Egal ob »Deal or no deal«, in beiden Fällen wird Großbritannien zum Drittland im Sinne der DSGVO

Das zwingt Unternehmen dazu, ihre grenzüberschreitende Verarbeitung personenbezogener Daten genau zu prüfen. ...Mehr lesen

To be or not to be (a processor). That is the question.

In the case of a service provider that is not contracted by a controller to process personal data on its behalf but may gain custody of the controller’s personal data incidentally to the core services provided, should a contract with the controller-processor clauses ...Mehr lesen

Cyber-Attacke auf das Olympische Dorf Paris 2020

West Point (New York) Militärakademie-Team gewann Cybersecurity Challenge auf der diesjährigen FIC 2019 Konferenz. ...Mehr lesen

Behörden verhängen erste Bußgelder wegen Verstößen gegen DSGVO

Bundesweit ergingen bisher in 41 Fällen Bußgeldbescheide wegen DSGVO-Verstößen. Vor allem kleine Unternehmen sind auf die neuen Regeln offenbar nicht vorbereitet. ...Mehr lesen

Is a violation of a GDPR rule at the same time a violation of competition law?

According to the Oberlandesgericht Hamburg (Higher Regional Court Hamburg) violations of data protection rules can also mean a violation of German competition law and can therefore be actionable by competitors in accordance with the German Unfair Competition Act (Gesetz ...Mehr lesen

Europa ist noch immer nicht bereit für die Cloud

Ist Europa adäquat auf die Cloud-Revolution vorbereitet? ...Mehr lesen

Wettbewerbsvorteile für Europäische Unternehmen durch Cloud

Was sind die entscheidenden Vorteile von Cloud Computing für europäische Unternehmen? ...Mehr lesen

The Dutch Data Protection Authority (Dutch DPA) clarifies the concept “large scale” for the Data Protection Officer (DPO)

Government agencies and public organisations have the obligation to appoint a DPA, regardless the type of data they process. ...Mehr lesen

Joint Controllership Sub-group News

During 2018, the Not-for-Profit International Network CPC set up some study groups with the aim to analyze and compare the Member States laws and Data Protection Authorities’ interpretations on some specific legal arrangements provided by the EU Regulation 679/2016, ...Mehr lesen

Compete for the best cloud solution worldwide – the EuroCloud Awards 2019 start now

The EuroCloud Awards recognize the best digital services from Europe and around the world based on their underlying cloud computing technology. ...Mehr lesen

Supreme Court Finds the Publisher and the State Liable for Personal Data Breach

In August 2018, the Supreme Court of the Republic of Slovenia upheld the judgements of the lower courts finding the publisher and the state (Republic of Slovenia) jointly liable for the publication in a secondary school textbook of a set of data which allowed for the ...Mehr lesen

New cybersecurity law imposes security and reporting obligations to Operators of Essential Services and Digital Service Providers

The Greek Parliament recently enacted Law 4577/2018, the purpose of which is to transpose Directive (EU) 2016/1148 on security of network and information systems (the NIS Directive) into Greek law. ...Mehr lesen

Uber fined £385,000 in the UK and €600,000 in the Netherlands

Uber US and Uber Netherlands were considered to be joint controllers which made them both separately liable for claims of customers of Uber. Uber was fined after a 'serious breach' allowing hackers to download worldwide 54 million customer data. ...Mehr lesen

EDM erhält 4-Sterne-Zertifikat

Der Cloud-Dienst des Österreichischen Bundesministeriums für Nachhaltigkeit und Tourismus erhält neuerlich das StarAudit-Zertifikat. Auditoren bestätigen ein außerordentlich hohes Niveau in Bezug auf Datenschutzmanagementprozesse und Informationssicherheit. ...Mehr lesen

Slovenia’s ICO defines DPO’s additional tasks that could result in a conflict of interests

Paragraph 6, Article 38 of the General Data Protection Regulation (GDPR) allows the Data Protection Officer (DPO) to fulfil other tasks and duties (beside serving as the DPO) for the controller or processor, provided however, that fulfilling such additional assignments ...Mehr lesen

The Spanish DPA (AEPD) issues guidelines regarding the management and notification of security breaches according to GDPR

The Agencia Española de Protección de Datos ( AEPD) presented guidelines regarding the management and notification of security breaches in compliance with GDPR. ...Mehr lesen

Turkey: Data Protection Matters in M&A Transactions

Privacy issues in mergers and acquisitions take the attention of transaction parties among other things in these days. ...Mehr lesen

Cybersecurity und Cloud Computing: So erreicht Europa den ultimativen Wettbewerbsvorteil am digitalen Weltmarkt

Die DSM Cloud Stakeholder Konferenz, mit Informationen aus erster Hand über „The EU Cyber Security Package and GDPR Code of Conduct for Cloud Procurement in Europe” ...Mehr lesen

With Legislative Decree 101/2018, Italy harmonized the national privacy legislation to the GDPR

With Legislative Decree n. 101/2018 the Italian legislator has finally taken the last necessary step in order to coordinate the local privacy law to the GDPR. This intervention, in particular, entailed the repealing of the rules considered incompatible with the European ...Mehr lesen

Doping control in sport – how about personal data?

As the legal representatives of the Slovak Anti-doping Agency (hereinafter referred to as “SADA”), we have taken part in several proceedings known as anti-doping rule violations (hereinafter referred to as “ADRV”). ADRV is considered as conduct of an athlete which ...Mehr lesen

List of personal data processing activities that must be subject to a Data Protection Impact Assessment (“DPIA”)

The CNPD (Portuguese Data Protection National Commission), as the Portuguese supervisory authority, has approved Regulation nr. 1/2018 (“Regulation”), pursuant to Articles 35, no. 4 and 57, no. 1, k) of the General Data Protection Regulation (“GDPR”), that provides a ...Mehr lesen

In-vehicle emergency call systems (e-call) in Turkey

In-vehicle emergency call (eCall) systems, which have been in use for a long time, are defined as systems within vehicles being activated either automatically or manually, that establish connection with the 112 emergency call centers in cases of an emergency. ...Mehr lesen

The Datacenter of Orion Telekom, Recertified as StarAudit Approved DC level 3

Orion Telekom, a Serbian telecommunication provider has been audited and recertified in October 2018. ...Mehr lesen

StarAudit-Training in Tokio

Auf Vermittlung des Chapters in Taiwan fand zum ersten Mal ein EuroCloud StarAudit-Training in Japan statt. In Kooperation mit JIPDEC wurde ein dreitägiges StarAudit-Training abgehalten, an dem 25 Auditoren und Datenschutzexperten teilnahmen. JIPDEC führt seit 1998 ...Mehr lesen

Tante Emma im digitalen Zeitalter - geht das?

Kleine Tante-Emma-Läden, die ihre Kunden ganz persönlich beraten, gibt es heute kaum noch. Ist es möglich, dieses Einkaufserlebnis in das Web zu übertragen? Eurocloud Swiss hat diese Frage am Donnerstag an einem Event im Fifa-Museum in Zürich gestellt. ...Mehr lesen

Privacy Shield: Brace Yourself, Changes are Coming

Since the application of the GDPR, the days of the EU-U.S. Privacy Shield may be numbered and parties to an IT contract must be on the alert. ...Mehr lesen

Controller-Processor relationship in public sector (Bulgaria)

With the entry into force of Regulation (EU) 2016/679 (the “General Data Protection Regulation”) on 25th May 2018, the matter of harmonization with the current EU legal framework appeared on the agenda in Bulgaria. The need for EU legal framework harmonization was ...Mehr lesen

Mandatory e-mail encryption from January 1st 2019 in Denmark

The new practice of the Danish Data Protection Agency requires all work related e-mails containing personal data is to be encoded according to the GDPR. ...Mehr lesen

The days after the GDPR – The Cyprus Law on the Protection of Natural Persons against the Processing of Personal Data and the Free Movement of this Data

This year, on the 25th of May 2018, the highly anticipated and monumental EU General Data Protection Regulation (henceforth “the GDPR”) was fully enforced and applied in all Member States of the EU, replacing the previous Data Protection Directive 95/46/EC. ...Mehr lesen

Erstes Austrian Cloud Gütesiegel an Wiener Unternehmen verliehen

Edentity Software Solution GmbH hat als erstes Unternehmen den Prozess zum Austrian Cloud Gütesiegel abgeschlossen. ...Mehr lesen

New StarAudit Catalogue Add-On: Cryptography CC

EuroCloud Europe launches the new Cryptography CC StarAudit Catalogue, focused on Technical Data Privacy and Cryptographic Assessments. ...Mehr lesen

EC English Language Centres, in a new Trust in Cloud (TIC) story

The Malta Communications Authority (MCA), which falls under the Parliamentary Secretariat for Financial Services, Digital Economy and Innovation within the Office of the Prime Minister, and is responsible for overseeing the eCommerce sector in Malta and for the Malta ...Mehr lesen

StarAudit Program: Qualifying and Certifying in Several Levels

StarAudit of EuroCloud Europe wants to build trust between cloud providers and users with its certification program. Since its foundation, Andreas Weiss has been Director of EuroCloud Deutschland_eco e. V. and played a major role in the development of the StarAudit. In ...Mehr lesen

The Estonian data protection authority issued guidance on the definition of “large scale” processing

The Estonian data protection authority (Data Protection Inspectorate, DPI) issued guidance on the definition of “large scale” processing, relevant as regards the appointment of data protection officers (DPOs) and carrying out data protection impact assessments (DPIAs). ...Mehr lesen

Cloud-Studium: Aus der Masterarbeit in die Praxis

Norbert Fesel hat sich im Rahmen seines Masterstudiums Cloud Computing Engineering an der FH Burgenland mit wichtigen Fragestellung rund um Cloud-Service-Zertifizierungen beschäftigt und Vorschläge zur Erweiterung erarbeitet. ...Mehr lesen

The impact on digital transformation on society

Portugal, 26 July: Excellent socio economic discussion about the impact on digital transformation on society right after a presentation about the StarAudit program of EuroCloud Europe. Audience on this INSTICC conference in the beautiful city of Porto coming from many ...Mehr lesen

Europaweit erste Cloud-Zertifizierung für E-Government-Plattform des BMNT

Das „Elektronische Datenmanagement – Umwelt“ (EDM) des Bundesministeriums für Nachhaltigkeit und Tourismus unterstützt Unternehmen wie Behörden in der Umsetzung umweltrelevanter Vorgaben. Nach dem Elektronischen Akt gilt diese digitale Plattform als bedeutsamer Schritt ...Mehr lesen

Digital Ear – die Cloud hört mit

Mit IoT werden oft Werkshallen und Roboter verbunden – wie der Use-Case des „Digital Ears“ zeigt, kann sich das Ganze auch unter freiem Himmel abspielen. ...Mehr lesen

Cloud ist teuer, aber auch billig

Allzu oft hört man in jüngster Zeit, dass die Cloud sich nicht rechnet und man seine Applikationen wohl besser doch on-premise günstiger betreibt, bereits migrierte Workloads werden wieder aus der Cloud zurück geholt. Von anderer Seite hört man Gegenteiliges die Cloud ...Mehr lesen

“White list” – (Austrian) Exceptions to the Privacy Impact Assessment

The General Data Protection Regulation (GDPR) stipulates that (data) controllers must carry out what is known as a "data protection impact assessment" (DPIA) before data processing is likely to entail a high risk for the rights and freedoms of natural persons. ...Mehr lesen

A European Sovereign Cloud: the Silver Lining to the U.S. CLOUD Act

The adoption of the U.S. Cloud Act weakens the integrity and security model of leading public cloud providers. ...Mehr lesen

Nachlese Intensiv-Seminar: definieren Sie die Angebotskriterien für Cloud Services richtig

Am 26. Juni hat EuroCloud Austria das Intensiv-Seminar AUSSCHREIBUNGSKRITERIEN FÜR CLOUD SERVICES RICHTIG DEFINIEREN in den Räumlichkeiten der Wirtschaftsagentur Wien durchgeführt. Grundlage für dieses Seminar ist der von der European Union Agency for Network and ...Mehr lesen

The Spanish Data Protection Authority (AEPD) issues a check-list on regulatory compliance

The Spanish DPA issued a check-list regarding regulatory compliance to facilitate the implementation of GDPR. ...Mehr lesen

Employee monitoring under the Romanian law implementing GDPR

On 27 June 2018, the Romanian Parliament finally approved the Romanian law intending to cover the open clauses under the General Data Protection Regulation ("GDPR"). The new law ("GDPR Implementing Law") is not yet in force; at the date of this article (4 July 2018) it ...Mehr lesen

GDPR in a Post-Brexit Era: Some New Challenges?

The General Data Protection Regulation (GDPR) came into full operation on 25 May 2018 and was described by the Information Commissioner's Office (ICO) as the "new normal". However, the "new normal" expires on Brexit day when the UK moves to a separate data protection ...Mehr lesen

1st meeting of the Advisory Board for the International Cybersecurity Forum

Brussels 25 June: Général d'armée (2S) Watin-Augouard and Chairwoman Elly van den Heuvel, Secretary of the Cybersecurity Council Netherlands open the meeting. 1st meeting of the Advisory Board for the International Cybersecurity Forum co-organised by the French ...Mehr lesen

Fabasoft Cloud Reconfirmed as World’s Most Secure Cloud Service

The renowned cloud certification service EuroCloud Europe has once again decided to award Fabasoft Cloud the highest possible certification level as the only cloud service worldwide. Distinctions like this one confirm the excellent security standards for data in the ...Mehr lesen

Fabasoft Cloud als weltweit sicherstes Cloud-Service wiederbestätigt

Die renommierte Cloud Zertifizierung der EuroCloud Europa hat entschieden, der Fabasoft Cloud erneut als weltweit einziges Cloud-Service die höchstmögliche Zertifizierung zuzusprechen. Auszeichnungen wie diese bestätigen das hohe Sicherheitsniveau rund um Daten in der ...Mehr lesen

The Impact of the GDPR in Monaco until the Revision of the Monegasque Data Protection Legislation

The Monegasque Data Protection Authority has published on its website on May 2, 2018 a list of the key questions on the GDPR recurrently asked by the Monegasque companies, and has clarified its impact in Monaco. ...Mehr lesen

Verwässerung von Datenschutz: Österreich droht EU-Verfahren

Der Verfassungsdienst im Justizministerium sieht "begründete" Bedenken der zuständigen EU-Kommissarin. ...Mehr lesen