After four years of legal battles running through all US instances, Microsoft‘s email-in-Ireland case is now moot – but the topic is by no means off the table yet.
CIOs would do well to pursue a risk management led approach when selecting, commissioning and supervising their IT service providers.
The EU-U.S. Privacy Shield Framework was adopted last month, July 2016. This new regulation was designed and accepted by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection. The Privacy Shield’s requirements impacts personal data being transferred from the European Union to the United States. US Companies that do global business may be interested in being in compliance, if they receive personal data from European Union citizens.
In May 2018, the new and standardized General Data Protection Regulation (GDPR) will take effect, and companies need to start preparing for it. We will explain what is changing.
Using WhatsApp as a company poses problems when it comes to the German Data Protection Act, because contacts from the user’s cell phone are transferred to WhatApp’s servers. Corporate users of the service could be held liable (accompanied by significant monetary penalties!), because they are aware of this. Attorneys therefore unanimously recommend not using WhatsApp for professional purposes.