Data Retention Archives

In Data Privacy

Adventures in Texting and Messaging: Information Governance as a Compliance Solution for Business Communications

January 7, 2021 by Lisa Douglas and Fuchsia Norwich 4 Mins Read

The use of contemporary business communication and collaboration tools including chat and instant messaging applications has resulted in a potential recordkeeping compliance gap where there is a legal requirement to retain business records. While in the past many organizations carved out these newer and less conventional forms of electronic business communications from their formal records retention practices, this approach has become increasingly less viable. Regulators have been responding with additional requirements and guidance for instant…

In Data Privacy

German Data Retention Obligations Suspended

July 3, 2017 by Caroline Heinickel 2 Mins Read

On 28 June 2017, the German telecommunications regulator (Bundesnetzagentur, “BNetzA”) decided to suspend enforcement of the provisions of the German Telecommunications Act which required providers of publicly available telephone services for end users and providers of publicly available internet access services for end users to retain certain metadata (e.g. number of the calling and called party, date and time of the connection etc.) from 1 July 2017 onwards. This follows an order of 22 June 2017,…

In Information Governance

Reasonable Retention Of Personal Information: The Compliance Advantage Of Risk-Based Polices And Procedures For Information Governance

May 31, 2017 by Theo Ling 3 Mins Read

A recent privacy breach case in Canada offers practical guidance for organizations anywhere to avoid the over-retention of personal data.A May 2017 Order from the Office of the Information and Privacy Commissioner of Alberta provides new insight into the requirement under section 35 of the Personal Information Protection Act to retain personal information only as long as reasonably required. To manage risk, organizations retaining personal information should be prepared to clearly articulate the purpose of…

In Data Privacy

Regulators working together

September 12, 2016 by Anne-Marie Allgrove 4 Mins Read

In July and August 2015, a Canadian dating website operator, Avid Life Media (ALM), was subject to a data breach. The Australian Privacy Commissioner and the Privacy Commissioner of Canada investigated the incident together and released a joint report regarding their findings. The affected websites included the Ashley Madison dating website which had users in over 50 countries. Among other disclosures, the unauthorised access resulted in the online posting of details from approximately 36 million…

In Data Privacy

End-of-Year Review

December 30, 2015 by Dyann Heward-Mills 4 Mins Read

With the year drawing to a close, it seems an opportune time to take stock of some of the key globally relevant data protection developments in 2015 and extract a few trends which are set to continue in 2016.1. Safe Harbor – Cross-border Data Transfers Top The Regulator Priority ListThe Schrems decision of the European Court of Justice invalidating the European Commission’s 2000 Safe Harbor adequacy decision must be the 2015 event that shook up…