Between 2020 and 2024, the data protection supervisory authorities in Cyprus had the highest change in budget among the European Union countries, as their authority's budget grew by 130 percent during the measured period. The second-highest increase in budget was recorded at the Austria's data protection authority.

Between August 2023 and August 2024, the Federal Trade Commission (FTC) of the United States took law enforcement actions against 20 companies for data privacy and security violations. The latest updated case was with Verkada. The charges were filed by the FTC for failing to secure Videos, Other Personal Data and Violated CAN-SPAM Act.

SAR Database contains details of staff & ex-staff Data Protection Act (DPA) SARs received by BIS (including predecessor departments BERR and DTI, and relevant Executive Agencies), and DECC.

This dataset is about book subjects and is filtered where the books is A guide to the Data Protection Act : implementing the Act, featuring 10 columns including authors, average publication date, book publishers, book subject, and books. The preview is ordered by number of books (descending).

DP (Data Protection Act) / SAR (Subject Access Request) - % In time - (YTD).

The Freedom of Information Act 2000 (FOI) was intended to promote a culture of openness and accountability by giving people the right to access information held by public authorities; to improve public understanding of duties, why decisions are made and how public money is spent.

A Subject Access Request (SAR) is a written request that entitles individuals to find out what personal data is held about them by an organisation, why the organisation is holding it and who their information is disclosed to by that organisation.

Attitudes of companies towards data protection issues. Measures of data protection. Topics: assessment of the level of protection of the national Data Protection Law for citizens as sufficient; familiarity with the provisions of the national Data Protection Law; attitude towards selected statements on the requirements of the data protection law: necessary, too strict, only necessary for certain sectors of activity; attitude towards the following statements: sufficient harmonization of the member states’ data protection laws to consider that personal data can be moved freely within the EU, data protection law in the own country is applied more strictly than in other member states; suitability of existing legislation on data protection with regard to the increasing exchange of personal data; use of Privacy Enhancing Technologies in the company; transfer of personal data via the internet; measures taken to enhance security of data transfer; transfer of personal data to countries outside the European Economic Area; type of transferred data; used means of transferring personal data; awareness of the term ´standard contractual clauses´ with regard to personal data transfer to countries outside the European Economic Area; regular contact of the company with national data protection authority; reasons for contact: notifications, asking for guidances, complaints against company, inspections, other reasons; maintenance and update of privacy policy notices by the company; monitoring of the examination of policy notes by the public; approximate number of requests for access to personal data received in 2006; complaints from people whose personal data are being currently processed; preferred actions to improve the implementation of the legal framework on data protection; attitude towards selected measures to fight international terrorism: monitor telephone calls, monitor internet use, monitor credit card use, monitor flight passenger data. Demography: position of respondent at the company; information about the company (limited to activities in the own country): number of employees, independent or part of national or international group; company sector. Additionally coded was: respondent ID; language of the interview; date of interview; time of the beginning of the interview; duration of the interview; country; weighting factor. Beurteilung des Datenschutzes in Unternehmen durch Datenschutzbeauftragte in Betrieben. Themen: Einschätzung der Qualität des nationalen Datenschutzes; Selbsteinschätzung der Kenntnis der Datenschutzbestimmungen im eigenen Land; Einstellung zum Datenschutzgesetz (Skala: Wahrung der Grundrechte durch Datenschutzgesetze, Striktheit und Notwendigkeit des Datenschutzgesetzes, Harmonisierung der Datenschutzgesetze innerhalb Europas, Einschätzung der Auslegung des Datenschutzgesetzes im eigenen Land im Vergleich zu anderen EU-Mitgliedsstaaten); Einschätzung der Angemessenheit bestehender Gesetze zum Datenschutz angesichts des steigenden Datentransfers persönlicher Informationen über das Internet; Nutzung von Technologien (privacy enhancing technologies) zum Schutz von Datenbanken im Unternehmen; Maßnahmen zur Erhöhung der Sicherheit des Datentransfers; Transfer persönlicher Daten über das Internet durch das Unternehmen in Staaten außerhalb der EU und Art dieser Daten (Personaldaten, Kundendaten, Informationsverkauf); genutztes Medium zum personenbezogenen Datentransfer; Kenntnis des Ausdrucks ´Standardvertragsklauseln´ in Bezug auf die Übermittlung personenbezogener Daten; Kontakt des Unternehmens mit der nationalen Datenschutzbehörde und Gründe für diesen Kontakt; Veröffentlichung regelmäßiger Mitteilungen zur Datenschutzpolitik des Unternehmens; Überwachung der Öffentlichkeitsrezeption dieser Mitteilungen; geschätzte Zahl der Anfragen an das Unternehmen auf Zugang zur Datenbasis im Jahr 2006; eingegangene Datenschutzbeschwerden im Unternehmen; wichtigste Verbesserungsvorschläge für das Datenschutzgesetz: mehr Klarheit über die Umsetzungspraxis der Datenschutzbestimmungen, besseres Gleichgewicht zwischen dem Recht auf Datenschutz und der Informationsfreiheit, internationale Angleichung der nationalen Datenschutzregelungen, stärker abgestimmte Sicherheitsvorkehrungen sowie spezielle Datenschutzregelungen für jeden Sektor; Einstellung zu einer Reduzierung des Datenschutzes mit dem Argument der Terrorismusbekämpfung (Überwachung von Telefongesprächen, Internetnutzung, Kreditkartennutzung und Flugpassagierdaten, Split: Präsentation der Ablehnungskategorie bzw. der Zustimmungskategorie an erster bzw. an letzter Stelle der Antwortvorlagen). Demographie: Position des Befragten im Unternehmen; Angaben zum Unternehmen (beschränkt auf Unternehmensaktivitäten im eigenen Land): Anzahl der Mitarbeiter, unabhängig oder Teil eines nationalen oder internationalen Konzerns; Branche. Zusätzlich verkodet wurde: Befragten-ID; Interviewsprache; Interviewdatum; Interviewdauer (Interviewbeginn und Interviewende); Gewichtungsfaktor.

This dataset is an abridged version of the Information Management and Security Team Subject Access Requests Log. The log is used to record, track and report on the Subject Access Requests made to the FSA. A subject access request is the name given to a request made by an individual for personal data an organisation holds about them under the Data Protection Act.

This dataset is about book subjects and is filtered where the books is Regulating online behavioural advertising through data protection law, featuring 10 columns including authors, average publication date, book publishers, book subject, and books. The preview is ordered by number of books (descending).

DP (Data Protection Act) / SAR (Subject Access Request) - In time - (YTD)

Section 4.2 of the Department of Justice Act requires the Minister of Justice to prepare a Charter Statement for every government bill to help inform public and Parliamentary debate on government bills. One of the Minister of Justice’s most important responsibilities is to examine legislation for inconsistency with the Canadian Charter of Rights and Freedoms [“the Charter”]. By tabling a Charter Statement, the Minister is sharing some of the key considerations that informed the review of a bill for inconsistency with the Charter. A Statement identifies Charter rights and freedoms that may potentially be engaged by a bill and provides a brief explanation of the nature of any engagement, in light of the measures being proposed. A Charter Statement also identifies potential justifications for any limits a bill may impose on Charter rights and freedoms. Section 1 of the Charter provides that rights and freedoms may be subject to reasonable limits if those limits are prescribed by law and demonstrably justified in a free and democratic society. This means that Parliament may enact laws that limit Charter rights and freedoms. The Charter will be violated only where a limit is not demonstrably justifiable in a free and democratic society. A Charter Statement is intended to provide legal information to the public and Parliament on a bill’s potential effects on rights and freedoms that are neither trivial nor too speculative. It is not intended to be a comprehensive overview of all conceivable Charter considerations. Additional considerations relevant to the constitutionality of a bill may also arise in the course of Parliamentary study and amendment of a bill. A Statement is not a legal opinion on the constitutionality of a bill.

DP (Data Protection Act) / SAR (Subject Access Request) - % Out of time - (YTD)

DP (Data Protection Act) / SAR (Subject Access Request) - Total Received - (YTD)

Data Privacy Management Software Tools Market size was valued at USD 1.05 Billion in 2024 and is projected to reach USD 2.82 Billion by 2031, growing at a CAGR of 13.80% from 2024 to 2031.

Global Data Privacy Management Software Tools Market Drivers

Tighter Privacy Laws: The adoption of strong data privacy management tools has become necessary as a result of the introduction and enforcement of stricter data privacy laws, such as the California Consumer Privacy Act (CCPA) in the United States, the General Data Protection Regulation (GDPR) in Europe, and other similar regulations globally. Organisations are compelled to invest in complete data privacy solutions by these requirements, which levy steep fines for noncompliance.

Global Regulatory Expansion: New and updated privacy regulations are being introduced by nations all over the world. Multinational corporations must implement scalable privacy management solutions that can handle compliance across several jurisdictions in light of the worldwide trend towards tougher data privacy rules.

DP (Data Protection Act) / SAR (Subject Access Request) - Out of time

This data is a statewide compilation of California's Marine Life Protection Act (MLPA) Study Regions. As part of a comprehensive effort to sustain marine habitats and fisheries, the Marine Life Protection Act (MLPA) of 1999 directed the State to redesign California’s system of marine protected areas (MPAs) to function as a network. To facilitate planning, the MLPA Initiative, a public-private partnership, was formed and the state was divided into five planning regions (four coastal and the San Francisco Bay), each with its own MPA planning process. All four coastal regions have now completed their individual planning processes, leading to the statewide implementation of California's MPA network along the coast. Options for a planning process in the fifth and final region, the San Francisco Bay, have been developed for consideration at a future date. Twenty MPAs and six special closures were implemented in the north coast region, from the California/Oregon border to Alder Creek (near Point Arena), on December 19, 2012. Twenty-five MPAs and six special closures were implemented in the north central coast region, from Alder Creek (near Point Arena) to Pigeon Point, on May 1, 2010. Twenty-nine MPAs were implemented in the central coast region, from Pigeon Point to Point Conception, on September 21, 2007. Fifty MPAs and two special closures were implemented in the south coast region, from Point Conception to the California-Mexico border, on January 1, 2012. The shoreline provided in this feature is a general approximation of the mean high tide line at the time of implementation. However, it is important to note that it is not based on any elevation (tidal) data and was hand drawn based on best available aerial imagery at the time. Due to the dynamic nature of coastal environments, these boundaries may not accurately reflect the current condition or exact demarcations of the coastline. The offshore boundary is based on the National Oceanic and Atmospheric Administration (NOAA) three nautical mile maritime limit published on charts at that time.

This dataset is about book subjects and is filtered where the books includes A user's guide to data protection : law and policy, featuring 10 columns including authors, average publication date, book publishers, book subject, and books. The preview is ordered by number of books (descending).

This dataset is about books and is filtered where the book is Cyber security, privacy and data protection in EU law : a law, policy and technology analysis, featuring 7 columns including author, BNB id, book, book publisher, and ISBN. The preview is ordered by publication date (descending).

The General Data Protection Regulation (GDPR) is the new European data protection law whose compliance affects organisations in several aspects related to the use of consent and personal data. With emerging research and innovation in data management solutions claiming assistance with various provisions of the GDPR, the task of comparing the degree and scope of such solutions is a challenge without a way to consolidate them. With GDPR as a linked data resource, it is possible to link together information and approaches addressing specific articles and thereby compare them. Organisations can take advantage of this by linking queries and results directly to the relevant text, thereby making it possible to record and measure their solutions for compliance towards specific obligations. GDPR text extensions (GDPRtEXT) uses the European Legislation Identifier (ELI) ontology published by the European Publications Office for exposing the GDPR as linked data. The dataset is published using DCAT and includes an online webpage with HTML id attributes for each article and its subpoints. A SKOS vocabulary is provided that links concepts with the relevant text in GDPR.

How Software Industry Specifies Requirements Compliant with Data Protection Laws: a survey-based study

Information received in response to notices published in the Canada Gazette under sections 46 and 71 of the Canadian Environmental Protection Act 1999 (CEPA). These notices target certain substances under the Chemicals Management Plan. Supplemental Information To increase transparency and to facilitate access to information on substances in commerce in Canada, these documents provide the non-confidential information collected by the Government of Canada under the respective notices. Important information about these summaries: Some information gathered under these initiatives was considered Confidential Business Information (CBI) by the submitters. While these summaries and the Excel compilations were prepared using the full dataset (including CBI), CBI and protected information were masked in both documents prior to publication. Masking refers to the process whereby the information is used in such a manner so that CBI and protected information are not revealed. This can be done by, for example, aggregating data or by providing quantity ranges. For instances when masking could not adequately provide protection, data was removed. Protected information, such as names of submitters, names of their customers and suppliers, or any information that could identify a submitter, was also removed. The section 46 and 71 notices targeted information to address data needs identified for the substances. As such, the information gathered and reported here does not represent the entire range of commercial activities in Canada with the substances. The specific reporting requirements, exclusions and definitions can be found in each applicable notice. It should be noted that these documents do not include an assessment of the potential risks these substances may represent for the environment or the health of Canadians.