Harry Cassin Publisher and Editor

Andy Spalding Senior Editor

Jessica Tillipman Senior Editor

Richard L. Cassin Editor at Large

Elizabeth K. Spahn Editor Emeritus 

Cody Worthington Contributing Editor

Julie DiMauro Contributing Editor

Thomas Fox Contributing Editor

Marc Alain Bohn Contributing Editor

Bill Waite Contributing Editor

Shruti J. Shah Contributing Editor

Russell A. Stamets Contributing Editor

Richard Bistrong Contributing Editor 

Eric Carlson Contributing Editor

Bill Steinman Contributing Editor

Aarti Maharaj Contributing Editor

FCPA Blog Daily News

Entries in GDPR (13)


GDPR: What are the grounds for processing personal data during an investigation?

The EU's General Data Protection Regulation 2016/679 or GDPR sets out the conditions under which employees’ personal data can be processed. In order to process personal data lawfully, at least one ground under GDPR must apply.

Click to read more ...


Yes, GDPR has already changed the whistleblowing landscape

Last year just before the “big date” of May 25, I wrote a post trying to analyze GDPR provisions through the lens of the whistleblowing process. At that time there were many questions ranging from how the rules will apply to whistleblowing on a national level to how to balance individuals’ privacy rights against companies’ need to pursue investigations.

Click to read more ...


GDPR Enforcement Report (May 2019)

It has been almost a year since the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 came into effect on May 25, 2018, and we are starting to see the first emerging patterns of GDPR enforcement.

Click to read more ...


Conflicts between GDPR and corporate anti-bribery compliance: OECD Working Group invites comments

In response to the OECD Working Group on Bribery’s (WGB) call for comments from stakeholders as part of its upcoming review of the 2009 OECD Anti-Bribery Recommendation, TRACE has submitted its overview of the significant challenges the new EU data protection legislation poses to corporate anti-bribery compliance programs. 

Click to read more ...


Illya Antonenko: Should U.S. companies even care about GDPR?

We’re based in the United States, so how does the GDPR concern us?

Click to read more ...


Illya Antonenko on GDPR: But without criminal background checks, it's not due diligence

According to a recent informal polling by Deloitte, 11.7 percent of responders are taking a “wait and see” approach to compliance with the GDPR as a whole, not just Article 10. It is a valid position to assume compliance risks as long as the risks are well understood.

Click to read more ...


Illya Antonenko: Three months after GDPR, is due diligence still possible?

It has been over three months since the EU General Data Protection Regulation (GDPR) went into effect. The sky hasn’t fallen, and we are still here. We at TRACE now wear a t-shirt saying “I survived the GDPR” and see the humor in GDPR jokes and online memes.

Click to read more ...


Vera Cherepanova: Will blockchain survive its GDPR paradox?

In the prior post, I explored how blockchain stores personal information on an immutable ledger and cannot be modified or erased to meet GDPR requirements. In this post, I'll discuss strategies available to blockchain operators to help manage risks posed by GDPR.

Click to read more ...


Vera Cherepanova: Can GDPR and blockchain ever coexist?

The General Data Protection Regulation (GDPR) came into effect in May. With the risk of hefty fines, it's no surprise that GDPR compliance tops the agenda for many organizations. But one area of technology faces even greater challenges under GDPR: blockchain.

Click to read more ...


Illya Antonenko: Does Sapin II allow due diligence under the GDPR?

On May 24, I wrote a post for the FCPA Blog about TRACE's concerns that Article 10 of the new EU General Data Protection Regulation (GDPR) presents an obstacle to anti-bribery due diligence of third parties, and how we have advocated for an EU-wide, or at least a national-level, solution.

Click to read more ...


Illya Antonenko: Some good news today about the GDPR and anti-bribery due diligence

We at TRACE have written extensively about our concern that Article 10 of the new EU General Data Protection Regulation (GDPR) presents an obstacle to anti-bribery due diligence of third parties, which is a necessary component of any corporate compliance program under the FCPA and other transnational anti-corruption laws (here, here, here, and here).

Click to read more ...


Lindsay Columbo: How do we reconcile UBO due diligence and GDPR obligations?

In less than two weeks the new General Data Protection Regulations (GDPR) will be in full force. Most companies subject to the GDPR have prioritized efforts to implement necessary internal safeguard measures, procedures and required contractual provisions.

Click to read more ...