The Information Commissioner’s Office (ICO) has recently published guidance for employers on monitoring workers lawfully, transparently and fairly. The guidance aims to protect workers’ data protection rights and help...more
3/27/2024
/ Artificial Intelligence ,
Data Privacy ,
Data Protection ,
Electronic Monitoring ,
Email ,
Employee Monitoring ,
Employee Privacy Rights ,
Employer Liability Issues ,
EU ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Remote Working ,
UK
It has been some time already since the EU Digital Services Act (Regulation 2022/2065, DSA) was published, and since then, the discussions about Very Large Online Platforms (VLOPs) and Very Large Online Search Engines...more
1/3/2024
/ Compliance ,
Data Protection ,
Digital Marketplace ,
Digital Service Providers ,
Digital Services ,
E-Commerce ,
EU ,
European Commission ,
Online Platforms ,
Regulatory Standards ,
Search Engines ,
Transparency
On 18 October 2023, the French National Assembly voted in favour of a law aiming to secure and regulate the digital space (“Loi visant visant à sécuriser et réguler l’espace numérique” or SREN), otherwise called the “Sorare...more
In this episode, our privacy lawyers, Claude-Étienne Armingaud, Whitney McCollum, and Camille Scarparo, sit down with Arya Tripathy, a partner at Priti Suri & Associates in New Dehli, and discuss together India’s newly...more
On 14 June 2023, the European Parliament (Parliament) plenary voted on its position on the Artificial Intelligence Act (AI Act), which was adopted by a large majority, with 499 votes in favor, 28 against, and 93 abstentions....more
Closing in on the fifth anniversary of the entry into force of the EU General Data Protection Regulation (GDPR), the Irish Data Protection Commission (DPC) announced on 22 May 2023 that it had fined the Irish subsidiary of...more
In this episode, Claude-Etienne Armingaud, Eleonora Curreri, and Camille Scarparo celebrate the fifth year anniversary of GDPR along with lawyers from our European offices; Thomas Nietsch and Andreas Müller (Berlin), Nóirín...more
In this episode, Claude Etienne Armingaud, Eleonora Curreri, and Camille Scarparo introduce a case regarding a U.S. company’s data privacy breach, the consequences a company may face for being non-compliant with GDPR for...more
On 27 October 2022, the Digital Services Act was published in the EU Official Journal as Regulation (EU) 2022/2065, with the aim to fully harmonize the rules on the safety of online services and the dissemination of illegal...more
Following the positions expressed by the Austrian, German, and French supervisory authorities, the Italian Supervisory Authority (Garante per la Protezione dei Dati Personali)(Garante) published on 9 June 2022 a specific...more
On 29 June 2022, Decree n° 2022-946 (the Decree) supplemented the regulatory framework resulting from the Ordinance n° 2021-1247 of 29 September 2021 on the legal warranty of conformity for goods, digital content, and digital...more
Following the 2020 Court of Justice of the European Union’s (CJEU) ruling invalidating the Privacy Shield (see our alert here), personal data transfers from the European Union to the United States required EU companies to...more
6/23/2022
/ CNIL ,
Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Protection ,
EU ,
European Supervisory Authorities (ESAs) ,
France ,
International Data Transfers ,
Personal Data ,
Standard Contractual Clauses ,
Websites
Individuals having difficulties in obtaining responses to their personal data subject access requests (DSAR) from French telephone operator Free Mobile filed several complaints before the French data protection authority...more
WHAT YOU NEED TO KNOW IN A MINUTE OR LESS - Reported incidents of data breaches have reached record levels over the last two years. Given this reality, a data security incident response plan is no longer a luxury; it is a...more
On 21 March 2022, the United Kingdom finalized the adoption of its own version of the European Union’s Standard Contractual Clauses (SCC), a contractual mechanism aiming at securing personal data protected under a data...more
During his January 2022 hearing before France’s National Assembly, the newly appointed chairman of the French competition authority (AdlC), Benoit Coeuré, stated that the digital sector would be one of the principal subject...more
European regulators unofficially announced the major theme of this new year, through the release of several decisions pertaining to cookies and other tracking technologies in the first 10 days of 2022. As the General Data...more
1/28/2022
/ CNIL ,
Consent ,
Cookie Banners ,
Cookies ,
Data Protection ,
Data Transfers ,
e-Privacy Directive ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Schrems I & Schrems II
Counsel from jurisdictions where payments to employee-inventors only arise from contracts or employee incentive programs are sometimes surprised when they first become involved with jurisdictions that have statutory payment...more
Following the conclusion of the adequacy talks in March 2021, the European Commission adopted on 17 December 2021 an adequacy decision addressing the transfers of personal data to the Republic of Korea under the General Data...more
On 6 October 2021, the Court of Justice of the European Union (CJEU or the Court) issued a judgment in case C-882/19 following a request for a preliminary ruling by the Court of Appeal of Barcelona (the Referring Court). ...more
On 28 June 2021, within 48 hours of the expiration of the post-Brexit grace period under the UK-EU Trade and Cooperation Agreement, the European Commission has adopted two adequacy decisions addressing the transfers of...more
BACKGROUND - On 30 March 2021, the European Commission, in a joint statement with the Personal Information Protection Commission, the data protection authority of the Republic of Korea (Korea), declared that Korea ensured a...more
Depending on whether you are an optimist or a pessimist, it will have taken the European Commission either three years and two weeks (since the entry into force of the General Data Protection Regulation (GDPR) or eleven...more
The French Law n°2016-1691 of 9 December 2016 relating to transparency, the fight against corruption, and the modernization of economic life, known as the “Sapin II” Act,1 introduced to legal entities additional compliance...more
The Bavarian Data Protection Authority recently prohibited a European company from using U.S. newsletter provider Mailchimp in a first-of-its-kind decision. Since the Schrems II decision of the Court of Justice of the...more