Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Santiago de Ampuero

Posts by Santiago de Ampuero
Posted in Consumer Privacy

EDPB’s New Guidelines – Clinical Trials in the EU and COVID-19

We currently live in a world where the rapid spread of COVID-19 has provoked the urge to initiate the search for an effective vaccine or medicines to fight against it. In this context, the EDPB has recently published its Guidelines 03/2020 on the processing of data concerning health for the purpose of scientific research in the context of the COVID-19 outbreak with the clear objective of ensuring that patients’ and trial subjects’ privacy is not disregarded while clinical trials are carried out.

Posted in International/EU Privacy

Should I Be Worried About the GDPR? – EDPB’S Guidelines on the GDPR’S Territorial Scope

Does the GDPR really apply to my company? From a data protection standpoint, this is the first thing that comes to mind within non-EU companies. In many cases, the GDPR seems like an issue of the Old Continent, so it does not affect non-EU companies. In others, companies apply the GDPR to all their processing activities just to avoid the possibility of being addressed by EU authorities. Neither decision is per se correct.

Posted in International/EU Privacy

Spanish DPA on Use of Cookies: Continued Browsing is Consent

On November 8, the Spanish data protection authority published new Guidelines on the Use of Cookies. The Guidelines have been prepared in collaboration with different organisations in the marketing and online advertising industries, and aim to provide some direction on the use of cookies and similar technologies in compliance with information society services laws and regulations.

Posted in International/EU Privacy

Spanish DPA Publishes Guide for Satisfying PbD Obligation

On October 17, the Spanish data protection authority published the Guide to Privacy by Design. While Privacy by Design first became a legal requirement in the EU with implementation of the General Data Protection Regulation, it is a well-known concept among privacy professionals that dates back to the 1990s. PbD should be construed as “the need to consider privacy and the principles of data protection from the inception of any type of processing.” It is a concept focused on risk management and accountability that aims to incorporate privacy protections throughout the life cycle of systems, services, products, and processes. It involves the application of measures for privacy protection among all business processes and practices associated to personal data.