Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
For American companies doing business in Europe and European businesses relying on U.S. vendors and service providers, 2023 may be the year when Europe and the United States finally come together to implement a viable and...more
Employers often want to have a data retention policy that works for all of their international operations. We look at the challenges with this approach and how to make it work in practice....more
On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more
More than 60 U.S. and global data protection authorities and governmental agencies have issued guidance on health data collection, COVID-19 diagnosis disclosure, work-at-home practices, and return-to-work approaches. The...more
Data protection authorities (DPAs) in the European Union (EU) continue to scrutinize practices in the adtech sector for compliance with the EU’s General Data Protection Regulation (GDPR) and local data protection and...more
What can organizations learn from the first year of enforcement of the European Union’s General Data Protection Regulation (GDPR)? Quite a bit, if you pay attention to what the EU government regulators are doing....more
As we previously reported the EU and Japan reached a tentative deal last summer to ease data transfer restrictions between them. That deal has now been approved by both the European Commission and by Japan and is effective...more
It has been six months since the European Union’s General Data Protection Regulation (GDPR) took effect on May 25, 2018, but the law is still in the early implementation stage. As discussed in a previous blog post, the GDPR...more
A data lake is an infrastructure that permits different data sets from within a group to be combined and analysed together. To analyse a data lake under GDPR, it is helpful to think of a data lake in two phases, which we...more
Overview (10. – 6.) - 10. The European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. It applies to the processing of “personal data” of EU citizens and residents (a/k/a “data...more
This article is Part 4 of our series on the GDPR for U.S.-based companies. Part 1 assisted U.S.-based companies in determining whether the GDPR applies to them; Part 2 provided an overview of the GDPR’s key concepts and...more
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) took effect. Although EU laws typically don’t have a worldwide impact, the GDPR will impact business across the globe. The GDPR has an extremely...more
Although the GDPR comes into effect on May 25, 2018, the breadth of its reach will continue to develop long after its effective date. Domestic companies should be aware that the rules will likely change over time. While this...more
The EU’s General Data Protection Regulation (GDPR) goes into effect on May 25th. As most organizations are aware, the GDPR applies not only to EU businesses but also many companies in the U.S. While the deadline is quickly...more
Although litigators today benefit from advanced technology to research and organize their cases, the evolution of electronic data and the internationalization of business are adding new complications that require...more
What is the GDPR? The European General Data Protection Regulation (GDPR) is a new law going into effect on May 25, 2018 that grants European residents broad, never-before-recognized data privacy rights, and imposes...more
Website providers that collect dynamic Internet Protocol addresses (“IP address”) from website visitors may soon be subject to even more scrutiny from data protection authorities in the EU. Last week, Europe’s Advocate...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
In a recent landmark decision, Maximillian Schrems v. Data Protection Commissioner, Europe’s highest court struck down a US-EU agreement that allowed companies to move personal electronic data between the European Union and...more
A major European court has just pulled the rug out from under nearly 5,000 US companies, snatching away the relative business certainty of the Data Transfer Safe Harbor, and maybe the safety of standard contract clauses and...more
On October 6, 2015, the European Court of Justice (CJEU) invalidated the US-EU Safe Harbor framework, effective immediately. This momentous decision jeopardizes the continued flow of data from Europe to the US. As the Safe...more
Most of you already have Twitter feeds, Facebook pages, and—the aged among you—in-boxes overflowing with news about yesterday’s decision from the European Court of Justice (“ECJ”). Some of you read each message, anxiously...more
Data transfers can be suspended until investigation is complete. In Maximillian Schrems v. Data Protection Commissioner (case C-362/14), the Advocate General ruled that EU data protection authorities do have powers to...more
Recent enforcement actions by the Bavarian Data Protection Authority (DPA) [Bayerisches Landesamt für Datenschutzaufsicht] highlight the importance of severe restrictions placed on the transfer of such data, even in the...more