France’s new Digital Republic Act [1] significantly strengthens protections that control how French businesses use and retain personally identifying data. The law expands the scope and authority of the 1978 French Data Protection Act and brings the country to the foreground of modernizing the legal framework of the information economy ahead of the 2018 implementation of the General Data Protection Regulation (GDPR)
Simply removing direct and indirect personal identifiers isn’t enough to achieve de-identification of a dataset. Data controllers must also analyze the context in which the data is presented, as well as the risk of re-identification. Not only that, but technical methods for performing de-identification are not prescribed by law, but rather are often left to the discretion of the data controller. So how do you limit risk of re-identification and respond quickly with appropriate technical methods of de-identification?
Countries are continuing to escalate restrictions on storage location and transfers of data, with China being the most recent to follow suit
And there's a third problem that I will address below
8403 Colesville Rd #1100Silver Spring, MD 20910USA
Phone: (301) 587-8202Toll free: (800) 477-2446Fax: (301) 587-2711Email: hello@aiim.org
JoinBenefitsLearn More
About UsTerms of Use