Is Business Contact Data considered as Personal Data under GDPR?

One of the questions that is bugging Companies engaged in some kind of marketing to corporate executives is whether a “Work E-Mail”or “Work Phone number” , which is the “Business Contact Information” (BCI) qualifies itself as “Personal Information” (PI) under GDPR. If BCI is PI then companies need to scrap any such information they might …

Read More Is Business Contact Data considered as Personal Data under GDPR?

Data Porting under GDPR is good in theory but challenging in practice

Data Portability is one of the contentious issues of the GDPR from the compliance angle. We had discussed the “Theory of Dynamic Personal Data” in one of our previous articles. That concept would be relevant to address the issue of Data Portability as envisaged in GDPR. Article 20 of GDPR states as follows: Article 20: …

Read More Data Porting under GDPR is good in theory but challenging in practice

Definition of “Undertaking” under GDPR needs to be Debated

GDPR is liked by some as a good law to protect privacy of individuals and is often looked upon as an “Emerging Standard”.  Many companies are working towards calling themselves “GDPR Compliant” since it makes a good marketing sense though GDPR does not apply to them. Even the Whitepaper on Data Protection Law which the …

Read More Definition of “Undertaking” under GDPR needs to be Debated

Ownership of CCTV footage

Dr Pratap Reddy, Executive Chairman of Apollo Hosiptal has stated that  Apollo Hospital had turned off CCTV cameras placed in the ICU when the late Tamil Nadu Chief Minister J.Jayalalitha was undergoing treatment. (Refer report here). In the light of a strong suspicion that Ms Jayalalitha could have been murdered by a political conspiracy, the …

Read More Ownership of CCTV footage

GDPR and Aadhaar

Currently GDPR and Aadhaar are both hot subjects for discussion amongst professionals whether they are Privacy activists, Information Security professionals or Lawyers. GDPR is at one end of the spectrum often looked upon by Privacy activists as the ultimate in Privacy Protection legislation. Aadhaar on the other hand is at the other end of the …

Read More GDPR and Aadhaar

Disclosure of GDPR Risk impact on Indian Companies is part of Corporate Governance

As the D-day  for GDPR (25th May 2018) approaches, many of the Indian companies are busy with their preparation for implementing GDPR in their processing activities. At the same time, there is also a question in the minds of most of the Indian companies about how the GDPR provisions would be made applicable to them by …

Read More Disclosure of GDPR Risk impact on Indian Companies is part of Corporate Governance