This document provides a summary of a presentation on data protection law and the proposed EU Data Protection Regulation. Key points from the proposed regulation discussed include expanded definitions of personal data, the requirement for explicit consent, the right to be forgotten, increased accountability and security breach notification requirements, more sanctions for non-compliance, and the direct coverage of data processors. Impacts on practices like profiling, use of IP addresses and cookies, and responding to access requests are also covered. The presentation provides timelines for the regulation and discusses lobbying efforts regarding the proposals.
Presentation on GDPR which is not technical, nor product specific, focusing on manufacturing industry and providing a non expert view on what the regulation is all about.
Targeted to Senior Management who has a direct responsibility on the treatment (direct or indirect) of personal data.
EU General Data Protection: Implications for Smart Meteringnuances
This presentation provides the reader with an insight into the politics of EU Data protection as well as an overview of the key stakeholders. We focus on the implication for the smart metering industry.
General Data Protection Regulation for OpsKamil Rextin
A brief on GDPR & Hubspot for Marketing & Marketing Ops.
This PPT provides a brief background on GDPR & how to implement GDPR compliance with Hubspot , Facebook & Google Analytics
Presentation on GDPR which is not technical, nor product specific, focusing on manufacturing industry and providing a non expert view on what the regulation is all about.
Targeted to Senior Management who has a direct responsibility on the treatment (direct or indirect) of personal data.
EU General Data Protection: Implications for Smart Meteringnuances
This presentation provides the reader with an insight into the politics of EU Data protection as well as an overview of the key stakeholders. We focus on the implication for the smart metering industry.
General Data Protection Regulation for OpsKamil Rextin
A brief on GDPR & Hubspot for Marketing & Marketing Ops.
This PPT provides a brief background on GDPR & how to implement GDPR compliance with Hubspot , Facebook & Google Analytics
Be careful what you wish for! How the GDPR even now it has been finalised may not solve the key problems of rthe tech community of what is personal data and what is anonymised/pseudonymous.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
This GDPR primer highlights key aspects of the new EU regulation regarding the protection of EU citizens data. It also presents a basic approach and key activities for GDPR preparedness. Useful as a discussion starter with senior management.
GDPR will replace national data protection laws of all 28 EU member states in May 2018 and is applying to any organization that processes data of EU data subjects.
GDPR and evolving international privacy regulationsUlf Mattsson
Convergence of data privacy principles, standards and regulations
General Data Protection Regulation (GDPR)
GDPR and California Consumer Privacy Act (CCPA)
What role does technologies play in compliance
Use Cases
The EU Data Protection Regulation - what you need to knowSophos Benelux
De komende EU Data Beschermingsregulering vraagt van organisaties wereldwijd dat zij de data beveiligen die zij beheren en bezitten van Europese burgers. Het is algemeen aanvaard dat encryptie de beste methode is om te voldoen aan deze nieuwe regulering. Wanneer een lek ontstaat en u kunt aantonen dat alle persoonlijke data was versleuteld, verkleint de kans aanzienlijk dat u vanuit de EU een boete ontvangt.
Veel organisaties hebben geen idee wat deze nieuwe regulering inhoudt of hoe zij zich moeten voorbereiden op deze nieuwe regels. Behoort uw organisatie ook tot deze groep?
Look Before You Leap: Unauthorized Practice of the Law, Supervision of Non-La...Kevin O'Shea
Together with my (future) partner, Peter Imse, these are the slides for our June 2011 CLE presented in conjunction with the First American Title Insurance Company. The topics in these slides were revisited in my June 2014 presentation (Avoiding Technical Fouls:Selected Ethical Issues in Advertising, Social Media, and Cloud Computing). Nevertheless, there is some interesting data in this presentation that does not appear in my June 2014 slides.
If the UK leaves the EU and EEA, will it be "adequate" for data transfers from the EU? Evidemnce suggests not, especially following the passing of the IP Act and the Tele2/Watson CJEU decision.
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...TrustArc
We outline the proposed changes in the EU General Data Protection Regulation (GDPR) and its effect on the privacy of US-EU Data transfers.
Access the complete webinar on how the EU GDPR will affect your business https://info.truste.com/lp/truste/On-Demand-Webinar-Reg-Page.html?asset=J68IQUDK-565
Be careful what you wish for: the great Data Protection law reform - Lilian E...IISPEastMids
At our Spring East Midlands Cyber Security event on the Impact of the General Data Protection Regulation, Lilian Edwards looked at the basics on what you need to know about the new regulation.
http://qonex.com/east-midlands-cyber-security-forum/
Be careful what you wish for! How the GDPR even now it has been finalised may not solve the key problems of rthe tech community of what is personal data and what is anonymised/pseudonymous.
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
This GDPR primer highlights key aspects of the new EU regulation regarding the protection of EU citizens data. It also presents a basic approach and key activities for GDPR preparedness. Useful as a discussion starter with senior management.
GDPR will replace national data protection laws of all 28 EU member states in May 2018 and is applying to any organization that processes data of EU data subjects.
GDPR and evolving international privacy regulationsUlf Mattsson
Convergence of data privacy principles, standards and regulations
General Data Protection Regulation (GDPR)
GDPR and California Consumer Privacy Act (CCPA)
What role does technologies play in compliance
Use Cases
The EU Data Protection Regulation - what you need to knowSophos Benelux
De komende EU Data Beschermingsregulering vraagt van organisaties wereldwijd dat zij de data beveiligen die zij beheren en bezitten van Europese burgers. Het is algemeen aanvaard dat encryptie de beste methode is om te voldoen aan deze nieuwe regulering. Wanneer een lek ontstaat en u kunt aantonen dat alle persoonlijke data was versleuteld, verkleint de kans aanzienlijk dat u vanuit de EU een boete ontvangt.
Veel organisaties hebben geen idee wat deze nieuwe regulering inhoudt of hoe zij zich moeten voorbereiden op deze nieuwe regels. Behoort uw organisatie ook tot deze groep?
Look Before You Leap: Unauthorized Practice of the Law, Supervision of Non-La...Kevin O'Shea
Together with my (future) partner, Peter Imse, these are the slides for our June 2011 CLE presented in conjunction with the First American Title Insurance Company. The topics in these slides were revisited in my June 2014 presentation (Avoiding Technical Fouls:Selected Ethical Issues in Advertising, Social Media, and Cloud Computing). Nevertheless, there is some interesting data in this presentation that does not appear in my June 2014 slides.
If the UK leaves the EU and EEA, will it be "adequate" for data transfers from the EU? Evidemnce suggests not, especially following the passing of the IP Act and the Tele2/Watson CJEU decision.
What does the Proposed EU General Data Protection Regulation (GDPR) mean for ...TrustArc
We outline the proposed changes in the EU General Data Protection Regulation (GDPR) and its effect on the privacy of US-EU Data transfers.
Access the complete webinar on how the EU GDPR will affect your business https://info.truste.com/lp/truste/On-Demand-Webinar-Reg-Page.html?asset=J68IQUDK-565
Be careful what you wish for: the great Data Protection law reform - Lilian E...IISPEastMids
At our Spring East Midlands Cyber Security event on the Impact of the General Data Protection Regulation, Lilian Edwards looked at the basics on what you need to know about the new regulation.
http://qonex.com/east-midlands-cyber-security-forum/
Data Protection and the Cloud (Part 2) by Brian Miller Solicitor and Vicki Bo...Brian Miller, Solicitor
In a more detailed look at data protection, Vicki Bowles takes a look at the new draft EU Data Protection Regulation, disclosure and BYOD (Bring Your Own Device).
Brian Miller then covers ISO certification, how to check whether your vendor’s systems are secure, how US Safe Harbor worked in practice, how it will do so with the new Privacy Shield and the various certification/accreditation systems for cloud computing vendors.
GDPR – what does it mean for charities and what you need to consider - Iain P...m-hance
The General Data Protection Regulation (GDPR) is a regulation by which the European Parliament, The European Council and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). EU members have until May 2018 to ensure that they are fully compliant with the new regulation. Regardless of Brexit, organisations in the UK that collect and use personal data will need to comply. In this slide deck Iain gives an overview of GDPR, what the requirements mean for charities and what charities need to consider to be compliant
Everything you need to know about the GDPRSpoon London
The frequency of data-related incidents could change with the impending General Data Protection Regulation (GDPR) – the EU’s law that comes into effect in May. The major update to the previous EU data protection law aims to regulate the use and treatment of an individual’s personal data.
A new regulation means organisations that use data will need to be more careful and explicit with gaining consent. After May, companies that maintain poor data protection practices will not only be breaking the law, but could face a hefty €20 million fine or four per cent of a company’s annual turnover.
Needless to say, the GDPR is a pretty big deal with even bigger consequences. Still, no need to panic. Here's everything you need to know about the GDPR.
Social business software is all about sharing content and data in a “collaborative” way to identify internal or external experts. Most of these data must be considered as personal data which is related to an individual person.
Implementing social business technologies in enterprises often leads to discussion with data protection supervisors how to be compliant with EU data protection law. This discussion gets even more challenging if you consider using social business applications in “the cloud” which might the only choice in the near future due IBMs “Cloud First” or Microsoft’s “Cloud only” delivery model.
This session will give you an overview
- about EU data protection regulations
- its implications for using social business systems
- special considerations for using cloud based social business systems
Discussion of the main elements of the draft Data Protection Regulation: what difference will it make to industry practice and user rights to control their data?
Data Protection Rules are Changing: What Can You Do to Prepare?Lumension
The European Union’s proposed new data protection regulation aims to update Europe’s data protection laws and to provide a more consistent data protection framework across the Continent.
But the new regulation, which replaces the EU’s existing data protection directive and member states’ data protection laws, will put some new demands on organisations holding personal data. Breach disclosure and “the right to be forgotten” will force businesses to update their data protection and retention policies.
This presentation will:
- Review the current EU laws, and contrast them with laws in other parts of the world;
- Examine the arguments for strengthening data protection in Europe, and the likely outcomes;
- Look at what security teams should already be doing to put themselves ahead of legislative changes;
- Outline strategies and technologies organisations need to meet current and future data protection requirements
- Help infosecurity teams to explain the changes – and their consequences – to their boards
Getting to grips with General Data Protection Regulation (GDPR)Zoodikers
Leading employment lawyer Pam Loch, and digital expert Katie King share their advice on how to get to grips with the topic of the moment - GDPR.
They look at who is liable, the impact of Brexit, how it affects marketing and what steps you can take to prepare.
All You Need To Know About Data Law Changes in 2018The Drum
With the introduction of the General Data Protection Regulation, everything changes for digital media. The reason? GDPR applies to cookies, IP addresses, tags, digital finger printing - in fact, anything that tracks individuals and is used to make decisions or analyse behaviour. So how do you get fit and not get into a fight with the regulator?
GDPR clinic - A strategic approach for compliance with the European General Data Protection regulation
Paolo Balboni Ph.D. - Founding Partner at ICT Legal Consulting & President of the European Privacy Association
Nicola Franchetto LL.M. - Associate at ICT Legal Consulting &
Fellow of the European Privacy Association
Slides from my CIO Summit talk on the impact of EU General Data Protection Regulations.
Quick take away: GDPR is not a technology challenge as such, there is no single piece of software to meet its requirements. It is more about people and your organisations processes.
IT alone will not successfully achieve compliance. The regulation promotes good information management. If the opportunity is take it is a great opportunity to engage with different parts of business such as marketing.
Ipswitch and cordery on the road " All you need to know about GDPR but are t...Sébastien Roques
In October we organised an event in Amsterdam with our partner Scos and Jonathan Armstrong where we covered the changes on GDPR and challenges ahead for businesses.
The new EU-US Privacy Shield, covering transatlantic exchanges of personal data for commercial purposes, went into effect in July 2016. Although this is a critical issue, many companies are not aware of the implications it has for them. What steps do companies need to take when transferring data from Europe to the US?
Similar to DMA Legal update winter 2013 - 17 december (20)
What is digital marketing And why is it used?125albina
Digital marketing refers to the use of digital channels, platforms, and technologies to promote products, services, or brands to a target audience. It encompasses a wide range of activities, including search engine optimization (SEO), social media marketing, email marketing, content marketing, pay-per-click (PPC) advertising, and more. The primary goal of digital marketing is to connect with potential customers where they spend much of their time: online. My Website: https://dev-topdigitalmarketingagency.pantheonsite.io/
Exploring the Top Digital Marketing Company in CanadaSolomo Media
Choosing Solomo Media as your digital marketing company in Canada can propel your business to new heights. With their expertise, innovative solutions, and client-centric approach, they are well-equipped to help you achieve your digital marketing goals. By focusing on strategic planning, leveraging cutting-edge tools, and delivering measurable results, Solomo Media proves to be a valuable partner in navigating the complex world of digital marketing.
First Things First: Building and Effective Marketing Strategy
Too many companies (and marketers) jump straight into activation planning without formalizing a marketing strategy. It may seem tedious, but analyzing the mindset of your targeted audiences and identifying the messaging points most likely to resonate with them is time well spent. That process is also a great opportunity for marketers to collaborate with sales leaders and account managers on a galvanized go-to-market approach. I’ll walk you through the methods and tools we use with our clients to ensure campaign success.
Key Takeaways:
-Recognize the critical role of strategy in marketing
-Learn our approach for building an actionable, effective marketing strategy
-Receive templates and guides for developing a marketing strategy
Checkout Abandonment - CRO School by Mailmodosaba771143
Fear of abandonment’ means a whole different thing in eCommerce.
Because the loss is tangible. And felt right in your pocket.
But that also means there are real things you could fix.
One of the final stages of shopping abandonment occurs is the checkout page.
Which means it impacts your bottom line directly.
So here’s a rundown of:
→ Reasons shoppers abandon the checkout process
→ How other brands cope with these issues
→ Actionables to fix your checkout flow
Do it right, and you’ll feel the change in your revenue.
This is a part of our CRO School series - to help you fix the revenue leaks in your eCommerce store.
Sign up for CRO School and get these insights right in your inbox
(Visit the link to enroll ->https://www.mailmodo.com/cro-school/?utm_source=cro-school&utm_medium=slideshare )
#ecommerce
#cro
#cart
#abandonement
#checkout
#email
#course
#conversion
Videos are more engaging, more memorable, and more popular than any other type of content out there. That’s why it’s estimated that 82% of consumer traffic will come from videos by 2025.
And with videos evolving from landscape to portrait and experts promoting shorter clips, one thing remains constant – our brains LOVE videos.
So is there science behind what makes people absolutely irresistible on camera?
The answer: definitely yes.
In this jam-packed session with Stephanie Garcia, you’ll get your hands on a steal-worthy guide that uncovers the art and science to being irresistible on camera. From body language to words that convert, she’ll show you how to captivate on command so that viewers are excited and ready to take action.
How to Use AI to Write a High-Quality Article that Ranksminatamang0021
In the world of content creation, many AI bloggers have drifted away from their original vision, resulting in low-quality articles that search engines overlook. Don't let that happen to you! Join us to discover how to leverage AI tools effectively to craft high-quality content that not only captures your audience's attention but also ranks well on search engines.
Disclaimer: Some of the prompts mentioned here are the examples of Matt Diggity. Please use it as reference and make your own custom prompts.
SEO as the Backbone of Digital MarketingFelipe Bazon
In this talk Felipe Bazon will share how him and his team at Hedgehog Digital share our journey of making C-Levels alike, specially CMOS realize that SEO is the backbone of digital marketing by showing how SEO can contribute to brand awareness, reputation and authority and above all how to use SEO to create more robust global marketing strategies.
janani Digital Marketer|Digital Marketing consultant|Marketing Promotion|Coim...janudm24
Myself Janani Digital marketing consultant located in coimbatore I offer all kinds of digital marketing services for your business requirements such as SEO SMO SMM SMO CAMPAIGNS content writing web design for all your business needs with affordable cost
Digital Marketing Services | Techvolt Software :
Digital Marketing is a latest method of Marketing techniques widely used across the Globe. Digital Marketing is an online marketing technique and methods used for all products and services through Search Engine and Social media advertisements. Previously the marketing techniques were used without using the internet via direct and indirect marketing strategies such as advertising through Telemarketing,Newspapers,Televisions,Posters etc.
List of Services offered in Digital Marketing |Techvolt Software :
Techvolt Software offers best Digital Marketing services for promoting your products and services through online platform on the below methods of Digital marketing
1. Search Engine Optimization (SEO)
2. Search Engine Marketing (SEM)
3. Social Media Optimization (SMO)
4. Social Media Marketing (SMM)
5. Campaigns
Importance | Need of Digital Marketing (Online Promotions) :
1. Quick Promotions through Online
2. Generation of More leads and Business Enquiries via Search Engine and Social Media Platform
3. Latest Technology development vs Business promotions
4. Creation of Social Branding
5. Promotion with less investment
Benefits Digital Marketing Services at Techvolt software :
1. Services offered with Affordable cost
2. Free Content writing
3. Free Dynamic Website design*
4. Best combo offers on website Hosting,design along with digital marketing services
5. Assured Lead Generation through Search Engine and Social Media
6. Online Maintenance Support
Free Website + Digital Marketing Services
Techvolt Software offers Free website design for all customer and clients who is availing the digital marketing services for a minimum period of 6 months.
With Regards
Janani Digital Marketer
Coimbatore,Tamilnadu.
Google Ads Vs Social Media Ads-A comparative analysisakashrawdot
Explore the differences, advantages, and strategies of using Google Ads vs Social Media Ads for online advertising. This presentation will provide insights into how each platform operates, their unique features, and how they can be leveraged to achieve marketing goals.
The Secret to Engaging Modern Consumers: Journey Mapping and Personalization
In today's digital landscape, understanding the customer's journey and delivering personalized experiences are paramount. This masterclass delves into the art of consumer journey mapping, a powerful technique that visualizes the entire customer experience across touchpoints. Attendees will learn how to create detailed journey maps, identify pain points, and uncover opportunities for optimization. The presentation also explores personalization strategies that leverage data and technology to tailor content, products, and experiences to individual customers. From real-time personalization to predictive analytics, attendees will gain insights into cutting-edge approaches that drive engagement and loyalty.
Key Takeaways:
Current consumer landscape; Steps to mapping an effective consumer journey; Understanding the value of personalization; Integrating mapping and personalization for success; Brands that are getting It right!; Best Practices; Future Trends
The digital marketing industry is changing faster than ever and those who don’t adapt with the times are losing market share. Where should marketers be focusing their efforts? What strategies are the experts seeing get the best results? Get up-to-speed with the latest industry insights, trends and predictions for the future in this panel discussion with some leading digital marketing experts.
What’s “In” and “Out” for ABM in 2024: Plays That Help You Grow and Ones to L...Demandbase
Delve into essential ABM ‘plays' that propel success while identifying and leaving behind tactics that no longer yield results. Led by ABM Experts, Jon Barcellos, Head of Solutions at Postal and Tom Keefe, Principal GTM Expert at Demandbase.
Gokila digital marketing| consultant| Coimbatoredmgokila
Myself Gokila digital marketing consultant located in Coimbatore other various types of digital marketing services such as SEM
SEO SMO SMM CAMPAIGNS content writing web design for all your business needs with affordable cost
Digital Marketing Services | Techvolt Software :
Digital Marketing is a latest method of Marketing techniques widely used across the Globe. Digital Marketing is an online marketing technique and methods used for all products and services through Search Engine and Social media advertisements. Previously the marketing techniques were used without using the internet via direct and indirect marketing strategies such as advertising through Telemarketing,Newspapers,Televisions,Posters etc.
List of Services offered in Digital Marketing |Techvolt Software :
Techvolt Software offers best Digital Marketing services for promoting your products and services through online platform on the below methods of Digital marketing
1. Search Engine Optimization (SEO)
2. Search Engine Marketing (SEM)
3. Social Media Optimization (SMO)
4. Social Media Marketing (SMM)
5. Campaigns
Importance | Need of Digital Marketing (Online Promotions) :
1. Quick Promotions through Online
2. Generation of More leads and Business Enquiries via Search Engine and Social Media Platform
3. Latest Technology development vs Business promotions
4. Creation of Social Branding
5. Promotion with less investment
Benefits Digital Marketing Services at Techvolt software :
1. Services offered with Affordable cost
2. Free Content writing
3. Free Dynamic Website design*
4. Best combo offers on website Hosting,design along with digital marketing services
5. Assured Lead Generation through Search Engine and Social Media
6. Online Maintenance Support
Free Website + Digital Marketing Services
Techvolt Software offers Free website design for all customer and clients who is availing the digital marketing services for a minimum period of 6 months.
With Regards
Gokila digital marketer
Coimbatore
Mastering Dynamic Web Designing A Comprehensive Guide.pdfIbrandizer
Dynamic Web Designing involves creating interactive and adaptable web pages that respond to user input and change dynamically, enhancing user experience with real-time data, animations, and personalized content tailored to individual preferences.
The digital marketing industry is changing faster than ever and those who don’t adapt with the times are losing market share. Where should marketers be focusing their efforts? What strategies are the experts seeing get the best results? Get up-to-speed with the latest industry insights, trends and predictions for the future in this panel discussion with some leading digital marketing experts.
As the call for for skilled experts continues to develop, investing in quality education and education from a reputable https://www.safalta.com/online-digital-marketing/best-digital-marketing-institute-in-noida Digital advertising institute in Noida can lead to a a success career on this eve
1. Data protection 2013
DMA Legal update: winter 2013
Tuesday 17 December
#dmalegal 8 February
Friday
#dmadata
Supported by
2. Agenda
8.30am - Registration and breakfast
9.00am - Welcome
9.05am - Data Protection Regulation
The current position, potential changes and the impact on the industry
Caroline Roberts, Director of Public Affairs, DMA
James Milligan, Solicitor, DMA
9.55am - Questions
10.05am - Round up
Consumer rights bill and consumer rights directive
Janine Paterson, Solicitor, DMA
10.35am - Questions
11.00am - Close
3. EU Draft Data
Protection Regulation
The current position, potential
changes and the impact on the
industry
Caroline Roberts, Director of Public Affairs, DMA
James Milligan, Solicitor, DMA
3
4. Impact of the new Data Protection
Regulation – Why now?
• Data Protection Directive 95/46/EC ("Directive") (implemented
in UK by 1998 Data Protection Act) showing its age
• New technologies and more complex information networks
• Lack of common European law and differences in national
implementation
• Consumer concern over privacy
• Data protection now a fundamental right under EU Charter of
Fundamental Rights
4
4
5. EU data protection reform
timeline
• Jan 2012 -first draft Data Protection Regulation ("DPR")
• December 2012-amendments suggested by the
Rapporteur of EC Committee on Civil Liberties, Justice and
Home Affairs ("LIBE Report")
• February – May 2013 – Reported that 4000 amendments
tabled
• May 2013- partial "compromise" draft from Justice and
Home Affairs Ministers ( "CD" )
• October 2013 -LIBE voted on amendments
• October 2013 – Heads of Government meeting
• December 2013 – Inconclusive Justice and Home Affairs
Ministers meeting
5
5
6. EU data protection reform
timeline
• Jan- ?? 2014 Civil servants working group meetings
continue
• Mar 2014 Next Justice and Home Affairs Ministers meeting
• April 2014 All MEPs vote on LIBE report
• June 2014 European Parliament elections
• ?? Sept – Dec 2014 3 way negotiations (trilogue) between
European Commission, Justice and Home Affairs Ministers
and European Parliament
• ?? Dec 2014 Regulation is passed in Brussels
• ?? Dec 2016 Deadline for implementing new Regulation
into UK law.
6
6
7. Changes proposed by the European
Parliament to the draft Data Protection
Regulation (LIBE Report)
• LIBE report adopted in Oct 2013
• Proposes a number of changes to European Commission
original text
• Majority of changes favour consumer rather than businesses
7
7
7
8. The "compromise draft" agreed by
EU Justice Ministers 31 May 2013
• "More business friendly" compromise draft ("CD") is only
partial: Chapters I-IV
• More changes to Chapters I-IV may be needed once the
remainder has been updated
• Regulation or Directive? – wording proposed allows for
Regulation to be transformed into a Directive (supported by
8 member states)
• CD already criticised by Commissioner Reding, France and
Germany as a backward step
• Ministers currently getting bogged down on one stop shop
8
8
9. Headline proposed changes
•
•
•
•
•
•
•
Expanded definitions: “personal data” and “data subject”
Explicit consent required
Right to be forgotten
Greater emphasis on accountability
Notification of data security breaches
More onerous sanctions for breach
Data processors directly covered
9
10. Consent
Consent: Current Position Consent: Proposed Position
- Freely given, specific,
-Freely given, specific, informed and
informed indication of the explicit indication of data subject’s
data subject’s wishes
wishes
- Explicit consent required -Given either by a statement or a
for sensitive personal data clear affirmative action
only
- Data controller / data subject
relationship to be taken into
account
- Burden of proof on controller to
demonstrate consent
10
11. Introduction of opt-in/explicit consent
•
•
•
•
Review language used at point of data collection to ensure
that consent is explicit /opt-in
Do people understand what they are agreeing to? – nation
of liars
Think about how you will update legacy databases
Children – consent wording for under 13’s if offering them
an information society service
11
12. Key points in the draft Regulation
IP addresses and cookies
•
•
•
•
•
Definition of personal data extended so could cover some
IP addresses and cookies as “online identifiers”
But IP addresses identify a device not an individual + some
IPs are general
Huge implications for digital marketers
Web analytics & profiling made much more difficult, if not
impossible
Interaction with new cookie rules problematic
12
13. IP addresses and cookies
•
•
Think about how you will deal with extension to Include
location data, IP addresses, cookies, online identifiers
Pseudonymous/annonymous data – will you be able to
take advantage of exceptions?
13
14. Key points in the draft Regulation
The right to be forgotten
•
•
•
•
•
Right for individuals to request organisations to delete any
information held on them
Drafted with social media in mind – but goes beyond this
Problem of information that has already been passed on to
third parties
Possibility of misleading consumers by raising unrealistic
expectations
Changes to current text likely
14
15. The right to be forgotten
•
•
•
Prepare to respond to requests
Deletion/ suppression
Other legal requirements to keep information e.g.
accounting, tax, money-laundering
15
16. Key points in the draft Regulation
Data Breach notification
•
•
•
•
•
Any data security breach to be notified to ICO and the
individuals concerned within 24 hours
Report to cover:
• nature of breach
• number of data subjects
• categories of data
• proposed mitigation
Not always obvious if there has been a breach or how
extensive it is
Problem of notification fatigue
No threshold level specified
16
17. Data security breach notification
•
•
•
Introduce breach notification detection procedures
Think about how you will notify data protection authorities
and affected individuals within whatever timescale is
agreed
Develop/review your data breach response plan
17
18. Key points in the draft Regulation
Subject Access Requests (SARs)
• Data subjects to be able to request full information on data
held on them free of any charge
• Currently can levy a £10 fee – doesn’t cover cost but deters
time-wasters, frivolous or vexatious requests
• Costs organisations £50 million p.a. now to meet SARs
• Proposal that can provide data in electronic form if data
subject agrees to this
• Particular problem for financial services with mis-selling
issues and claims management firms
18
19. Subject Access Rights
• New Regulation may lead to increased public awareness of
rights e.g., right to request information ( Data Subject Access
Requests, Right to be forgotten)
• Plan ahead for increase in queries from clients/public
• Training for client/customer service teams
• Amend wording on privacy policies/data collection notices to
take account of new rules on profiling.
19
20. Key points in the draft Regulation
Compliance obligations
• Data protection obligations now shared between agencies and
clients, for example if holding client’s database
• Privacy by Design/Privacy by Default
• Appointment of DP officer (250+ employees)
• 2 year appointment
• Independent reporting to board
• Information and training
• Maintenance of documentation
• Data protection impact reports
•
International transfers of data outside EEA – law would
apply to any processing of data or EU citizens
20
21. Compliance obligations
• Review amount of data being processed, erasure policies
and data retention policies
• Requirement to demonstrate compliance will mean more
documentation in respect of policies and procedures
• Contact centres, mailing houses, email/SMS broadcasters
will also be subject to these new obligations, especially in
respect of data security
• Review staff training in data protection.
• Appointment of a data protection officer?
• Risk- based approach to compliance and data protection
impact assessments
21
22. Key points in the draft Regulation
Proposed enhanced sanctions
• Up to €500k or 1% annual worldwide turnover intentional or
negligent failure to respond to subject access requests in
accordance with Regulation
• Up to €1m or 2% of annual worldwide turnover for other
compliance failures
• Depends on:• size of organisation involved
• nature and gravity of breach
• whether intentional or negligent
• technical and organisational measures
• previous breaches
• co-operation with ICO
22
23. Enhanced sanctions/fines
• Watch out if you get it wrong!
• Increase focus on compliance – board level issue
• Review internal policies and procedures
23
24. Key Points in the draft Regulation
Delegated Acts
• Many details to be implemented through additional delegated
legislation – some 45 Delegated Acts mentioned.
• Details will not be clear until Regulation is passed
• These areas of secondary legislation will include:
• powers to specify further procedures
• technical standards for Privacy by Design/Default
• specification of lawful processing condition
• additional responsibilities for national data protection
authorities; etc.
• European Commission taking significant powers to itself away
from the national authorities - raises serious issues of
subsidiarity and accountability
• National governments and Data Protection Authorities are
concerned
24
25. Key Points in the draft Regulation
Cross – border issues
• Main establishment/ one- stop shop provisions
• Think about which country’s national data protection
authority will be lead regulator
• Possibility of changing country where head office is located
• Review arrangements for transfers of data outside EEA (28
Member States of EU + Iceland ,Liechtenstein, Norway)
• Global group – application to EU citizens’ personal data.
25
26. Impact on direct marketing
•
•
•
•
•
Existing databases may not be usable: could decimate
prospect lists. Legacy data?
No tracking data, profiling or segmentation without explicit
consent – less targeted and more generic communication?
List broking severely restricted
New information requirements and rights of the data
subject, e.g Right to be Forgotten
Increased costs - £76,000 per business to comply +
possible £47 billion of lost sales in UK
26
27. Draft Regulation - DMA View
• DMA welcomes the Commission’s aim to reduce red tape
and simplify bureaucracy – but proposals do not achieve
that: overly strict, bureaucratic and unworkable
• Needs to be a fair balance between privacy and
legitimate business interests
• Current proposals will stifle innovation, add considerably
to business costs and place unnecessary obstacles to ecommerce jobs growth
• Will be particularly harmful to SMEs – MoJ says
demonstrating compliance will cost £10m p.a.
• Hard to say how Commission’s estimate of 2.3 billion
euro saving to businesses was calculated
27
28. Ministry of Justice
• Disagrees with Commission’s 2.3bn Euro savings – burdens
imposed will far outweigh net benefits: in UK cost @ £100360 million
• Many unintended consequences, esp for SMEs
• Changes to consent, profiling & definition of personal data
particularly costly to industry
• Likely knock-on effects for growth in technological sector and
internet economy
• Regulatory Impact Assessment quotes DMA’s figures &
examples
• Impact on behavioural advertising
• Creates unrealistic expectations for consumers – R2BF
proposal is “unworkable”
28
29. Key lobbying messages
• Data is essential for economic growth
• UK has leading role in EU digital economy
• SMEs particularly affected
• Transparent and responsible use of data is a vital business
practice
• In industry’s interests to handle data with care
• Self-regulation has valid role to play
• Regulation will not stop bad players
• The proposed regulation is bad for consumers
• Would damage users’ online experience
• Danger of tick-box culture & unrealistic expectations
• Need a proportionate data regime that recognises that not all
data is the same
• Personal data, sensitive data,
anonymous/pseudonymous data
29
• Different levels of protection required
30. Lobbying activity
• In Brussels with key individuals in Council, Commission &
Parliament, e.g. MEPs & advisers; party groups
• In UK, Ministers in MoJ, DCMS, BIS, HM Treasury + Opposition
spokesmen
• Alliance of interests – UK Data Group, FEDMA, CBI, etc. - for
collective lobbying of Council and Parliament & lobbying directly
where there is no national DMA
• Position papers on priorities for industry + draft amendments to
text
• Research on consumer attitudes to privacy and on economic
value of the dm industry
30
32. Current UK ICO issues
Privacy impact assessments
Anonymisation code
Direct marketing guidance
ICO 2020 Strategic Vision
32
33. Direct marketing guidance
•
•
•
•
•
•
•
•
•
ICO interpretation does not change law
Issued 9 September
Retrospective , transitional period
Respect consumer expectations and preferences
Tightening up of third party consent for digital marketing
Time limits for consent
Proof of consent
DMA written to ICO
Meeting in January 2014
33
34. Draft Privacy Impact Assessment Code
of Practice
•
•
•
•
•
Consultation closed 5 November 2013
Annex 1 – PIA screening questions
Annex 2 – PIA template
Annex 3 – PIA and data protection principles
Relevance to draft Regulation
34
35. Anonymisation Code of Practice
• Issued 20 November 2012
• Re-identification – "motivated intruder" test and risk
assessment of future identification
• Big Data – does it make anonymisation of data impossible?
• Consent – "legitimate interests“
• Pseudonymous and anonymous data may be included in
draft Regulation
35
36. ICO 2020 Strategic vision
• Challenges
• What and how the ICO expects to do over next 5 years
36
37. Contacts
Caroline Roberts, Director of Public Affairs, DMA
T - 020 7291 3346
caroline.roberts@dma.org.uk
James Milligan, Solicitor, DMA
T - 020 7291 3347
james.milligan@dma.org.uk
Legal Advice Helpline
T - 020 7291 3360
legaladvice@dma.org.uk
37
39. Consumer Law and other key
issues
Janine Paterson, Solicitor, DMA
40. Consumer Rights Bill
• Published in draft in June 2013. BIS hoping it will come into
force, together with the UK implementation of the
Consumer Rights Directive, by June 2014.
• A major overhaul of existing consumer rights legislation –
consolidating 100+ consumer laws and introducing new
rights for consumers and businesses.
• Follows two consultations late last year by BIS on goods,
services and digital content; and the Law Commission &
Scottish Law Commission’s on unfair contract terms.
41. Consumer Rights Bill
• Basic rights not changing
• Aim to present rights and remedies in a simpler and clearer
way to make consumers better informed and empowered
• 3 parts:
• Consumer contracts for goods, digital content and
services – rights and remedies
• Unfair terms in contracts
• Miscellaneous: investigatory powers, enhanced
consumer measures, enforcement, competition, etc.
42. Consumer Rights Bill
Rights and remedies:
• To receive some money back after one failed repair to faulty
goods (or one faulty replacement)
• To have substandard services redone or receive a price
reduction
• To receive a repair or replacement of faulty digital content
such as film/music downloads, e-books and online games
• To return faulty goods within 30 days and receive a refund
• Collective redress allowing consumers and companies to
challenge anti-competitive behaviour.
43. Consumer Rights Bill
• Consolidates the law around unfair terms in contracts with
consumers.
• Fairness to be determined by taking into account:
• The subject matter
• All the circumstances existing when term was agreed
• All the other terms of contract or any other contract
on which it depends
• Various terms listed that cannot be assessed for fairness
44. The Consumer Contracts (Information,
Cancellation and Additional Payments)
Regulations 2013
• Implementation of some of the EU Consumer Rights
Directive which was passed in 2011
• In most areas, implementation will follow the Directive.
• Regulations deal with contracts between a trader and a
consumer:
– Made on-premises, ie a shop
– Made off-premises, ie at consumer’s home or place of
work, and
– Made at a distance, ie telephone or over the internet.
• Certain contracts are excluded including gambling, health
services and services of banking and insurance.
45. Three main areas
• Information
– Depending on the type of contract, the trader must
provide certain information.
– Many provisions already exist but new ones are
introduced especially around digital content, where
information on what systems or hardware is compatible
will need to be given.
• Cancellation
– consumers have 14 days to cancel off-premises and
distance contracts – double current provision
– Consumer have to return goods
– Traders can withhold refund until goods are returned
– Traders can deduct from refund where the consumer has
handled the goods more than expected.
46. Three main areas – cont.
• Hidden costs
– Consumers will have to give active consent for all
payments and the use of pre-ticked boxes for additional
charges will not be allowed
– Customer service telephone lines can only be charged at
the basic rate – premium rate lines will be banned
47. The Consumer Protection from Unfair
Trading (Amendment) Regulations
2013
• Amendments to the 2008 regulations to allow consumers
who have been victims of misleading or aggressive practices
to seek redress. Covers three types of contract:
– Sale or supply of a product to a consumer by a trader;
– Sale or supply of a product to a trader by a consumer;
– A payment by a consumer to a trader.
• Need to show:
– purchased a product from a trader;
– trader engaged in behaviour that was either misleading
under Regulation 5 or aggressive under Regulation 7.
• Remedies - depending on the type of contract:
– Unwind the contract and get a refund;
– Discount on the product;
– Damages for the breach.
48. The Consumer Protection from Unfair
Trading (Amendment) Regulations
2013
• Misleading: includes
– providing false information or information that could
deceive the average consumer;
– marketing a product which causes confusion with
competitor’s products;
– failing to comply with a Code of Practice when you say
you do.
• Aggressive: includes
– Timing and location of the behaviour;
– whether any threatening or abusive language is used or;
– any exploitation by the trader of the consumer’s
personal circumstances.
49. Other issues
• Electoral register
– Electoral Registration & Administration Act 2013 –
introduction of individual electoral registration and
system opened up for online application in 2014.
– Edited version of register will be kept but issue on optouts.
• Employment
– TUPE – Government consultation on changes
• Environment
– Unaddressed mail preference service - awaiting DEFRA
input
50. Other issues
• Financial
– FSA replaced by Financial Conduct Authority and
Prudential Regulatory Authority on 1 April 2013
• New Vision – “To make relevant markets work well
so consumers get a fair deal”
• Consumers get financial services and products that
meet their needs from firms they can trust
• Markets and financial systems are sound and stable
and resilient with transparent pricing information
• Firms compete effectively with the interests of their
consumers and the integrity of the market at the
heart of how they run their business
51. Other issues
• Postal
– Postcode address file – Royal Mail consultation on
proposed changes: simplify licensing process; change
payment structure
– DMA met with RM to express member concerns
– RM have now responded to consultation
• Telemarketing –
– Culture, Media and Sport Commons Select Committee
enquiry into unsolicited phone calls. Report published 5th
December.
– John Mitchison gave evidence on behalf of TPS and
George Kidd on behalf of the Direct Marketing
Commission.
– The DMA also submitted written evidence.
– Nuisance Calls All Party Parliamentary Group enquiry:
TPS and DMA submitted written evidence.