Transparency and Risk

I submitted comments to the Working Party 29 in response to their recently published Guidelines on Transparency under Regulation 2016/679 (aka GDPR). One of the points I highlighted was their promotion of Recital 39 which stipulates “Natural persons should be made aware of risks, rules, safeguards and rights in relation to the processing of personal […]

Article 12 – Transparent Information

As companies scurry to bring their personal data governance into compliance with the EU General Data Protection Regulation, they would do well to revisit their public facing privacy statements, in light of Articles 12, 13, and 14.  While Articles 13 and 14 hold the substantive requirements of an organization’s privacy statement, Article 12 has important […]