Legal Tips

Cybersecurity & Privacy Legal Tips

A clear understanding of Cybersecurity legal issues is esssential for anyone working in the area. Our Legal tips section updates you on all Legal news on Cybersecurity and privacy issues!

GDPR & NIS Directive

cyberwatching.eu raises awareness of the two major legislative tools that are having a major impact on the EU cybersecurity landscape: The GDPR (Regulation 679/2016 on the protection of personal data) which becomes effective on 28 May 2018; and the NIS Directive (Directive 2016/1148 concerning measures for a high common level of security of network and information systems across the Union) which will be transposed by Member States by the 9th of May 2018. These two legislative instruments are strictly intertwined with the NIS Directive refers to the applicable data protection law as to a necessary complementary set of rules.

How cyberwatching.eu helps

In addition to our regularly updated news below, we'll also be publishing a series of recommendations documents, which will help organisations to understand the interplay of the two legal frameworks, in order to clarify their intricacies, to solve potential conflicts of interpretation and to effectively enable R&I projects focussed on privacy and cybersecurity to effectively participate to the policy making debate of the next two years, both at national and EU level, on these matters. The project will therefore focus on the following activities:
•   Monitoring of the regulatory framework;
•   Understanding the legal complexity of the regulatory framework;
•   Drafting a list of policy issues to be solved at EU and/or national level;
•   Supporting R&I teams and proactively proposing areas of research and policy solutions

Our legal experts from ICT Legal Consulting are here to guide you through the most common and important terms.

Source: ICT Legal Consulting

The EDPB establishes common criteria for Data Protection Impact Assessment lists drafted by national supervisory authorities

On September 26^th, 2018, the European Data Protection Board (“EDPB”) adopted Opinions on the draft lists, submitted by the respective national supervisory authorities, on the processing operations subject to the requirement of a data protection impact assessment (“DPIA”).

Read more about The EDPB establishes common criteria for Data Protection Impact Assessment lists drafted by national supervisory authorities

Handbook on European data protection law : 2018 edition

The European Union Agency for Fundamental Rights has released the updated 2018 edition of the “Handbook on European data protection law”.

Read more about Handbook on European data protection law : 2018 edition

The Italian Budget Law and its impact on legitimate interest (and portability)

On 29 December the Italian Budget Law for 2018 was published in the Italian Official Journal. The law at stake, which is probably one of the most relevant laws issued at the end of each year in Italy, contains some provisions that impact key elements of the forthcoming EU data protection framework – Regulation EU 2016/679 (“GDPR”)

Read more about The Italian Budget Law and its impact on legitimate interest (and portability)

Guidelines on the application of Article 28 of GDPR

Under Article 28 of the General Data Protection Regulation (“GDPR”), controllers must only appoint processors who can provide “sufficient guarantees” to meet the requirements of the GDPR. Processors must only act on the documented instructions of the controller and they can be held directly responsible for non-compliance with the GDPR obligations, or the instructions provided by the controller, and may be subject to administrative fines or other sanctions and liable to pay compensation to data subjects.

Read more about Guidelines on the application of Article 28 of GDPR

The e-privacy regulation: new rules for analytics cookies

On 8 September 2017, the Council of the European Union reviewed the draft of the new e-Privacy Regulation (“EPR”) – previously published by the European Commission on 10 January 2017 -, which allows the use of first-party and third-party analytic cookies without express consent of the end-user.

Read more about The e-privacy regulation: new rules for analytics cookies

Global Cybersecurity Index 2017 reveals that 50% of countries have no cybersecurity strategy in place

The UN's International Telecommunication Union (ITU) has recently released the second version of its Global Cybersecurity Index which measures countries' commitment to cybersecurity and helps them to identify areas for improvement.

Read more about Global Cybersecurity Index 2017 reveals that 50% of countries have no cybersecurity strategy in place

The Italian DPA issued its first guidelines on the GDPR

Scenario

On 28 April 28 the Italian Data Protection Authority (“Garante”) issued its first guidance on the new provisions of the General Data Protection Regulation (“GDPR”), consisting of a schematic overview of the changes in the current legal framework and recommendations on how to face them.

The Garante focused on six specific aspects:

Read more about The Italian DPA issued its first guidelines on the GDPR

Knowing more on GDPR: video interview from Infosec 2017

Do you want to know more about the GDPR*?
Watch this live talk, streamed during the last Infosec event in London, where three experts in the field of cyber security & privacy give their perspective on GDPR compliance in reference to the European landscape.

Read more about Knowing more on GDPR: video interview from Infosec 2017

News

Outcomes and key themes from ICT 2018 Session on Cybersecurity as key for a Digital Economy and Society

On 5 December 2018, the Digital Single Market of the European Commission sponsored a session on the topic of “Cybersecurity as key for a Digital Economy and Society”. The highly-popular session (over 90 attendees) took place on 5 December 2018 within the flagship ICT2018 Conference in Vienna, Austria.

Khalil Rouhana, Deputy Director General, EC – DG CNECT, kicked off the session with an overview of some of the most pressing issues of the day in cybersecurity:

Events

17/01/2019

Reinforcing Cyber Security in the EU: Building Coordinated Security, Confidence and Capability in the Cyber Domain

With 315 million Europeans using the internet each day, the provision of critical services and the functioning of a modern economy are now entirely dependent upon the robustness and safety of cyberspace and its infrastructure. Cyber security attacks are a growing source of threat and concern, while also representing a growing economic opportunity for Europe, with the market predicted to be worth over $100 Billion by 2018 (European Commission). Moreover, cyber attacks in the EU are constantly growing in both their frequency (quintuplicate between 2013 and 2017) and sophistication.

You are here