DPOInsider #34
The DPOInsider covers the latest news and developments in data compliance and privacy. The DPO's favourite weekly read ☕️
Preparing Your Company for the Latest GDPR Data Transfer Developments
Transfers of personal data from the EU/EEA to non-adequate countries are subject to enhanced diligence and scrutiny following the Schrems II decision. The UK also has its own approach to SCCs and is considering diverging from EU GDPR. The EU and US are working on a new transatlantic data privacy framework to replace the invalidated Privacy Shield.
All of these moves mean that complying with regulations is becoming increasingly difficult.
For many organizations, there are a number of big deadlines coming up.
This piece breaks down the upcoming changes and upcoming deadlines. As well as this, it does a great job of setting up the landscape for the next few months.
The Quiet Invasion of 'Big Information'
I thought that piece was a fascinating read on the companies outside of the big five that don’t always catch the big headlines - specifically RELX.
You might not be familiar with RELX, but it knows all about you. Reed Elsevier LexisNexis (RELX) is a Frankensteinian amalgam of publishers and data brokers, stitched together into a single information giant.
It’s quite a provocative read, but it does highlight the issues that come with regulating companies like RELX:
Because companies like RELX have their tentacles entwined into so many information markets and so many types of analytics products, and because their products are so embedded in so many government programs and projects, regulating them requires an array of interventions. There is no singular, magical fix to ensure that the sprawling data analytics companies both provide access to critical public information and properly treat our private data.
Really it’s a great example of why conversations around protecting data privacy need to go beyond the Big Five in tech. What do you think? Get in touch to continue the discussion.
Data compliance is going mainstream this year
Regulatory compliance has been a hot topic in conversations with executives, especially in 2022. But it's not exactly a new subject. It's been a concern since the EU's GDPR was adopted in 2018.
An article suggests that this shows that data compliance is going mainstream. A perfect storm of regulatory awareness is coming.
With these five factors reaching a veritable apex, compliance must be a top priority next year. Companies that are proactive in their data privacy and security approaches will find themselves in an enviable position in 2023. And those that employ the processes and tools that go beyond compliance and address how data must be protected as current laws are modified and new ones are introduced will be even further ahead of competitors.
Other data privacy news
Honey, I Shrunk the Data: How to Keep Customer Info on a Need-to-Know Basis
As GDPR Continues To Cross The Pond, You Should Get Your Feet Wet On Data Protection Issues
Data Siloes - How To Fix This Compliance Problem With Data Mapping
Post of the week
