SlideShare a Scribd company logo

Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019

Burton Lee
Burton Lee

Talk by Mirena Taskova, Fieldfisher (San Francisco), at Stanford Engineering on January 14 2019, Session #2: 'Berlin : Mobile Banking Unicorns || EU GDPR Personal Data Privacy Update & Roadmap 2019'. Website: http://www.StanfordEuropreneurs.org YouTube Channel: https://www.youtube.com/user/StanfordEuropreneurs Twitter: @Europreneurs

Technology
1 of 15
Download to read offline
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com GENERAL DATA PROTECTION REGULATION (EU GDPR) WHY SILICON VALLEY NEEDS TO GET IT RIGHT MIRENA TASKOVA 1/14/2019 European Entrepreneurship & Innovation – Stanford School of Engineering
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com1 GDPR Why am I here today? What will I learn? Why the European Union GDPR matters to US companies & consumers, and why bother?
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com2 GDPR Why am I here today? What will I learn? What is personal data?
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com 3 GDPR What constitutes personal data? Our company’s annual report Your salary details Your medical information Your name and date of birth NO YES YES YES Your anonymous response to a survey question MAYBE Your photo or image on a CCTV camera YES
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com4 GDPR What rights do data subjects have? This means you too. I want to have errors about me corrected I don’t want to receive your marketing letters and promotions I want to find out what data you have about me and how you’re using it Does the right to be forgotten apply to me? I want to be able to take my data and reuse it on other platforms Please stop using my data until you’ve verified there is a legitimate purpose
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com5 GDPR Company Fines under GDPR WHY WE NEED TO GET IT RIGHT Infringements of rights, basic principles, and rules on international transfers: • €20 million or 4% of the total worldwide turnover of the preceding financial year (whichever is higher) Failure to notify of data breaches: • €10 million or 2% of the total worldwide turnover of the preceding financial year (whichever is higher)
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com6 GDPR Enforcement Actions in Europe | January 2019 Increase in Supervisory Authorities’ activity (local level & cross border)
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com7 GDPR Enforcement | UK ü The Information Commissioner’s Office (ICO) received 1792 breach notifications in June 2018, compared with 367 in April 2018; ü There have been a number of high profile breaches for which fines are possible such as British Airways, the Conservative Party, and Facebook; ü Supermarket chain Tesco has been fined £16.4 million by the Financial Conduct Authority for failing to exercise due skill, care, and diligence in protecting customers against a cyber-attack (not awarded under the GDPR); ü The ICO, for the first time, issued its maximum fine of £500,000 against Equifax for its security breach (not awarded under the GDPR).
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com8 GDPR Enforcement | Germany ü During the months May-July 2018, 111 data breach notifications were filed with the Data Protection Commissioner in Berlin. In the same period in 2017, the authority received only 12 notifications; ü The Bavarian State Authority for data protection announced random controls (audits) of companies beginning September 2018; ü Not aware of any sanctions under the GDPR yet. A sanction procedure takes some time to complete due to the strict procedural rules.
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com9 GDPR Enforcement | France ü More than 600 notifications of data breaches have been received by the French DPA involving about 15 million people - about 7 per day since May 25 2018; ü Since May 25 2018, the French DPA has received 3767 complaints vs. 2294 complaints over the same period in 2017. This represents a 64% increase; ü In regards to joint-actions (similar to US class action suits), two organizations have filed complaints with the French DPA: • “La Quadrature du Net” filed 5 separate complaints over “forced consent” against Google, Amazon, Facebook and Apple; • The association “NOYB” filed a complaint over “forced consent” against Google (Android). ü Not aware of sanctions under the GDPR yet.
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com10 GDPR This is just the beginning … On November 8, 2018 Privacy International filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com11 GDPR This is just the beginning … noyb filed four complaints over “forced consent” against Google, Instagram, WhatsApp and Facebook. The complaints were filed with DPAs in Austria, Belgium, France and Germany right after GDPR came into force.
Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com12 GDPR Questions?
Mirena Taskova, CIPP/E Senior Privacy Advisor M: +1 (650) 250 3615 E: mirena.taskova@fieldfisher.com Follow: @Fieldfisher www.linkedin.com/in/mirenataskova Blog: privacylawblog.fieldfisher.com

Recommended

Ipswitch and cordery on the road " All you need to know about GDPR but are t...
Ipswitch and cordery on the road " All you need to know about GDPR but are t...Ipswitch and cordery on the road " All you need to know about GDPR but are t...
Ipswitch and cordery on the road " All you need to know about GDPR but are t...
Sébastien Roques
 
I have listed 3 informative youtube videos on the eu gdpr
I have listed 3 informative youtube videos on the eu gdprI have listed 3 informative youtube videos on the eu gdpr
I have listed 3 informative youtube videos on the eu gdpr
Steven Meister
 
Everything you need to know about the GDPR
Everything you need to know about the GDPREverything you need to know about the GDPR
Everything you need to know about the GDPR
Spoon London
 
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
Feroot
 
One year of GDPR, what happened and what to expect!
One year of GDPR, what happened and what to expect!One year of GDPR, what happened and what to expect!
One year of GDPR, what happened and what to expect!
Giulio Coraggio
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection Regulation
Ramiro Cid
 
The EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowThe EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to know
Sophos Benelux
 
Matthew Hough Clewes | Cyber Crime and its Impacts
Matthew Hough Clewes | Cyber Crime and its ImpactsMatthew Hough Clewes | Cyber Crime and its Impacts
Matthew Hough Clewes | Cyber Crime and its Impacts
Pro Mrkt
 

Recommended

Ipswitch and cordery on the road " All you need to know about GDPR but are t...
Ipswitch and cordery on the road " All you need to know about GDPR but are t...Ipswitch and cordery on the road " All you need to know about GDPR but are t...
Ipswitch and cordery on the road " All you need to know about GDPR but are t...
Sébastien Roques
 
I have listed 3 informative youtube videos on the eu gdpr
I have listed 3 informative youtube videos on the eu gdprI have listed 3 informative youtube videos on the eu gdpr
I have listed 3 informative youtube videos on the eu gdpr
Steven Meister
 
Everything you need to know about the GDPR
Everything you need to know about the GDPREverything you need to know about the GDPR
Everything you need to know about the GDPR
Spoon London
 
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
EXPERT WEBINAR: GDPR One Year Later — What Can We Learn from Investigations a...
Feroot
 
One year of GDPR, what happened and what to expect!
One year of GDPR, what happened and what to expect!One year of GDPR, what happened and what to expect!
One year of GDPR, what happened and what to expect!
Giulio Coraggio
 
EU General Data Protection Regulation
EU General Data Protection RegulationEU General Data Protection Regulation
EU General Data Protection Regulation
Ramiro Cid
 
The EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to knowThe EU Data Protection Regulation - what you need to know
The EU Data Protection Regulation - what you need to know
Sophos Benelux
 
Matthew Hough Clewes | Cyber Crime and its Impacts
Matthew Hough Clewes | Cyber Crime and its ImpactsMatthew Hough Clewes | Cyber Crime and its Impacts
Matthew Hough Clewes | Cyber Crime and its Impacts
Pro Mrkt
 
ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection Regulation
ESET
 
Datum DPO outsourced May 2016
Datum DPO outsourced May 2016Datum DPO outsourced May 2016
Datum DPO outsourced May 2016
Mark Honeyball
 
20210526 cybersafety first! Sirius Legal webinar for Comeos
20210526 cybersafety first! Sirius Legal webinar for Comeos20210526 cybersafety first! Sirius Legal webinar for Comeos
20210526 cybersafety first! Sirius Legal webinar for Comeos
Bart Van Den Brande
 
EU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor ReplacementEU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor Replacement
GACC_Midwest
 
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeEU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
TrustArc
 
I4ADA 2019 - Presentation Jeff Bullwinkel
I4ADA 2019 - Presentation Jeff BullwinkelI4ADA 2019 - Presentation Jeff Bullwinkel
I4ADA 2019 - Presentation Jeff Bullwinkel
Paul van Heel
 
Sson amsterdam may 2012 roundtable - mark lewis berwin leighton paisner
Sson amsterdam may 2012 roundtable - mark lewis berwin leighton paisnerSson amsterdam may 2012 roundtable - mark lewis berwin leighton paisner
Sson amsterdam may 2012 roundtable - mark lewis berwin leighton paisner
marklewis54
 
EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer
IT Governance Ltd
 
GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.
James Seville
 
General Data Protection Regulation: what do you need to do to get prepared? -...
General Data Protection Regulation: what do you need to do to get prepared? -...General Data Protection Regulation: what do you need to do to get prepared? -...
General Data Protection Regulation: what do you need to do to get prepared? -...
IISPEastMids
 
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
Emma Mirrington
 
Facing the Big Data Revolution: A German Perspective
Facing the Big Data Revolution: A German PerspectiveFacing the Big Data Revolution: A German Perspective
Facing the Big Data Revolution: A German Perspective
Adaptant Solutions AG
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information security
Jisc
 
GDPR - GoDataFest - October 16 - Juliette van Baalen
GDPR - GoDataFest - October 16 - Juliette van BaalenGDPR - GoDataFest - October 16 - Juliette van Baalen
GDPR - GoDataFest - October 16 - Juliette van Baalen
GoDataDriven
 
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
Nordic APIs
 
Lexing Barcelona Conference
Lexing Barcelona ConferenceLexing Barcelona Conference
Lexing Barcelona Conference
Marc Gallardo
 
Infographic–A Look Back at the First Year of GDPR
Infographic–A Look Back at the First Year of GDPRInfographic–A Look Back at the First Year of GDPR
Infographic–A Look Back at the First Year of GDPR
Synopsys Software Integrity Group
 
http://www.slideshare.net/slideshow/embed_code/28627951
http://www.slideshare.net/slideshow/embed_code/28627951http://www.slideshare.net/slideshow/embed_code/28627951
http://www.slideshare.net/slideshow/embed_code/28627951
N0b10111
 
Jisc GDPR conference
Jisc GDPR conferenceJisc GDPR conference
Jisc GDPR conference
Jisc
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
Saira Nayak, JD, CIPP/US/E
 
Legal Implications of a Cyber Attack
Legal Implications of a Cyber AttackLegal Implications of a Cyber Attack
Legal Implications of a Cyber Attack
Brian Miller, Solicitor
 
A Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.CoinA Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.Coin
Franco Coin
 

More Related Content

What's hot

Datum DPO outsourced May 2016
Datum DPO outsourced May 2016Datum DPO outsourced May 2016
Datum DPO outsourced May 2016
Mark Honeyball
 
Sson amsterdam may 2012 roundtable - mark lewis berwin leighton paisner
Sson amsterdam may 2012 roundtable - mark lewis berwin leighton paisnerSson amsterdam may 2012 roundtable - mark lewis berwin leighton paisner
Sson amsterdam may 2012 roundtable - mark lewis berwin leighton paisner
marklewis54
 
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
Emma Mirrington
 
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
Nordic APIs
 

What's hot (15)

ESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection RegulationESET Quick Guide to the EU General Data Protection Regulation
ESET Quick Guide to the EU General Data Protection Regulation
 
Datum DPO outsourced May 2016
Datum DPO outsourced May 2016Datum DPO outsourced May 2016
Datum DPO outsourced May 2016
 
20210526 cybersafety first! Sirius Legal webinar for Comeos
20210526 cybersafety first! Sirius Legal webinar for Comeos20210526 cybersafety first! Sirius Legal webinar for Comeos
20210526 cybersafety first! Sirius Legal webinar for Comeos
 
EU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor ReplacementEU-US Privacy Shield - Safe Harbor Replacement
EU-US Privacy Shield - Safe Harbor Replacement
 
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTeEU US Privacy Shield vs. GDPR Infographic from TRUSTe
EU US Privacy Shield vs. GDPR Infographic from TRUSTe
 
I4ADA 2019 - Presentation Jeff Bullwinkel
I4ADA 2019 - Presentation Jeff BullwinkelI4ADA 2019 - Presentation Jeff Bullwinkel
I4ADA 2019 - Presentation Jeff Bullwinkel
 
Sson amsterdam may 2012 roundtable - mark lewis berwin leighton paisner
Sson amsterdam may 2012 roundtable - mark lewis berwin leighton paisnerSson amsterdam may 2012 roundtable - mark lewis berwin leighton paisner
Sson amsterdam may 2012 roundtable - mark lewis berwin leighton paisner
 
EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer
 
GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.GDPR How ready are you? The What, Why and How.
GDPR How ready are you? The What, Why and How.
 
General Data Protection Regulation: what do you need to do to get prepared? -...
General Data Protection Regulation: what do you need to do to get prepared? -...General Data Protection Regulation: what do you need to do to get prepared? -...
General Data Protection Regulation: what do you need to do to get prepared? -...
 
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
#FIRMday Manchester Autumn 2017 - The General Data Protection Regulation (GDP...
 
Facing the Big Data Revolution: A German Perspective
Facing the Big Data Revolution: A German PerspectiveFacing the Big Data Revolution: A German Perspective
Facing the Big Data Revolution: A German Perspective
 
GDPR: More reasons for information security
GDPR: More reasons for information securityGDPR: More reasons for information security
GDPR: More reasons for information security
 
GDPR - GoDataFest - October 16 - Juliette van Baalen
GDPR - GoDataFest - October 16 - Juliette van BaalenGDPR - GoDataFest - October 16 - Juliette van Baalen
GDPR - GoDataFest - October 16 - Juliette van Baalen
 
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)New General Data Protection Regulation (Agnes Andersson Hammarstrand)
New General Data Protection Regulation (Agnes Andersson Hammarstrand)
 

Similar to Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019

http://www.slideshare.net/slideshow/embed_code/28627951
http://www.slideshare.net/slideshow/embed_code/28627951http://www.slideshare.net/slideshow/embed_code/28627951
http://www.slideshare.net/slideshow/embed_code/28627951
N0b10111
 
Running Head THE IMPACT OF GDPR ON GLOBAL IT POLICIES1THE IMPA.docx
Running Head THE IMPACT OF GDPR ON GLOBAL IT POLICIES1THE IMPA.docxRunning Head THE IMPACT OF GDPR ON GLOBAL IT POLICIES1THE IMPA.docx
Running Head THE IMPACT OF GDPR ON GLOBAL IT POLICIES1THE IMPA.docx
jeanettehully
 
Data Protection Predictions for 2023.pdf
Data Protection Predictions for 2023.pdfData Protection Predictions for 2023.pdf
Data Protection Predictions for 2023.pdf
DarylBallesteros3
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Dr. Donald Macfarlane
 
EMEA Quarterly Update: GDPR Two Years Later
EMEA Quarterly Update: GDPR Two Years LaterEMEA Quarterly Update: GDPR Two Years Later
EMEA Quarterly Update: GDPR Two Years Later
TrustArc
 

Similar to Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019 (20)

Lexing Barcelona Conference
Lexing Barcelona ConferenceLexing Barcelona Conference
Lexing Barcelona Conference
 
Infographic–A Look Back at the First Year of GDPR
Infographic–A Look Back at the First Year of GDPRInfographic–A Look Back at the First Year of GDPR
Infographic–A Look Back at the First Year of GDPR
 
http://www.slideshare.net/slideshow/embed_code/28627951
http://www.slideshare.net/slideshow/embed_code/28627951http://www.slideshare.net/slideshow/embed_code/28627951
http://www.slideshare.net/slideshow/embed_code/28627951
 
Jisc GDPR conference
Jisc GDPR conferenceJisc GDPR conference
Jisc GDPR conference
 
GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016GDPR - Applift firstscreen june 2016
GDPR - Applift firstscreen june 2016
 
Legal Implications of a Cyber Attack
Legal Implications of a Cyber AttackLegal Implications of a Cyber Attack
Legal Implications of a Cyber Attack
 
A Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.CoinA Pratical Guide to GDPR - F.Coin
A Pratical Guide to GDPR - F.Coin
 
Leila Golchehreh - Adaptive Insights - Intro to New EU GDPR Data Privacy Rule...
Leila Golchehreh - Adaptive Insights - Intro to New EU GDPR Data Privacy Rule...Leila Golchehreh - Adaptive Insights - Intro to New EU GDPR Data Privacy Rule...
Leila Golchehreh - Adaptive Insights - Intro to New EU GDPR Data Privacy Rule...
 
CASE STUDY: New EU legislation: how to avoid data disaster
CASE STUDY: New EU legislation: how to avoid data disasterCASE STUDY: New EU legislation: how to avoid data disaster
CASE STUDY: New EU legislation: how to avoid data disaster
 
Board Priorities for GDPR Implementation
Board Priorities for GDPR ImplementationBoard Priorities for GDPR Implementation
Board Priorities for GDPR Implementation
 
Running Head THE IMPACT OF GDPR ON GLOBAL IT POLICIES1THE IMPA.docx
Running Head THE IMPACT OF GDPR ON GLOBAL IT POLICIES1THE IMPA.docxRunning Head THE IMPACT OF GDPR ON GLOBAL IT POLICIES1THE IMPA.docx
Running Head THE IMPACT OF GDPR ON GLOBAL IT POLICIES1THE IMPA.docx
 
GDPR: A Threat or Opportunity? www.normanbroadbent.
GDPR: A Threat or Opportunity? www.normanbroadbent.GDPR: A Threat or Opportunity? www.normanbroadbent.
GDPR: A Threat or Opportunity? www.normanbroadbent.
 
GDPR training
GDPR training GDPR training
GDPR training
 
Data Protection Predictions for 2023.pdf
Data Protection Predictions for 2023.pdfData Protection Predictions for 2023.pdf
Data Protection Predictions for 2023.pdf
 
For Superweek 2022: discussing risk using IAB's TCF
For Superweek 2022: discussing risk using IAB's TCFFor Superweek 2022: discussing risk using IAB's TCF
For Superweek 2022: discussing risk using IAB's TCF
 
Data protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-finalData protection & security breakfast briefing master slides 28 june-final
Data protection & security breakfast briefing master slides 28 june-final
 
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_finalData Protection & Security Breakfast Briefing - Master Slides_28 June_final
Data Protection & Security Breakfast Briefing - Master Slides_28 June_final
 
EMEA Quarterly Update: GDPR Two Years Later
EMEA Quarterly Update: GDPR Two Years LaterEMEA Quarterly Update: GDPR Two Years Later
EMEA Quarterly Update: GDPR Two Years Later
 
GDPR: What UK SMBs should know
GDPR: What UK SMBs should knowGDPR: What UK SMBs should know
GDPR: What UK SMBs should know
 
Dla piper data breach report 2020
Dla piper data breach report 2020Dla piper data breach report 2020
Dla piper data breach report 2020
 

More from Burton Lee

Burton Lee - Session #6 Intro - Bitcoin Cities | GDPR & Stasi Files - Stanfor...
Burton Lee - Session #6 Intro - Bitcoin Cities | GDPR & Stasi Files - Stanfor...Burton Lee - Session #6 Intro - Bitcoin Cities | GDPR & Stasi Files - Stanfor...
Burton Lee - Session #6 Intro - Bitcoin Cities | GDPR & Stasi Files - Stanfor...
Burton Lee
 

More from Burton Lee (20)

Santiago Bassett - Wazuh - Growing Cybersecurity Startups in Granada & Silico...
Santiago Bassett - Wazuh - Growing Cybersecurity Startups in Granada & Silico...Santiago Bassett - Wazuh - Growing Cybersecurity Startups in Granada & Silico...
Santiago Bassett - Wazuh - Growing Cybersecurity Startups in Granada & Silico...
 
Julio Casal - 4iQ & AlienVault - Viaje de un Cybersecurity Startup a Silicon ...
Julio Casal - 4iQ & AlienVault - Viaje de un Cybersecurity Startup a Silicon ...Julio Casal - 4iQ & AlienVault - Viaje de un Cybersecurity Startup a Silicon ...
Julio Casal - 4iQ & AlienVault - Viaje de un Cybersecurity Startup a Silicon ...
 
Burton Lee - Session #7 - Madrid + Granada - Cybersecurity Startups - Spanish...
Burton Lee - Session #7 - Madrid + Granada - Cybersecurity Startups - Spanish...Burton Lee - Session #7 - Madrid + Granada - Cybersecurity Startups - Spanish...
Burton Lee - Session #7 - Madrid + Granada - Cybersecurity Startups - Spanish...
 
Peter Fatelnig - EU Delegation to USA - Content Matters & EU Leadership - Sta...
Peter Fatelnig - EU Delegation to USA - Content Matters & EU Leadership - Sta...Peter Fatelnig - EU Delegation to USA - Content Matters & EU Leadership - Sta...
Peter Fatelnig - EU Delegation to USA - Content Matters & EU Leadership - Sta...
 
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
Polina Zvyagina - Airbnb - Privacy & GDPR Compliance - Stanford Engineering -...
 
Dejan Roljic - Eligma - Growing Bitcoin Cities from Slovenia - Stanford Engin...
Dejan Roljic - Eligma - Growing Bitcoin Cities from Slovenia - Stanford Engin...Dejan Roljic - Eligma - Growing Bitcoin Cities from Slovenia - Stanford Engin...
Dejan Roljic - Eligma - Growing Bitcoin Cities from Slovenia - Stanford Engin...
 
Burton Lee - Session #6 Intro - Bitcoin Cities | GDPR & Stasi Files - Stanfor...
Burton Lee - Session #6 Intro - Bitcoin Cities | GDPR & Stasi Files - Stanfor...Burton Lee - Session #6 Intro - Bitcoin Cities | GDPR & Stasi Files - Stanfor...
Burton Lee - Session #6 Intro - Bitcoin Cities | GDPR & Stasi Files - Stanfor...
 
Burton Lee - Session #5 Intro - European Corporate Venture Capital - Stanford...
Burton Lee - Session #5 Intro - European Corporate Venture Capital - Stanford...Burton Lee - Session #5 Intro - European Corporate Venture Capital - Stanford...
Burton Lee - Session #5 Intro - European Corporate Venture Capital - Stanford...
 
Elif Ceylan - ITU ARI Teknokent & Innogate - University Accelerators in Turke...
Elif Ceylan - ITU ARI Teknokent & Innogate - University Accelerators in Turke...Elif Ceylan - ITU ARI Teknokent & Innogate - University Accelerators in Turke...
Elif Ceylan - ITU ARI Teknokent & Innogate - University Accelerators in Turke...
 
Ege Ertem - Zorlu Ventures - Family Enterprises in Turkey - Stanford Engineer...
Ege Ertem - Zorlu Ventures - Family Enterprises in Turkey - Stanford Engineer...Ege Ertem - Zorlu Ventures - Family Enterprises in Turkey - Stanford Engineer...
Ege Ertem - Zorlu Ventures - Family Enterprises in Turkey - Stanford Engineer...
 
Miray Tayfun - Vivoo - Wellness Startups in Turkey & Silicon Valley - Stanfor...
Miray Tayfun - Vivoo - Wellness Startups in Turkey & Silicon Valley - Stanfor...Miray Tayfun - Vivoo - Wellness Startups in Turkey & Silicon Valley - Stanfor...
Miray Tayfun - Vivoo - Wellness Startups in Turkey & Silicon Valley - Stanfor...
 
Burton Lee - Session #4 - Turkey Innovation Ecosystem - Stanford Engineering ...
Burton Lee - Session #4 - Turkey Innovation Ecosystem - Stanford Engineering ...Burton Lee - Session #4 - Turkey Innovation Ecosystem - Stanford Engineering ...
Burton Lee - Session #4 - Turkey Innovation Ecosystem - Stanford Engineering ...
 
Nathalie Delrue-McGuire - Belgium, Flanders & Belcham USA - Stanford Engineer...
Nathalie Delrue-McGuire - Belgium, Flanders & Belcham USA - Stanford Engineer...Nathalie Delrue-McGuire - Belgium, Flanders & Belcham USA - Stanford Engineer...
Nathalie Delrue-McGuire - Belgium, Flanders & Belcham USA - Stanford Engineer...
 
Dirk Wauters - Flanders & Leuven Tech Ecosystem - Stanford Engineering - 28 J...
Dirk Wauters - Flanders & Leuven Tech Ecosystem - Stanford Engineering - 28 J...Dirk Wauters - Flanders & Leuven Tech Ecosystem - Stanford Engineering - 28 J...
Dirk Wauters - Flanders & Leuven Tech Ecosystem - Stanford Engineering - 28 J...
 
Hendrik Isebaert - Showpad & Ghent - Enterprise Software in Flanders - Stanfo...
Hendrik Isebaert - Showpad & Ghent - Enterprise Software in Flanders - Stanfo...Hendrik Isebaert - Showpad & Ghent - Enterprise Software in Flanders - Stanfo...
Hendrik Isebaert - Showpad & Ghent - Enterprise Software in Flanders - Stanfo...
 
Burton Lee - Session #3 - Flanders :: From WW1 to Global Leadership in Enterp...
Burton Lee - Session #3 - Flanders :: From WW1 to Global Leadership in Enterp...Burton Lee - Session #3 - Flanders :: From WW1 to Global Leadership in Enterp...
Burton Lee - Session #3 - Flanders :: From WW1 to Global Leadership in Enterp...
 
Burton Lee - Session #2 - Berlin Mobile Banking Unicorns & GDPR Update - Stan...
Burton Lee - Session #2 - Berlin Mobile Banking Unicorns & GDPR Update - Stan...Burton Lee - Session #2 - Berlin Mobile Banking Unicorns & GDPR Update - Stan...
Burton Lee - Session #2 - Berlin Mobile Banking Unicorns & GDPR Update - Stan...
 
Burton Lee - Course Intro & Session #1 - Czechia & CEE Ecosystem - Stanford M...
Burton Lee - Course Intro & Session #1 - Czechia & CEE Ecosystem - Stanford M...Burton Lee - Course Intro & Session #1 - Czechia & CEE Ecosystem - Stanford M...
Burton Lee - Course Intro & Session #1 - Czechia & CEE Ecosystem - Stanford M...
 
Burton Lee - AI and Remote Diagnostics of Factory Equipment - IHK München 175...
Burton Lee - AI and Remote Diagnostics of Factory Equipment - IHK München 175...Burton Lee - AI and Remote Diagnostics of Factory Equipment - IHK München 175...
Burton Lee - AI and Remote Diagnostics of Factory Equipment - IHK München 175...
 
Burton Lee - Session #8 Intro - Stanford ME421 - Mar 12 2018 - Part 1
Burton Lee - Session #8 Intro - Stanford ME421 - Mar 12 2018 - Part 1Burton Lee - Session #8 Intro - Stanford ME421 - Mar 12 2018 - Part 1
Burton Lee - Session #8 Intro - Stanford ME421 - Mar 12 2018 - Part 1
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Mirena Taskova - EU GDPR Intro & Update - Stanford Engineering - 14 Jan 2019

  • 1. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com GENERAL DATA PROTECTION REGULATION (EU GDPR) WHY SILICON VALLEY NEEDS TO GET IT RIGHT MIRENA TASKOVA 1/14/2019 European Entrepreneurship & Innovation – Stanford School of Engineering
  • 2. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com1 GDPR Why am I here today? What will I learn? Why the European Union GDPR matters to US companies & consumers, and why bother?
  • 3. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com2 GDPR Why am I here today? What will I learn? What is personal data?
  • 4. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com 3 GDPR What constitutes personal data? Our company’s annual report Your salary details Your medical information Your name and date of birth NO YES YES YES Your anonymous response to a survey question MAYBE Your photo or image on a CCTV camera YES
  • 5. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com4 GDPR What rights do data subjects have? This means you too. I want to have errors about me corrected I don’t want to receive your marketing letters and promotions I want to find out what data you have about me and how you’re using it Does the right to be forgotten apply to me? I want to be able to take my data and reuse it on other platforms Please stop using my data until you’ve verified there is a legitimate purpose
  • 6. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com5 GDPR Company Fines under GDPR WHY WE NEED TO GET IT RIGHT Infringements of rights, basic principles, and rules on international transfers: • €20 million or 4% of the total worldwide turnover of the preceding financial year (whichever is higher) Failure to notify of data breaches: • €10 million or 2% of the total worldwide turnover of the preceding financial year (whichever is higher)
  • 7. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com6 GDPR Enforcement Actions in Europe | January 2019 Increase in Supervisory Authorities’ activity (local level & cross border)
  • 8. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com7 GDPR Enforcement | UK ü The Information Commissioner’s Office (ICO) received 1792 breach notifications in June 2018, compared with 367 in April 2018; ü There have been a number of high profile breaches for which fines are possible such as British Airways, the Conservative Party, and Facebook; ü Supermarket chain Tesco has been fined £16.4 million by the Financial Conduct Authority for failing to exercise due skill, care, and diligence in protecting customers against a cyber-attack (not awarded under the GDPR); ü The ICO, for the first time, issued its maximum fine of £500,000 against Equifax for its security breach (not awarded under the GDPR).
  • 9. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com8 GDPR Enforcement | Germany ü During the months May-July 2018, 111 data breach notifications were filed with the Data Protection Commissioner in Berlin. In the same period in 2017, the authority received only 12 notifications; ü The Bavarian State Authority for data protection announced random controls (audits) of companies beginning September 2018; ü Not aware of any sanctions under the GDPR yet. A sanction procedure takes some time to complete due to the strict procedural rules.
  • 10. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com9 GDPR Enforcement | France ü More than 600 notifications of data breaches have been received by the French DPA involving about 15 million people - about 7 per day since May 25 2018; ü Since May 25 2018, the French DPA has received 3767 complaints vs. 2294 complaints over the same period in 2017. This represents a 64% increase; ü In regards to joint-actions (similar to US class action suits), two organizations have filed complaints with the French DPA: • “La Quadrature du Net” filed 5 separate complaints over “forced consent” against Google, Amazon, Facebook and Apple; • The association “NOYB” filed a complaint over “forced consent” against Google (Android). ü Not aware of sanctions under the GDPR yet.
  • 11. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com10 GDPR This is just the beginning … On November 8, 2018 Privacy International filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
  • 12. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com11 GDPR This is just the beginning … noyb filed four complaints over “forced consent” against Google, Instagram, WhatsApp and Facebook. The complaints were filed with DPAs in Austria, Belgium, France and Germany right after GDPR came into force.
  • 13. Belgium | China | France | Germany | Italy | Netherlands | UK | US (Silicon Valley) | fieldfisher.com12 GDPR Questions?
  • 14.
  • 15. Mirena Taskova, CIPP/E Senior Privacy Advisor M: +1 (650) 250 3615 E: mirena.taskova@fieldfisher.com Follow: @Fieldfisher www.linkedin.com/in/mirenataskova Blog: privacylawblog.fieldfisher.com