Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
After years of uncertainty in the privacy rules governing transfer of data from the EU to the U.S., the new transatlantic data privacy framework has finally been adopted. On July 10, the European Commission formally adopted...more
Updated June 2023 - The BCLP Data Privacy & Security team is tracking EU law developments relevant to data and cyber security. This tracker summarizes the effect and status of the following: the Digital Services Act, the...more
As we’ve written about before, the question of anonymization can be tricky. When is something “anonymized” or merely “de-identified” or “pseudonymous” — and when does it matter? This is a particularly fraught issue under...more
On March 25, 2022, the U.S. and EU announced that they reached a political agreement in principle on a new "Trans-Atlantic Data Privacy Framework" (the Framework). This would be the third framework for EU-U.S. personal data...more
European regulators unofficially announced the major theme of this new year, through the release of several decisions pertaining to cookies and other tracking technologies in the first 10 days of 2022. As the General Data...more
On September 3, 2020, The EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (the LIBE Committee), met to discuss the future of future of EU-US personal data flows following the Schrems II decision. In...more
On January 10, 2017, the European Commission released a Communication, a fact sheet, a working document and a public consultation relating to Europe’s “data economy”. The fact sheet states that “data is a new type of...more
The shockwaves continue from the October 6, 2015 ruling of the Court of Justice of the European Union (CJEU), the European Union’s highest court, invalidating the U.S.-EU “Safe Harbor” data transfer regime in a controversy...more
As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more
Following the ECJ’s decision in the “Schrems” case which has invalidated the Safe Harbor framework multinational corporations may now face profound privacy law related compliance issues in a multitude of jurisdictions. In the...more
In a landmark decision that threatens to undo the process by which American companies handle personal data flowing from the European Union, the Advocate General (AG) of the European Court of Justice (ECJ) issued an advisory...more
Thousands of U.S. and European companies who rely on the EU–US Safe Harbor Framework to permit the transfer of personal data from the EU to the U.S., have come a step closer to seeing the transfer mechanism struck down....more
The decision could affect the thousands of U.S. companies in diverse industries that rely on the EU-U.S. Safe Harbor Agreement to legally transfer personal data of EU citizens from the EU to the United States....more
Following a significant fine against the parties to an asset acquisition for illegally transferring customer information, the Bavarian Data Protection Supervisory Authority (Bavarian DPA) announced on August, 20, 2015 that it...more