cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
leroux
Community Champion

Year 1 of GDPR: Over 200,000 cases reported, firms fined €56 Millions

The first overview on the implementation of the GDPR and the roles and means
of the national supervisory authorities has been published by the European Data Protection Board (EDPB)

Since 25 May 2018, 642 procedures have been initiated to identify the Lead Supervisory Authority (SA) and the Concerned SAs in cross-border cases. Out of the 642 procedures, 306 are closed and the Lead
SA identified.
Up to now, no dispute arose on the selection of the Lead SA.

 

The total number of cases reported by SAs from 31 EEA countries is 206.326. Three different
types of the cases can be distinguished, namely cases based on complaints, cases based on data breach notifications and other types of cases. The majority of the cases are related to complaints, notably 94.622 while 64.684 were initiated on the basis of data breach notification by the controller. 52 % of these cases have already been closed and 1 % of these cases challenged before national court.

 

SAs from 11 EEA countries have already imposed administrative fines according to Article 58.2 (i) GDPR. The total amount of the imposed fine is 55.955.871 EUR.

 

Nine months after the entry into application of the GDPR, the members of the EDPB are of
the opinion that the GDPR works quite well in practice making use of the new way of
cooperation including numerous daily exchanges. The One-Stop-Shop cases that have already
led to an outcome tested some of the core principles of the GDPR and were resolved
smoothly. So far, not a single cross-border case has been escalated to the EDPB level.
Despite the increase in the number of cases in the last months, the SAs reported that the
workload is manageable for the moment, in large part thanks to a thorough preparation
during the past two years by SAs, the Article 29 Working Party and by the Board.

3 Replies
Chuxing
Community Champion

I wish leadership on this side of pond can have an urgency on data protection. Where I am at, data privacy is not even a topic.

 

I have been refreshing and catching up my understanding on GDPR, as I am developing a course material on the subject.

 

Data have been so critical in modern day society and economy, the urgent needs for protection have yet to be fully recognized. Almost every other day we hear some major breaches on large amount of personal data, and yet people are still willingly dumping their private information on the Internet, through various open social media.

 

 


____________________________________
Chuxing Chen, Ph.D., CISSP, PMP
leroux
Community Champion

If you are preparing a GDPR course look at this event which has been recorded. It may help you.

I may provide you with the slides...

 

UK 2017: GDPR: Charting Experience on the March to May 2018

Yves Le Roux, (ISC)2 EMEA Advisory Council Co-Chair & Privacy Workgroup Lead

David Higgins, (ISC)2 EMEA Advisory Council GDPR 

 
Dec 13 2017 | 116 mins
 

The GDPR workshop will provide insights from the EAC’s GDPR project, lessons learnt from member experience and take-aways for attendees to use in their organisations. Being held under the Chatham House Rule, it will give an opportunity for members to discuss confidentially their implementation strategies, projects, activities and share tools, techniques and hints and tips from their experience.

Format:
Three-hour interactive workshop which will include discussions, the implementation of strategies, projects, activities and share tools, techniques and hints and tips from their experience. 

Take-aways:
1.Gain insights and learn of the progress from the EAC’s GDPR project 
2.Understand common concerns, consider unforeseen obstacles and the best practices that are emerging for dealing with them. 
3.Receive guidance and access to a repository of materials to assist delegates with GDPR compliance 
4.Forum to share experience in confidence, tools, techniques and hints and tips from lessons learnt to date

rslade
Influencer II

> Chuxing (Community Champion) posted a new reply in GDPR on 03-14-2019 11:44 AM

> I wish leadership on this side of pond can have an urgency on data
> protection.

Hey, Canada is on "this" side of the pond. And *we* have privacy laws ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Politics is the art of looking for trouble, finding it
everywhere, diagnosing it wrongly and applying unsuitable
remedies - English publisher Ernest Benn
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468