Latest Publications

Share:

Global App Enforcement Sweep - Lessons For Developers

A recent survey of over 1,200 of the top mobile apps in 19 countries by the Global Privacy Enforcement Network ("GPEN") has found that 85% of the apps reviewed were non-compliant, failing to provide even the most basic...more

11/10/2014 - Data Protection Enforcement Enforcement Actions GPEN Mobile Apps

European “Cookie Sweep” Initiative – 15 - 19 September 2014 – Is Your Website Ready?

The European data protection authorities will be conducting a “cookie sweep” later this month, carrying out random spot checks on websites to assess for compliance with EU “cookie” laws. Businesses should therefore be...more

9/9/2014 - Audits Cookies EU Websites

The EU Article 29 Working Party's Guidance on the "Legitimate Interest" Ground for Processing Personal Data

When precisely is a data controller lawfully permitted to process personal data? If a data controller does not have the consent of a data subject to process his or her data, when does the “legitimate interest”...more

8/12/2014 - Cybersecurity Data Controller EU EU Directive Legitimate Business Interest Personally Identifiable Information Prior Express Consent

2014 Sees The First Fines For Violations Of EU Cookie Laws

Much has been said about the EU "Cookie" laws introduced by an amendment to the Privacy and Electronic Communications Directive in 2011. Companies with European customers (including those in the US) have grappled with the...more

3/18/2014 - Cookies Cybersecurity Data Protection EU EU Data Protection Laws

Personal Data Transfers from the European Economic Area: Binding Corporate Rules Emerge as Increasingly Attractive Option

It is difficult to recall a time when the issue of personal data transfers from the European Economic Area ("EEA") has been as widely and hotly debated as it has over the past year or so. Significant movements during the past...more

2/26/2014 - Cybersecurity Data Protection Edward Snowden EU EU Data Protection Laws NSA

U.K. Court of Appeal’s Award of Compensation for Distress to an Individual Following a Breach of the Data Protection Act: Opening...

Whilst regulatory action by the U.K. Information Commissioner’s Of?ce (‘‘ICO’’) is relatively commonplace and well reported following data breaches, particularly since the ICO was granted powers to issue on the spot ?nes for...more

11/20/2013

New watchdog study shows that approximately half of all web privacy policies are non-compliant and risk enforcement action

It has been said for some time that data is the new oil, but many global organizations continue to struggle to comply with regulatory requirements when it comes to the exploitation of this valuable resource....more

9/5/2013 - Data Collection Data Protection GPEN Personally Identifiable Information Privacy Policy Websites

Personal Data Transfers from the European Economic Area: Time to Consider Binding Corporate Rules 2.0

What exactly is the '"best" solution for an international business needing to handle and transfer personal data across borders? This has become an increasingly important and common question as business becomes more...more

5/16/2013

The Emergence of an Implied Duty of Good Faith in Contracts Governed By English Law

One of the issues that distinguishes U.S. law from English law is the concept of an implied contractual duty of good faith. While U.S. law has embraced this concept, it was believed that English law had not. However, as a...more

3/6/2013 - Covenant of Good Faith and Fair Dealing Yam Seng v International Trade Corp

New Binding Corporate Rules Now Available for Data Processors

In a further push towards “privacy by design,” the Article 29 Working Party, which is made up of representatives from the various EU data protection authorities, has recently approved the use of Binding Corporate Rules...more

1/28/2013 - Binding Corporate Rules Data Processors Data Protection EU European Commission International Data Transfers

Processing personal data in Europe? New Binding Corporate Rules for data processors since 1 January 2013

On 1 January 2013, over 4 years after the idea was first discussed, new Binding Corporate Rules (BCRs) for data processors were launched following a meeting of European data protection authorities....more

1/14/2013 - BCRs Data Protection EU Data Protection Laws

11 Results
|
View per page
Page: of 1