(by Army General (2S) Watin-Augouard, Founder of the FIC) The deadline of 25 May has passed. The General Data Protection Regulation is henceforth applicable in the 28 Member States of the European Union but it also applies to external players who want to comply with protective provisions. On 21 June, the Parliamentary Agora@ of the FIC (International Cybersecurity…

In a study published last December upon the request of CEIS and Microsoft, we highlighted the implications that the so called “Microsoft Ireland Warrant Case”, opposing the U.S. government to Microsoft before the US Supreme Court, could have for personal data protection of European citizens and national digital sovereignty. The Supreme Court’s decision was expected…

  The GDPR includes the notion of “medical data” in its definition of personal data concerning health. How do your organisational processes respond to the imperatives of formalism and governance?  Health data is already required to meet many protection and management obligations in a broad sense. It falls into the realm of sensitive personal data….

The EU Commission has recently put forward a proposal for cyber-security certifications, celebrating itself for working towards an EU-wide seal of approval for information society services and products, and boosting the EU digital market as well as consumer trust. But while cyber-certifications are a popular political idea, they will almost certainly work poorly, even counterproductively,…

With European Cyber Security Month (ECSM) well under way, a couple of days before the ‘Les Assises’ cybersecurity event starts in Monaco, the Alliance for Digital Trust (ACN) and Hexatrust are sounding the alarm on the content of the European Cybersecurity Act. This act was deposited rather abruptly and very hurriedly on the desk of the European…