article thumbnail

How Organisations Are Failing to Process Personal Data Lawfully Under the GDPR

IT Governance

Andy took the first principle as an example, saying: You’d think organisations can get something as basic as ‘lawfulness, fairness and transparency’ right, but no! There are often problems with the lawfulnessof personal data processing, largely due to over-reliance on consent. Can you give us a real-life example?

article thumbnail

Data privacy examples

IBM Big Data Hub

A navigation app anonymizes activity data before analyzing it for travel trends. These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

What Is Data Minimisation? Definition & Examples

IT Governance

Data minimisation requires organisations to process personal data only if it serves a specific purpose, and to retain it for only as long as it’s needed to meet that purpose. This is because the answer will depend on the specific circumstances for processing and using the personal data.

GDPR 132
article thumbnail

India Passes Digital Personal Data Protection Act

Hunton Privacy

reports that in early August 2023, the Indian Parliament passed the Digital Personal Data Protection Act (the “Act”), bringing to a close a 5-year process to enact an omnibus data privacy law in India. Grounds for Collection and Processing Consent continues to be the primary legal ground for the processing of personal data.

article thumbnail

SINGAPORE: Proposed Guidelines on Use of Personal Data in AI Systems

DLA Piper Privacy Matters

On 18 July 2023, Singapore’s Personal Data Protection Commission (“ PDPC ”) issued for public consultation a set of proposed guidelines for the use of personal data in AI recommendation and decision systems (“ Proposed Guidelines ”). The public consultation is open until 31 August 2023.

article thumbnail

When are schools required to report personal data breaches?

IT Governance

Under the GDPR (General Data Protection Regulation) , all personal data breaches must be recorded by the organisation and there should be a clear and defined process for doing so. In this blog, we take a look at the scenarios in which data protection breaches in schools must be reported. When must breaches be reported?

article thumbnail

$10,000,000 civil penalty for disclosing personal data without consent

Data Protection Report

The claims related to the company’s sharing personal data without consumer consent and making it very difficult for consumers to cancel their subscriptions to this telehealth service. The complaint alleged that the company’s data handling practices also resulted in unauthorized disclosures of personal information.