Home >> Communities >>Policy Advocacy >> GDPR





Re: CRS Compliance and GDPR

I came across an excellent Ernst & Young article on how GDPR, FATCA, and CRS align by Amanda Murphy. Since pasting its extracts would amount to copyright violation, I am pasting the link here.  GDPR, FATCA and CRS | Financial Services Thought Gallery 

Privacy By Design : Indian Landscape

India as it contemplates and pushes for its own data protection regime there is a huge opportunity to re-design and design the products and services which will if not eliminate reduce the data privacy risks. And when the world look at you as the pioneers of IT industry some of the key challenges are competitive advantages for India. “Privacy by Design” and “Privacy by Default” have been frequently-discussed topics related to data protection. The first thoughts of “Privacy by Design” were expressed in the 1970s and were incorporated in the 1990s into the RL 95/46/EC data protection directive. According to recital 46 in this Directive, technical and organisational measures (TOM) must be taken already at the time of planning a processing system to protect data safety. Privacy by Design is a c...

Personal Data Protection Bill 2018

Highly impressed with the Personal Data Protection Bill. In my opinion on par with the EU GDPR and in few ways better actually. Kudos to the BJP government!! And Companies need to gear up now!

Microsoft, Facebook, Google and Twitter Introduce the Data Transfer Project: An Open Source Initiative for Consumer Data Portability

As we progress further into the era of the intelligent cloud and all its potential applications, Microsoft recognizes that people will only use technologies they trust – and that they can control. This is at the heart of Microsoft’s recent commitments to extend rights that are at the heart of GDPR to all of our consumer customers worldwide, and drives the design of our privacy dashboard to give users the tools they need to take control of their data. Today, we are announcing the Data Transfer Project, a joint open-source project initiated together withFacebook, Google, and Twitter whose work is aimed at helping users securely and seamlessly move their data between service providers. This open source project will create new capabilities for direct data portability between participating serv...

Re: GDRP query

under GDPR, European organizations are required to ensure that any third party they work with outside EU are GDPR compliant. So, any Indian business entity that caters to any European organization, in the process they need to deal with any European customer data will have to follow GDPR regulations. 


Vietnam approves new cybersecurity law Vietnam’s Parliament has approved a new cybersecurity law that requires social media companies to remove offensive content from their online service within 24 hours at the request of the Ministry of Information and Communications and the Ministry of Public Security’s cybersecurity task force. The new law also has the effect that technology companies doing business in the country will be required to operate a local office and store information about Vietnam-based users within the country. Companies could face substantial penalties for failure to disclose information upon governmental request. The law will take effect on 1st January 2019.       ICO fines Yahoo! UK £250,000 The UK regulator has fined Yahoo! UK Services Limited £250,000 in rel...

GDPR – Main crux points for Indian Side

Can I know from a knowledgable expert on #GDPR as to what are the three main crux points. EU companies (one of my prospective customers) are told that they should not share any EU data outside of EU, what exactly is the same and apart from being complaint what measures need to be taken. Secondly does ISO 27001 help here. ?


Under Article 37 of the General Data Protection Regulation (GDPR), all public authorities and bodies will be required to designate a Data Protection Officer (DPO). Private sector organisations that on a large scale as part of their core activities regularly and systematically monitor data subjects or process sensitive personal data will also have to appoint a DPO. A DEFINITION OF DATA PROTECTION OFFICER A data protection officer (DPO) is an enterprise security leadership role required by the General Data Protection Regulation (GDPR). Data protection officers are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements. WHAT COMPANIES NEEDS DATA PROTECTION OFFICERS? Put forth by the European Parliament, the European Council, and the ...

  • 1
  • 2
  • 5