The new UK Data Protection Bill was announced during the Queen’s Speech of June 2017 and will update the current data protection laws. It was introduced to the House of Lords on 13 September 2017.According to the Data Protection Bill fact
GDPR Guidelines: The ICO and the CNIL have launched public consultations
The UK and French Data Protection authorities (the ICO and the CNIL) are consulting on their respective draft GDPR guidelines until October 10, 2017 for the UK and October 19, 2017 for France. The CNIL consultation is on international data
GDPR : Sanction (Administrative fine)
The General Data Protection Regulation (GDPR), applicable since May 2018, gives the European Data Protection Authorities, since then called the Supervisory Authorities, the power to serve administrative fines of up to €20 million or 4% of the global annual turnover of the precedent financial year, whichever is higher.
Data Protection by Design and by Default
Data Protection by design and by default are principles defined in article 25 of the General Data Protection Regulation (GDPR).
Data protection by design requires the controller to take technical and organisational measures to implement the data protection principles effectively and to integrate adequate safeguards to protect the rights and freedoms of data subjects.
Data protection by default requires that, by default, appropriate technical and organisational measures be implemented to ensure that only personal data that are necessary for each purpose of the processing are processed.
The Privacy Principles
Under the EU general data protection regulation (GDPR), any data processing activities must be compliant with six privacy principles, which are the cornerstone of the european privacy regulation and most international privacy laws.
The privacy principles are set out in article 5 GDPR and are as follows :
Lawfulness, fairness and transparency
Purpose limitation
Data minimisation
Accuracy
Storage limitation
Security
Accountability