China
Africa
Explore chapters and articles related to this topic
Data Protection and Privacy Issues of the Internet of Things
Published in Stavros Shiaeles, Nicholas Kolokotronis, Internet of Things, Threats, Landscape, and Countermeasures, 2021
Not all entities are obliged to appoint a Data Protection Officer (DPO). However, appointment of a DPO is compulsory for public authorities and bodies as well as private entities over a particular workforce size and involved in specific data processing activities. The appointment of a DPO can help demonstrate compliance, in line with the principle of accountability. A DPO must be independent, with proven expertise in data protection and must be provided with adequate resources. Their role is to assist the data controller to monitor compliance, to inform and advise about data protection obligations as well as to assist with the conduct of a data protection impact assessment. The DPO is also the point of contact for data subjects and the supervisory authorities.
Security, Privacy, Ethical, and Legal Considerations
Published in Preston de Guise, Data Protection, 2020
GDPR includes mandatory breach notification with tangible fines associated with violations of user privacy. (The upper maximum currently for a GDPR violation is €20,000,000, or 4% of the previous year’s annual worldwide turnover—whichever of the two is the larger.) Government authorities and companies whose business focus is the collection and processing of personal data are also required to employ a data protection officer (DPO) who manages compliance to the GDPR.
Responsible innovation at work: gamification, public engagement, and privacy by design
Published in Journal of Responsible Innovation, 2022
Daniele Ruggiu, Vincent Blok, Christopher Coenen, Christos Kalloniatis, Angeliki Kitsiou, Aikaterini-Georgia Mavroeidi, Simone Milani, Andrea Sitzia
In the EU, GDPR enforcement has made the protection of personal data compulsory for all organisations during systems design and implementation (Sousa et al. 2018). New data rights have been established for EU citizens, supporting their autonomy and self-determination. Additionally, each organisation is obliged to establish a Data Protection Officer (DPO), an expert in data protection rules and practices who is responsible for ensuring that organisational processes comply with the legislation (art. 37 GDPR).