In April of this year, after many years of debate and drafting, the EU adopted its new General Data Protection Regulation (which I will call “the regulation” for the rest of this post). The regulation is an attempt to resolve a problem which is manifested itself for a very long time now – privacy regulation in Europe is done on a national basis, by highly independent national data privacy authorities, which means that any business in Europe that is implicated by privacy laws is dealing with 28 sets of laws. The national data privacy authorities have gone off in a great many different directions, resulting in very light regulation of data privacy issues in some places – e.g. the United Kingdom – and extraordinarily prescriptive and detailed regulation in other places such as France. The resulting hodgepodge has been a compliance nightmare for organizations for many years now, and the stated goal of the regulation is to harmonize this mass of law and make it easy for organizations to comply. The question is, does it actually do this?
Washington remains the only state that does not accord the same legal effect to electronic signatures as it does to their wet-ink versions for intrastate transactions involving government agencies. Read more
Conflicts, What Conflicts?
One of the more obscure provisions of the Dodd Frank Act that’s coming up on a lot of organizations is the conflict minerals certification provision found at section 1502.
Subscribe to our eNewsletter
Call Us Toll Free
4340 S. Pennsylvania St.
Englewood, CO 80113
- The Dilemma of Democracy and Information – Double Edged Swords from out of Pandora’s BoxJuly 7, 2016 - 9:20 pm
- Brexit and its effect on Information GovernanceJuly 7, 2016 - 9:18 pm
- The EU’s General Data Protection Regulation – a Sea Change, or Old Wine in a New Bottle?July 7, 2016 - 9:14 pm
- The Hillary Clinton Email Scandal: Two Information Governance Views (#1)June 9, 2016 - 12:40 pm
- The Hillary Clinton Email Scandal: Two Information Governance Views (#2)June 9, 2016 - 12:39 pm