
Ireland Data protection newsletter - Issue 16
A lot has happened in the data protection landscape since our last newsletter. In this issue, we focus on a number of those key news stories in recent months.
Looking for actionable insights? Thoughtful solutions? Bite-sized advice you can put to work, right now? Get the latest tips in your inbox. Subscribe now
A lot has happened in the data protection landscape since our last newsletter. In this issue, we focus on a number of those key news stories in recent months.
It has been five years since the GDPR came fully into force. We now have a good idea of how data protection will be interpreted and should be applied. We also understand that it's always a moving target with internal organisation changes, external guidance, sanctions, and judgement needing to be understood and addressed.
2022 was a year of significant data protection landscape updates. The Data Protection Commission (DPC) is working towards more enforcement than guidance. Non-material damages have also been discussed across the EU, and we saw the first GDPR certification being approved and ready for candidates. There was also a continued focus on international data transfers and more fines and actions.
The CJEU has ruled on identifiable data and inferred special category data, NOYB has issued another round of complaints against cookie banners, the DPC is expanding with two new commissioners, and the deadline for new SCCs is fast approaching.
At the beginning of 2022, the full impact of GDPR is becoming more apparent. The implications of regulatory decisions indicate the bar is rising when it comes to assessing what compliance means. In that context, it is probably not surprising that our 6th annual GDPR survey suggests that respondents' attitudes to GDPR have moved negatively in the last year.
As we approach the end of the year, we have reflected on five of the most significant data protection topics to date in 2021, and we supply you with a "key action" to take from the issue.
It has been almost three years since the GDPR came fully into force, and it feels like we have achieved a lot. Still, the challenges of greater digitisation coupled with increased awareness of the topic by people have resulted in no easing of the workload for organisations and data protection teams.
As this most challenging year comes to a close, we consider how civil sanctions are being settled; proposed updated standard contractual clauses; accountability; and data protection by design and default.
Since our last newsletter in June, we have observed the Court of Justice deliver a decision on the anticipated Schrems II case, an increase of media attention surrounding the privacy concerns of the COVID tracker app and guidance from the DPC on website cookies.
Over the last 12 weeks we have adapted to rapid change while we have confined our lives to the boundaries of our homes.
Just when organisations were getting to grips with GDPR, there are further regulatory changes and challenges to consider. We have provided a summary view of the potential impact on organisations in this newsletter.
When the GDPR came into effect on May 25th, 2018, it was clear that significant fines were designed to make non-compliance a costly mistake for organisations.
What is the impact of GDPR? One year in and the jury is still out. There have been only 41 published sanctions from data protection authorities across Europe in the first year: 21 of these were imposed by the UK’s ICO and 2 from Ireland’s DPC.
Nine months since the enforcement of the General Data Protection (GDPR), customer awareness of data protection continues to evolve while organisations continue to progress and operationalise many of the policy decisions made in light of the regulatory updates
Six months since the introduction of the General Data Protection (GDPR), we are starting to see many useful developments across the Irish and European landscapes.
In this newsletter, we discuss reporting processes and breaches in the new GDPR business landscape, the EU’s proposed response to data flows post-Brexit, and how new technologies are being considered to aid firms with compliance. There is also information about how you can participate in our yearly Data Protection Survey.
The Digital Operational Resilience Act (DORA) is a new Regulation which aims to reduce the risk of cyber threats in the financial sector through the enhancement of technology and cyber risk management and resilience.
Our expertise and approach to responsible AI will ensure your business or organisation is compliant with the EU AI Act.
The general data protection regulation (GDPR) provides for two crucial concepts for future project planning: Data Protection by Design and Data Protection by Default (DPbDD). While long recommended as good practice, both principles are enshrined in law under Article 25 of the GDPR. Our expert team can guide you though the approach and process of building privacy by design into your products,...
Mazars provides outsourced data protection officer (DPO) services to organisations that do not wish to directly employ a DPO
Mazars supports you in achieving and maintaining data protection & privacy compliance.
This website uses cookies.
Some of these cookies are necessary, while others help us analyse our traffic, serve advertising and deliver customised experiences for you.
For more information on the cookies we use, please refer to our Privacy Policy.
This website cannot function properly without these cookies.
Analytical cookies help us enhance our website by collecting information on its usage.
We use marketing cookies to increase the relevancy of our advertising campaigns.