Have you heard of the Commission Proposal that will soon be the EU General DATA Protection Regulation? Are you curious what it's all about? If you are not, you should be...
The IAITAM 2015 Fall ACE will kick off with information HOT OFF THE PRESS from the leading authority on this proposed Regulation in Europe that will affect how the World transacts business- Ann LaFrance with Squire Patton Boggs.
Ann will show you highlights on the overall draft Regulation as it stands now as well as which parts are most important to your ITAM program. She will provide tremendous insight as to what is coming down the line so you can prepare for it now.
This is one seminar you cannot afford to miss!
Ann LaFrance is a partner with the London office of Squire Patton Boggs. She is responsible for coordinating the Firm’s Communications Law practice in the EMEA region and chairs the Global Data Privacy and Cybersecurity group.
Ann has over two decades of experience advising private and public sector clients on regulatory, policy, competition and commercial law matters involving the ICT sector in Europe and the Middle East, Latin America and the Caribbean, the United States and emerging markets around the globe. Ms LaFrance began her career in private practice in Washington, DC, and from 1996-2004, she served as Chief International Counsel in Brussels and the London for MCI/WorldCom (since acquired by Verizon Business). Her practice covers a broad range of technology and media issues including data protection, cybersecurity and e-privacy.
MORE ON THE DRAFT EU GENERAL DATA PROTECTION REGULATION
The Regulation applies to controllers and processors with no physical presence in the EU.
Non-EU entities that process EU personal data are also required to appoint a representative in one EU Member State.
The Regulation prohibits transfers of personal data outside of the EEA unless that country ensures adequate protection.
If a non-EU government/court requests a company (e.g. a search engine, cloud provider) to disclose EU personal data, the data controller or processor must:
- obtain prior authorization for the disclosure/transfer from the local data protection authority (DPA); and
- inform the relevant data subject(s).
The current draft of the Regulation requires data controllers to have policies and measures in place to ensure (and be able to demonstrate) that the processing of personal data that they undertake is compliant with the Regulation.
Erasure must be carried out by the controller and third parties “without delay” unless retention is necessary to exercise the right of freedom of expression, for public interest health reasons, to comply with legal obligations, etc.
The current draft provides for sanctions of up to 2% of annual worldwide turnover or EUR 1,000,000, under debate Sanctions: the Council and Commission argue that fines of up to 2% of annual worldwide turnover or EUR 1 million (whichever is greater) should be imposed on companies found to be in breach of the Regulation, while the Parliament advocates fines of up to 5% of annual worldwide turnover or EUR 100 million (whichever is greater).
EVENT FEES (USD)
Non-Member: Regular: $1,195 | Late: $1,434
Individual Member: Regular: $995 | Late: $1,194
Corporate Member / Provider Member: Regular: $795 | Late: $954