Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
The final decision of the Irish Data Protection Commission (IDPC) in relation to the transfers of EU/EEA Facebook user data by Meta Platforms Ireland Limited (Meta Ireland) to its processor, Meta Platforms, Inc., in the US...more
European data protection authorities kicked 2023 off with a bang when, on January 4, the Irish Data Protection Commission (DPC) announced that Meta Platforms Ireland would be fined a total of €390 million (roughly $414...more
Will the EU finally deny the right to transfer any personal data from its shores to the United States? Its privacy decisions have been inching closer to this determination for years, and an Irish case against Facebook may tip...more
On December 19, 2019, in the Facebook Ireland and Schrems (Schrems 2.0) case, the Advocate General (AG) to the European Court of Justice (ECJ)—European Union's highest court—opined that the EU Standard Contractual Clauses...more
We routinely hear from United States citizens who want advice on how to remove photographs, newspaper articles, videos or personal information about themselves from the internet. Originally published by the European...more
The Situation: Fashion ID, a German online clothing retailer, embedded on its website the Facebook "Like" button. When a user consults the website of Fashion ID, that user's personal data are transmitted to Facebook Ireland....more
On July 29, 2019, the European Court of Justice (ECJ) issued its decision in FashionID (Case C-40/17), determining that website operators are jointly liable with plugin providers for data collection and transmission through...more
Data protection laws in Europe evolved substantially in 2018, with the implementation of the General Data Protection Regulation (GDPR) and the Directive on Security of Network and Information Systems (NIS Directive) becoming...more
After its implementation in May 2018, the European Union General Data Protection Regulation (GDPR) continues to dominate headlines in many industries, including technology. On September 25, 2018, Facebook discovered a...more
At Mitratech, I work in the division of the company that develops solutions in the areas of governance, risk, and compliance (GRC). At first blush to an outsider, this may not sound very exciting and might even sound somewhat...more
This is not an email about what the General Data Protection Regulation (GDPR) is. We assume you've received dozens of those recently (including from us). As those emails promised, GDPR Day 1 finally came. And it began with a...more
After ten hours of Congressional testimony, one thing is clear – there is growing bipartisan concern over data privacy and data protection in the US. In the wake of so many recent data breaches, and now the data harvesting...more
On March 26, 2018, a bipartisan coalition of 37 state Attorneys General sent a letter to Facebook CEO Mark Zuckerberg demanding answers about the company’s business practices and privacy protections. Led by Pennsylvania...more
The dramatic revelations that Facebook users’ personal data was potentially misused by political advertising firm, Cambridge Analytica, has troubling implications for consumer privacy that will become ever-more complicated...more
Recently, Austrian privacy activist Maximilian Schrems won a partial victory in his continuing battles with Facebook. We discuss that case below. But first, we review his prior tilts with Facebook....more
The Situation: The European Court of Justice ("ECJ") is to rule on the validity of EU Standard Contractual Clauses used by companies to transfer personal data outside of the European Union, at the request of Ireland's High...more
The Irish High Court recently asked the Court of Justice of the European Union (CJEU) to rule on the validity of “standard contractual clauses” as a basis for transferring personal data out of the European Economic Area...more
Executive summary: The EU’s standard contractual clauses may be on the fast track to invalidation, putting a vast number of personal data transfers from the EEA at risk. A case brought by Maximilian Schrems (whose first...more
The question of how "big data" should be treated in merger control and antitrust enforcement was a key issue for the European Commission and national regulators in European Union member states in 2016, with competition...more
European Data Protection Authorities (DPAs) recently launched investigations into WhatsApp’s sharing of user data with Facebook. (Facebook owns WhatsApp.) DPAs ordered WhatsApp to stop sharing the data pending the...more
After the European Court of Justice invalidated Safe Harbor on October 6, ?2015, the Article 29 Working Party announced in an October 16, 2015 statement that US companies that were Safe Harbor certified had until the end of...more
European privacy law is a bold new world for U.S. businesses doing business in Europe. An October Court of Justice ruling struck down the Safe Harbor arrangement which had governed E.U.-U.S. data transfer transactions for...more
The German Federal Cartel Office (the FCO) has announced that it has initiated proceedings against Facebook for the company’s alleged abuse of its dominant position in a market for social networks. The FCO appears to...more
On 11 September, TeliaSonera and Telenor have abandoned the proposed merger of their business units in Denmark. The contemplated transaction would have resulted in the establishment of a joint venture active in the provision...more
Last week, the Vienna Higher Regional Court ruled that most of Max Schrems’ claims against Facebook can proceed, including his claim that Facebook improperly allowed his personal information to be shared with the National...more