GDPR's Impact on U.S. Investigations in EU Member States

Verified

Added on 2023/04/07

AI Summary

This assignment delves into the General Data Protection Regulation (GDPR), specifically examining the roles and responsibilities of data controllers and data processors. The solution clarifies the distinctions between these two entities, highlighting their obligations concerning data handling, consent, and compliance with data protection standards. The assignment also addresses the GDPR's data retention laws and their implications for U.S. investigations conducted within EU member states. It outlines the rules governing data processing and the penalties for non-compliance, as stipulated under GDPR Article 5, including potential fines for privacy infringements. The analysis emphasizes the importance of adhering to GDPR guidelines to ensure the legality of data processing activities, especially in the context of international investigations.

Running head: GLOBAL NETWORK/FORENSIC INVESTIGATIONS 1
Global Network/Forensic Investigations
Student’s Name
Institutional Affiliation

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

GLOBAL NETWORK/FORENSIC INVESTIGATIONS 2
1. Explain the GDPR's Data Controller versus Data Processor and the
responsibilities or accountabilities for each and the overall Supervisory
Authority.
According to the General Data Protection Regulation (GDPR) data controller is a
legal individual, agency, civic authority or any other organization which unaccompanied
or conjointly with others determine the resolutions and means of the handling private data
while processor is a legitimate person, agency, public power or any other organization
that is tasked with the responsibility of processing private data on behalf of the controller.
Both the controller and process have an obligation to share data protection (Mantelero,
2013). The controller is the main party tasked with the responsibility of collecting data
like collecting persons consent, allowing the right to access, and data storage. The
controller has the capacity to illustrate compliance with the standards that relates to the
processing of private data. On the other hand, the processor upon request has to obliterate
or take back all private information to the controller once the contract comes to an end.
The processor can only transfer personal information to a third nation on receiving legal
authorization.
2. What are the rules under the new GDPR 2018 Data Retention Law that affect
U.S. investigations in EU member states, and what are the penalties for
noncompliance as stated under GDPR Article 5?
The rules under the new GDPR 2018 Data Retention Law that affects the U.S.
investigations in EU member states include:
A processor or controller which maintains an establishment in the EU is subject to the GDPR
when it processes personal data within the EU context (Voigt, & Von dem Bussche, 2017).

GLOBAL NETWORK/FORENSIC INVESTIGATIONS 3
A processor or controller that is not established in the EU is subject to the GDPR if it happens
that the processing undertakings are connected to the delivery of products and services to
information subjects within the EU.
The processor or controller not established in the EU is liable to the GDPR when it processes
personal data that is subject to the EU.
The penalties for non-compliance as stated under article 5 of the GDPR include fine of up to
10 million euros for privacy infringement (Tikkinen-Piri, Rohunen, & Markkula, 2018).
References
Mantelero, A. (2013). The EU Proposal for a General Data Protection Regulation and the
roots of the ‘right to be forgotten.' Computer Law & Security Review, 29(3), 229-235.

GLOBAL NETWORK/FORENSIC INVESTIGATIONS 4
Tikkinen-Piri, C., Rohunen, A., & Markkula, J. (2018). EU General Data Protection
Regulation: Changes and implications for personal data collecting
companies. Computer Law & Security Review, 34(1), 134-153.
Voigt, P., & Von dem Bussche, A. (2017). The EU General Data Protection Regulation
(GDPR). A Practical Guide, 1st Ed., Cham: Springer International Publishing.