On 16 October 2013, the Polish Ministry of Economy published draft amendments to Poland’s data protection law, the Polish Act of 29 August 1997 on the Protection of Personal Data (“PPD”), aimed at easing administrative obligations regarding the compulsory hiring of data protection officers and registration of data filing systems with the Polish Data Protection Authority (“DPA”). Under the proposed legislation, companies would have the flexibility to decide whether to appoint an administrator of information security (“AIS”), currently a legal requirement. A data controller regulated under the PPD would be able to strategically choose whether to appoint an AIS, a move that would increase its compliance obligations and the company’s visibility to regulators in return for reduced external filing obligations.
At this week’s IAPP Privacy Academy in Seattle, Washington, Harriet Pearson, Partner in the Hogan Lovells Privacy and Information Practice, hosted a breakout session entitled How to work with Your European Data Protection Authority. The Session featured Billy Hawkes, Data Protection Commissioner of Ireland, and focused on providing privacy practitioners with practical advice on how to approach a Data Protection Authority (DPA) and earn their trust. The session also addressed practical compliance questions for European markets, gave advice on making successful regulatory filings, and gave tips for handling complaints and other challenging situations.
Elisabethann Wright, a Partner in our Brussels Office, presented at the 33d International Congress of Data Protection and Privacy Commissioners in Mexico City last week. In this entry, she shares some reflections from her participation.
As the Data Protection Authority and Privacy Commissioner Conference in Jerusalem winds up, Hogan Lovells Privacy and Information Management Practice Leader Christopher Wolf shares this report publihsed in the Huffington Post which he co-authored with his co-chair of the Future of Privacy Forum think tank, Jules Polonetsky: