Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
Update: UK international data transfer agreement and UK addendum to the EU standard contractual clauses now in force In February, the Information Commissioner’s Office (“ICO”), the United Kingdom (UK) data protection...more
On February 2, 2022, the Belgian Data Protection Authority (“DPA”) issued a decision finding that the Interactive Advertising Bureau ("IAB”) Europe’s Transparency and Consent Framework (“TCF”) violates key provisions of the...more
By the close of 2021, EU data protection authorities (“DPA”) had initiated investigations into a number of US tech companies operating in Europe and further investigations are set to continue. In a recent case concerning...more
Welcome to the latest edition of Updata - the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
On October 1st, 2020, the Data Protection Authority of Hamburg (“DPA”) announced that it issued a massive EUR 35.3 million fine against the clothing company H&M Hennes & Mauritz Online Shop A.B. & Co. KG (“H&M”) for the...more
On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more
Last November, the Spanish Data Protection Authority (Spanish DPA) published its new Guidelines on the Use of Cookies within the framework of the GDPR and Spanish E-privacy rules. ...more
Ireland’s Data Protection Commission has issued advice on protecting data privacy when using videoconferencing. Organizations should: •Use contracted service providers for work-related communications. Ensure you are...more
The Situation: On July 4, 2019, the French data protection authority ("CNIL") published revised guidelines on the implementation of cookies or similar tracking technologies in order to take into account the new requirements...more
BB&K's Christina Morgan Talks About Data Privacy in Riverside Lawyer Magazine - Due to rising concerns about privacy in the digital world, in April 2016, the European Union adopted the General Data Protection Regulation...more
The auto-complete function is not prohibited by GDPR, says the Danish data protection authority. The search function suggested certain search suggestions automatically including the complainant’s name....more
On July 9, 2019, the European Court of Justice (ECJ)—the highest court of the European Union—will hear oral arguments in the Schrems 2.0 case relating to the validity of two key data transfer mechanisms: the Standard...more
If you retain personal data indefinitely, or have not given thought to your retention schedule – now may be the time to take another look. The Danish Data Protection Authority has fined a furniture store 200,000 EUR for...more
A year ago, on May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) came into force. With its extraterritorial scope and detailed requirements, the GDPR aimed to change the approach to personal data...more
The GDPR is wrapping up its first year and moving full steam ahead. This principles-based regulation has had a global impact on organizations as well as individuals. While there continue to be many questions about its...more
How has GDPR enforcement played out in the past year? The Dutch Data Protection Authority (Autoriteitpersoonsgegevens, or AP) recently published a report on its 2018 activities....more
On 12 March 2019 at its Eighth Plenary Session, the European Data Protection Board (“EDPB”) adopted its Opinion 5/2019 on the interplay between the ePrivacy Directive (“ePD”) and the General Data Protection Regulation...more
On 7 March 2019, the Dutch Data Protection Authority published guidance (in Dutch) that it considers “cookie walls” to violate the GDPR. A cookie wall is a pop-up on a website that blocks a user from access to the website...more
Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. ...more
The EU General Data Protection Regulation (GDPR) did NOT make all processing of personal data unlawful, though it seems than many think this, says Michael Kaiser, data protection officer at the Hesse Data Protection Authority...more
GDPR - European Regulators Fine Uber Over 2016 Data Breach • British and Dutch privacy regulators issued fines totaling approximately $1.2 million against ride-hailing company Uber over its 2016 data breach....more
This is the sixth issue of WilmerHale’s 8-in-8 Recent Trends in European Law and Policy Alert Series. Our attorneys will share insights on current and emerging issues affecting companies doing business in Europe and across...more
The European Union Court of Justice (“CJEU”) to rule on the validity of Model Contractual Clauses (“MCCs”) following referral by the Irish High Court. The Irish High Court has “well-founded” concerns that there is no...more
The Situation: The European Court of Justice ("ECJ") is to rule on the validity of EU Standard Contractual Clauses used by companies to transfer personal data outside of the European Union, at the request of Ireland's High...more
Executive summary: The EU’s standard contractual clauses may be on the fast track to invalidation, putting a vast number of personal data transfers from the EEA at risk. A case brought by Maximilian Schrems (whose first...more