August

According to research conducted by TrustArc, most companies are not ready for the General Data Protection Regulation.
 
In a survey, "Privacy and the EU GDPR," TrustArc polled 204 privacy professionals and found that 61 percent have not begun the process of GDPR implementation, while 23 percent said they have begun implementation, 11 percent stated their implementation is "well underway," and just four percent claimed to be fully compliant with GDPR.
 
Of the 61 percent who have not started implementation, 39 percent are working on their preliminary plan, 18 percent have a plan in place, but have not started implementation, and four percent haven't started working on a plan at all.

The Centre for Information Policy Leadership at Hunton & Williams LLP issued a white paper on Recommendations for Implementing Transparency, Consent and Legitimate Interest under GDPR.
 
The White Paper sets forth guidance and recommendations on the key concepts of transparency, consent and legitimate interest under GDPR. One of the main objectives of GDPR is the empowerment of individuals and transparency is a prerequisite to meet this objective. However, it notes a growing gap between legal transparency through traditional and lengthy privacy policies and notices and user-centric transparency.
 
CIPL recommends that transparency under the GDPR be user-centric: informing users through meaningful information in concise and intelligible formats.

A new document examines laws from across the globe and matches them up against the EU General Data Protection Regulation, to help determine how much duplication of operational effort can be avoided as the move toward GDPR takes place.
 
It examines the principles of the APEC Privacy Framework with the principles expressed by the GDPR. And, it notes that the privacy enforcement authorities of a country that takes part in the system should have the ability to take enforcement actions under applicable domestic laws and regulations that have the effect of protecting personal information consistent with the CBPR program requirements.