[Owasp-france] Fwd: Talking Legal

Ludovic Petit ludovic.petit at owasp.org
Wed Apr 4 10:32:40 UTC 2012

Bonjour à tous

Je vous invite à prendre connaissance du document suivant
http://register.consilium.europa.eu/pdf/fr/12/st05/st05853.fr12.pdf ,
de Décret de la Commission Européenne.

Le § 3.4 décrit le contenu des différents Articles, l'Article 79 en page
102 est relatif aux Sanctions Administratives.

Comme je le mentionne ci-dessous, les Etats membres de l'Union Européenne
ont 18 mois pour ratifer en droit local une décision de justice /
règlementaire Européenne;

En revanche, dans le cas d'un Décret - et bien que le décret mentionné ne
soit qu'une proposition (le contenu en est toutefois finalisé...), une fois
le Décret officiellement adopté par la Commission Européenne et le
Parlement, le décret devient *immédiatement applicable* par l'ensemble des
Etats membres de l'UE.

Sujet à suivre lors de nos conférences à venir.

Bonne semaine à tous

---------- Forwarded message ----------
From: Ludovic Petit <ludovic.petit at owasp.org>
Date: Wed, Apr 4, 2012 at 12:20 PM
Subject: Talking Legal
To: owasp-leaders <owasp-leaders at owasp.org>

Hi All,

Please find below just for information a reference document from the
European Commission about a *Proposal of Decree* (last update dated 27
January 2012)

*Proposal for a regulation of the European Parliament and of the Council on

*protection of individuals with regard to the processing of personal data
and on*

*the free movement of such data (General Data Protection Regulation)*


French version:

Among others, I would suggest to focus to the following parts of this
important document

   - *§ 3.4. Detailed explanation of the proposal*, for a brief description
   of each Article
   - *Article 79*, Page 94 (Page 102 for the French doc), *Administrative

Although this is a Proposal for a Regulation, you’ll understand that
Article 79 is important, this in a possible perspective of cases of
jurisprudence. Here you have the framework anyway.

We have to bear in mind that most European Regulatory bodies tend to
reinforce the Legal frameworks, and as such, each member state has 18
months to ratify the European decisions to local law.

But, in the case of an European Decree, *once this one official* (and this
is only a matter of months for the Decree mentioned above), it will be
applicable* by all States members of the European Union.

That being said, bear in mind that most of Regulatory bodies around the
world tend to reinforce their local Legal frameworks. That’s why I would -
modestly- suggest to keep a sharp eye close to the Legal Framework when
talking about (WebApp) Security, because nowadays and more and more, Legal
determines the technical means to implement for being compliant.

Which leads to... Liability. But THIS is another story, I don’t wish to be
boring in an endless email.

Although this is not *stricto sensu* in the scope of OWASP, a touch of
Legal, occasionally during Conferences or Meetings would be welcome, for
overall consistency, and because more and more Execs attend OWASP meetings
as well.

Think about it anyway, it's business-related.

Well, all comments are welcome.
(but don't shoot the pianist please ;-)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-france/attachments/20120404/bfeb4fed/attachment.html>

More information about the Owasp-france mailing list