Audits strengthen business operations, yet many organizations are fearful of the process, rather than seeing the benefits of audits. In this webinar, you get better insights in the auditing process and how you can use audits to strenghten and mature your overall risk programme.
GDPR Two-Year Anniversary: The Right to be forgotten is not absolute – Webinar 9 June 2020
9 June 2020 – Cyber Security Coalition
In their third webinar, the Cyber Security Coalition Privacy Focus Group and Beltug focused on the apparently easy but actually complex ‘right to be forgotten’. In his extremely clear presentation, Peter Van Dyck, Partner at Allen and Overy (Belgium) LLP clarified the basics of this right, illustrated with three cases against Google and five rulings of the Belgian DPA.
Referring to art 17 of the GDPR, Peter Van Dyck pointed out that data subjects have a right, not so much to be completely ‘forgotten’, but for specific personal data to be erased or search results to be dereferenced. And this right is not absolute. A data subject’s request must comply with at least one of the conditions listed in art 17, and companies/organizations can invoke grounds to refuse the request (but DO document why!). He illustrated how three cases against Google at the European Court of Justice have ‘created’ and influenced the ‘right to be forgotten’, including the extent of ‘being forgotten’ and its territorial applicability (Europe yes, worldwide possibly).
Based on five rulings, Peter Van Dyck provided also insight in the interpretation of this right by the Belgian DPA. Its approach at this time is rather more lenient and cooperative, as quite often companies are not fined if they prove to remedy the infringement of this right within e.g. a month. Importantly, he stressed the need for companies/organizations to get their ‘right to be forgotten’-processes right and effective!
For a clear and concise insight in the ‘right to be forgotten’-challenge, do replay this session!
Other blog posts
This webinar focuses on the context of information security through governance, more particularly on the key role of the CISO and the value of COBIT as a digital governance framework for information security activities supported by the presentation of a best practice.
This webinar presents the building blocks of an effective organization-wide risk management and explains the requirements for IT risk management certification.
In this Cyber Talk you gain insights in advanced threats outside your organisation and what you could potentially do to protect you from them.
In this first webinar of the GRC: Be Connected! series, some very basic aspects of cyber security are treated: how to manage necessary skills, what about frameworks, where to find knowledge.