Compared to the US, European data and privacy protection rules seem Draconian. The European rules apply to any enterprise doing business in the EU. The new rules are far more stringent than the last set. This book is a quick guide to the directives for companies, particularly US, that have to comply with them. Where US organizations and businesses who collect or receive EU personal data fail to comply with the rule, the bottom line can suffer from very significant official fines and penalties, as well as from users, customers or representative bodies to pursuing litigation. This guide is essential for all US enterprises who directly or indirectly deal with EU personal data.
Considering EU Data Protection Rules Is Necessary.
US-EU Similarities, Differences and Bridges.
The Definitions of EU Data Protection.
Instruments of Data Protection.
Data Protection Principles.
Processing Pre-Conditions: Prior Information.
Legitimate Processing Conditions.
Rights of Individual Data Subjects.
Enforcement and Penalties for Non-Compliance.
Security of Personal Data.
Outsourcing to Third-Party Data Processors.
The New EU Data Protection Regime Introduced.
Background and Context. Rules and Issues.
Reaction to New General Data Protection Regulation.
The New Regime in Details.
Increased Penalties and Fines.
Remedies, Liability, and Sanctions.
Rectification and Erasure.
Codes of Conduct and Certification.
Data Protection Supervisory Authorities.
New Data Protection Officer.
Security and Data Breach.
Data Protection Impact Assessment.
Privacy by Design, Data Protection by Design, Data Protection as Default.
Cross Border Transfers of Data.
Right to Be Informed of Third Country Safeguards.
New Processing Rules: Obligations.
Employee Inward-Facing Processing.
Inward-Facing Employee Data Protection Rights.
Inward-Facing Employee Considerations.
Outward Facing Issues.
Outward Facing Rights.
ePrivacy and Electronic Communications