
● Decide which IT-systems need to be improved to
close gaps (e.g. consumer dash-board)
● Improve privacy processes like subcontractor
management, data subject access, partnering
Key action items for general compliance
17. Page 17
Transparency
● General privacy policy must mention specific information, such as
legal basis, data retention, contact details of DP officer etc.
● Specific notices where needed, e.g. information about the right to
withdraw consent
Legitimacy of processing
● Most data processing is *not* based on consent!
● Performance of a contract or legitimate interest (e.g. Marketing to
employees of corporate subscribers)
● Where consent is the only option, systems must be ready for
withdrawal of consent
Honouring data subject rights
● Access, rectification, limitation, objection, portability of data
● If acting as a processor, Exove must assist the controller fulfilling
those rights
Obligations towards data subjects
(for example: corporate subscribers and consumers)
18. Page 18
Define reason for processing for each major process
● Legitimate interest, consent or contract?
Review privacy notices
● Follow list in Articles 13/14 GDPR
Design access and deletion process of data subjects
● This includes appropriate IT systems and training of staff
● Draft/update template responses
Key action items: compliance towards data
subjects
19. Page 19
Managing processors
● Review and update all data processing agreements
● Instruct processors and follow up (audit)
Accountability
● Keep records of all processing activities
● Appointment of DPO (if applicable)
● Map data transfer and compliance
● Staff training programs and collection of metrics
General obligations
● Implement appropriate technical and organizational security
measures (incl. policies)
● Privacy by design and default
● Reply to data subject requests
Obligations as a controller
20. Page 20
Cover your own base (=> see also above
● Look for certification on technical and organizational matters
● Follow guidance of authorities
Insist of DPA covering a minimum amount of rules on
● Type/categories of PD processed, purpose, duration
● Appropriate tech and org measures e.g. encryption &
pseudonymisation
● Breach notification assistance
● Permit and "contribute" to compliance audits
● Sub-contracting flow down commitments
Provide instructions to the processor
● Best done via policies/standards that are regularly updated +
statement of works
Key action items as a controller
22. Page 22
Lawfulness of processing
Processing only lawful if:
● Data subject has given consent
● Necessary for the performance of contract or to take steps prior
to entering into a contract
● Necessary to protect vital interests of data subject
● Necessary for legitimate interests of controller or 3rd party
MS are allowed to
maintain or introduce
national provisions to
further specify the
application of these rules
(Recital 8)
● Necessary for compliance with legal
obligation to which the controller is subject
● Necessary for task carried out in the public
interest or exercise of official authority
23. Page 23
Consent strengthened under GDPR
NEW
● Consent must be
• actively given
• separable from other written agreements
• clearly presented
• as easily revoked as given
● Additional requirements include an effective prohibition on
"bundled" consents and the offering of services which are
contingent on consent to processing
● Where consent is relied on controllers should be able to
demonstrate that consent was given by the data subject to the
processing
25. Page 25
Lawfulness of processing (4)
Legitimate interests
Article 7(f) DPD Article 6(1)(f) GDPR
processing is necessary for the
purposes of the legitimate interests
pursued by the controller or by the
third party or parties to whom the data
are disclosed, except where such
interests are overridden by the
interests for fundamental rights and
freedoms of the data subject which
require protection under Article 1 (1).
processing is necessary for the purposes of the
legitimate interests pursued by the controller or
by a third party, except where such interests are
overridden by the interests or fundamental rights
and freedoms of the data subject which require
protection of personal data, in particular where
the data subject is a child. This shall not apply to
processing carried out by public authorities in the
performance of their tasks.
Consent becomes rather
difficult to achieve &
demonstrate
Other grounds for
processingrelativelynarrow
Legitimate interests likely to
become one of the most
important grounds
26. Page 26
Legitimate interests
● NEW Controllers that rely on "legitimate
interests" should maintain a record of the
assessment to demonstrate that they have
given proper consideration to the rights and
freedoms of data subjects
● NEW When relying on "legitimate interests":
must be set out in the information notices
● Recommendation: perform risk assessment
and documentation
Examples
● Processing for direct marketing
purposes or preventing fraud
● Transmission of personal data
within a group of undertakings for
internal administrative purposes,
including client and employee data
● Processing for the purposes of
ensuring network and information
security, including preventing
unauthorised access to e-
communications networks and
stopping damage to computer and
e-communication systems
● Reporting possible criminal acts or
threats to public security to a
competent authority