Cynthia O'Donoghue

Cynthia O'Donoghue

Reed Smith

Contact  |  View Bio  |  RSS

Latest Publications

Share:

Implementing the GDPR: What You Need to Know

Data protection procedures will require an overhaul for any company that offers goods and services, or tracks individuals, in the EU under the European General Data Protection Regulation (GDPR) to take effect from 25 May...more

11/28/2016 - Data Breach Data Collection Data Protection Data Protection Officers (DPOs) EU General Data Protection Regulation (GDPR) International Data Transfers member Personal Data

Data Protection Authorities Gather for the 38th International Privacy Conference

Data Protection Authorities (“DPAs”) from across the world gathered in Marrakesh for the 38th International Privacy Conference. This event is held annually for the purpose of debating topical data protection issues. The...more

11/23/2016 - Data Protection Data Protection Authority EDPS EU Personal Data

Article 29 Working Party Issues Results of GDPR Fablab Workshop

Ahead of the forthcoming General Data Protection Regulation (GDPR), the Article 29 Working Party earlier this year organised the Fablab workshop. Meeting in Brussels, more than 90 participants gathered to discuss certain...more

11/18/2016 - Article 29 Working Party (WP29) Data Protection Data Protection Authority Data Protection Officers (DPOs) EU General Data Protection Regulation (GDPR)

Company Bosses Can No Longer Dodge Nuisance Call Fines

In an ongoing effort to tackle nuisance calls, the UK government has signalled its intention to make company directors directly liable for breaches of the Privacy and Electronic Communications Regulations (PERC) carried out...more

11/16/2016 - Corporate Counsel Cybersecurity Data Breach Directors ICO UK

In the Wake of Schrems: EU White List of Adequate Nations and Standard Contractual Clauses Under Review

Early last month, the European Commission tabled proposed amendments to its existing decisions on the adequacy of third countries’ data protection laws, and to its decisions on the EU standard contractual clauses....more

11/15/2016 - CJEU EU EU Data Protection Laws European Commission International Data Transfers Personal Data Proposed Amendments Schrems v Data Protection Commissioner Standard Contractual Clauses US-EU Safe Harbor Framework

FCA and G7 issue cybersecurity guidelines for the financial sector

In its speech at the FT Cyber Security Summit, the FCA has outlined its approach to cybersecurity in financial services firms. In addition to this, the Group of 7 (“G7”) has issued an 8-point framework for the financial...more

11/7/2016 - Cyber Attacks Cybersecurity False Claims Act (FCA) Financial Sector G7

TLT v SoS: How do you quantify damages for data breaches?

A recent High Court decision, TLT and others v Secretary of State for the Home Office [2016] EWHC 2217 (QB) (“TLT v SoS”), paves the way for the greater recognition of distress in cases of data breaches and the misuse of...more

11/4/2016 - Data Breach Data Protection IP Addresses Personal Data UK

UK Government Confirms GDPR Will Be a Reality For Post-Brexit Britain, Hints That Future UK Law Could Drop Some “Burdensome” EU...

In her evidence to the Culture, Media and Sport Select Committee on 24 October, Secretary of State for the Department of Culture, Media and Sport (“DCMS”) Karen Bradley MP called out the EU General Data Protection Regulation...more

11/3/2016 - Data Protection EU General Data Protection Regulation (GDPR) UK UK Brexit

CJEU says dynamic IP addresses can constitute personal data

The Court of Justice of the European Union (“CJEU”) has ruled that dynamic IP addresses can constitute personal data. Dynamic IP addresses, registered by a website provider when an individual accesses its website, shall...more

10/27/2016 - CJEU Data Protection EU General Data Protection Regulation (GDPR) Internet Service Providers (ISPs) IP Addresses Personal Data Websites

In the age of Big Data, the EDPS issues an Opinion on enforcement and upholding fundamental rights

The European Data Protection Supervisor (“EDPS”) issued an Opinion on coherent enforcement of fundamental rights in the age of big data”. This is an update to the EDPS’ Preliminary Opinion in 2014 on “Privacy and...more

10/13/2016 - Big Data Cybersecurity Data Protection Digital Single Market EDPS Enforcement EU Mergers Personal Data Popular

Does Brexit mean Brexit for data protection in the UK?

Three months on from the landmark Brexit vote 23 June, the Information Commissioner’s Office is setting out its position regarding data protection laws in a post-Brexit UK. Elizabeth Denham, the new Information Commissioner,...more

10/5/2016 - Data Protection EU Facebook General Data Protection Regulation (GDPR) Intellectual Property Protection Member State Referendums UK UK Brexit WhatsApp

A supply of software can be a sale of goods

The High Court held, in The Software Incubator v Computer Associates [2016] EWHC 1587 (QB), that a supply of commoditised software is a sale of goods for the purposes of the Commercial Agents (Council Directive) Regulations...more

9/16/2016 - Sale of Goods Act (SOGA) Software

The Effect of Brexit on Cyber Security: A National Response to an International Threat?

As the risk of cyber attacks respects no borders, a cohesive and harmonised EU-level approach to cyber security is appropriate. It is therefore understandable that UK organisations have questions following the recent...more

9/2/2016 - Cyber Attacks Cybersecurity Data Protection Acts EU European Commission Member State OFCOM Outsourcing Popular Referendums Treaty of Lisbon UK UK Brexit

ICO Reminds Organisations of EU-U.S. Personal Data Transfer Obligations

The Interim Deputy Commissioner at the Information Commissioner’s Office (“ICO”), Steve Wood, has published a blog reminding organisations of their obligations when transferring personal data to the United States, pursuant to...more

8/25/2016 - Article 29 Working Party (WP29) Binding Contractual Rules Data Protection Acts EU EU-US Privacy Shield ICO International Data Transfers Model Clauses Personal Data U.S. Commerce Department UK Data Protection Act US-EU Safe Harbor Framework

ICO Responds to the ePrivacy Directive Consultation

In April, we reported that the European Commission had opened a public consultation seeking the views of various stakeholders on the current wording of, and possible changes to, the Privacy and Electronic Communications...more

8/15/2016 - Confidential Information Data Breach ePrivacy Directive EU EU Data Protection Laws European Commission General Data Protection Regulation (GDPR) ICO Opt-In UK

High Court Permits University’s Contravention of Its Own Privacy Policy

The High Court in Bangura v Loughborough University [2016] EWHC 1503 (QB) ruled 19 May that Loughborough University acted lawfully under the Data Protection Act 1998 (“DPA”) in supplying Leicestershire Police with the...more

8/12/2016 - Criminal Investigations Data Protection Personal Data Privacy Policy Rape Sexual Assault Students UK UK Data Protection Act

“Battle-ready” Privacy Shield gets muted welcome from EU data protection authorities

On 26 July, the Article 29 Data Protection Working Party (WP29) released a statement outlining its opinion on the EU-U.S. Privacy Shield, which was adopted by the European Commission earlier this month. After praising the...more

7/28/2016 - Article 29 Working Party (WP29) Binding Corporate Rules Data Controller Data Processors Data Protection Authority EU EU-US Privacy Shield European Commission International Data Transfers Ombudsman Personal Data Surveillance U.S. Commerce Department

European Commission Publishes Communication on Cybersecurity

On 5 July, the European Commission (“EC”) published a communication outlining measures to improve resilience to cyber incidents, improve cooperation and information sharing, and promote innovation and competition in the...more

7/20/2016 - Critical Infrastructure Sectors Cyber Attacks Cybersecurity ENISA EU European Commission Information Sharing Member State NIS Directive

Electronic Signature Regulation Now Effective

Tasked with harmonising the disparate member state legislation that implemented the eSignatures Directive (Directive 1999/93/EC), Regulation (EU) N°910/2014 (the “eIDAS” Regulation) became effective 1 July this year. The...more

7/20/2016 - Authentication Certificate of Authority Digital Signature Standards Digital Single Market E-Signatures EU EU Directive FinTech Mobile Devices Mobile Health Apps Personal Data

Practical Cybersecurity Guidance from TheCityUK and Marsh

TheCityUK and Marsh have jointly published a report urging UK financial and related professional services sectors to step up their efforts to address cyber risk. The report (headed “Cyber and the City”) suggests that...more

7/19/2016 - Board of Directors Counterparty Risk Cyber Attacks Cyber Insurance Cyber Threats Cybersecurity Financial Services Industry New Guidance Reputational Injury Risk Management UK

Brexit: Baroness Neville-Rolfe on Data Implications

At the beginning of July, Baroness Neville-Rolfe gave a speech at the annual Privacy Laws & Business conference, outlining the government’s stance on the implications of Brexit for a range of data issues including the GDPR,...more

7/18/2016 - Cybersecurity Data Protection EU General Data Protection Regulation (GDPR) ICO International Data Transfers Internet of Things Personal Data Proposed Legislation UK UK Brexit

CJEU Attorney General Opinion Seeks to Restrict the Interpretation of ‘Establishment’

In June, the Attorney General (“AG”) of the Court of Justice of the European Union (“CJEU”) issued his opinion (English translation pending) in the case of Verein für Konsumenteninformation v Amazon EU Sàrl (Case C-191/15)....more

7/15/2016 - Amazon CJEU Data Controller Data Processors EU EU Data Protection Laws Member State Personal Data Principle Place of Business

EU-U.S. Data Privacy Shield adopted – a phoenix rising from the ashes of Safe Harbour?

The EU-U.S. Privacy Shield has been adopted by the European Commission. On 12 July 2016, following a positive vote from the member states (the Article 31 Committee) on 8 July, the EU College of Commissioners formally adopted...more

7/15/2016 - Article 29 Working Party (WP29) Data Retention EU EU-US Privacy Shield European Commission International Data Transfers Ombudsman Personal Data Popular Schrems v Data Protection Commissioner Self-Certification Standard Contractual Clauses Surveillance U.S. Commerce Department US-EU Safe Harbor Framework

Trade Secrets Directive Adopted by the European Council

Almost three years after its initial proposal, the Trade Secrets Directive has been formally adopted by the European Council and published in the Official Journal on 15 June (2016/943/EU). Member states will have until 9 June...more

7/6/2016 - Confidential Information EU EU Council of Ministers EU Trade Secrets Directive Free Speech Intellectual Property Protection Journalists Remedies Trade Secrets UK Whistleblowers

Draft Privacy Guidelines for Mobile Health App Developers Published

Mobile health or ‘mHealth’ applications commonly raise complex privacy issues as a result of processing large amounts of sensitive personal data. Following the publication of its Green Paper on the topic in 2014, the European...more

7/6/2016 - App Developers Draft Guidance EU EU Data Protection Laws European Commission General Data Protection Regulation (GDPR) Mobile Health Apps Personal Data

147 Results
|
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×