Category Archives: Uncategorized

It is easy to assume that because individual rights existed under the Directive, you don’t have to do anything extra to implement the GDPR.  If you are assuming this, you are mistaken.  Furthermore, as discussed in an earlier blog, the timing requirements and the reasons for not complying with an individual request are different and […]

The right not to be subject to a decision based solely on automated processing, including profiling, gives the individual the ability not to be subject to such a decision which produces legal effects concerning him or her or similarly significantly affects him or her.  This right does not apply if the decision: Is necessary for […]

The right to object gives the individual the ability to object to the processing of personal data: Where the legal basis to process is legitimate interest or performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, including profiling based on these provisions.  In […]

The right to data portability gives the individual the ability to: receive his or her personal data, which the individual provided to the controller, in a structure, commonly used and machine-readable format transmit that personal data to another controller without hindrance where: the processing is based on consent or on a contract, and the processing […]

The right to restrict processing gives the individual the ability to have processing of personal data restricted where one of the following applies: The accuracy of the personal data is contested by the individual, but the restriction only applies until the accuracy of the personal data is verified The processing is unlawful, but instead of […]

Yesterday Zoom announced it will offer end-to-end encryption to all users.  Encryption has been an ongoing issue for Zoom because, as I mentioned in earlier blog, Zoom video and computer audio meetings aren’t end-to-end encrypted as advertised and, as I mentioned in a subsequent blog, Zoom planned to roll out end-to-end encryption only for video […]

The right to erasure, also known as the “right to be forgotten,” gives the individual the ability to have personal data erased when one of the following grounds applies: The personal data are no longer necessary for the purposes for which they were collected and processed The legal ground for the processing is consent and […]

In an earlier blog, I wrote that the UK and Irish regulators are being more lenient about the amount of time it may take for organizations to respond to individual rights requests.  On May 4, 2020, the Hungarian government issued a governmental decree suspending the rights of individuals under Articles 15 through 22 of the […]

The right to rectification gives the individual the ability to have inaccurate personal data concerning him or her corrected.  Personal data is inaccurate if it is incorrect or misleading as to any matter of fact.  This right also gives the individual the ability to have incomplete personal data completed, including by providing a supplementary statement. […]

In an earlier blog, I wrote that Zoom video and computer audio meetings aren’t end-to-end encrypted.  With end-to-end encryption, Zoom meetings can’t be accessed by Zoom employees, and therefore, Zoom meetings are transport encrypted. Late last week, Reuters Technology News reported that Zoom plans to roll out end-to end encryption of video calls hosted by […]