Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
Beginning October 12, 2023, the UK-U.S. Data Bridge will allow UK companies to transfer personal data to the United States using the new EU-U.S. Data Privacy Framework....more
On May 22, 2023, Ireland’s Data Protection Commission (DPC) published its long-awaited decision in the Meta EU-U.S. data transfer case (Decision). In its landmark Decision, the DPC imposed a record 1.2 billion EUR fine and...more
On January 12, 2023, the Court of Justice of the European Union (CJEU) ruled that the data subject’s right of access to personal data requires controllers to provide the data subject with the identity of the companies that...more
In anticipation of its new powers to regulate the largest digital platforms, the EU is planning to open a San Francisco base to engage with these companies, which are based mostly in Silicon Valley and the broader Bay Area....more
EDPB Issues Draft Guidance on International Data Transfers - On November 18, 2021, the European Data Protection Board (“EDPB”) published draft guidance on the interaction between the GDPR’s transfer provisions set out in...more
The following outlines where Katten can help clients to comply with their General Data Protection Regulation (GDPR) obligations. This note is appropriate for clients that are already doing business in the UK or the EU, or may...more
The European Data Protection Board and European Data Protection Supervisor have published a joint opinion on the data protection aspects of the European Union's proposals for a Digital Green Certificate, a form of COVID-19...more
Organizations in the United States often ask us how to comply with GDPR. But starting with that question skips a key inquiry: the extent to which GDPR applies to a US company in the first place....more
On February 19, the European Commission (EC) published the draft of its much hoped-for adequacy decision for transfers of personal data to the UK under the EU General Data Protection Regulation (EU GDPR) (Draft Adequacy...more
On 10 February 2021, over two and a half years after the anticipated adoption of the e-Privacy Regulation, European Member States have agreed to a revised text. Portending a potential break in the three-year impasse, the...more
Data Transfer from the European Union to the United States is a knotty process. The difficulties were compounded this summer when Europe’s highest court held the “Privacy Shield” program enabling U.S-E.U. data transfers...more
On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more
Even though the General Data Protection Regulation (“GDPR”) became effective on May 25, 2018, its application to U.S.-based employers continues to evolve and increase in complexity. For U.S. employers of European Union (“EU”)...more
Last November, the Spanish Data Protection Authority (Spanish DPA) published its new Guidelines on the Use of Cookies within the framework of the GDPR and Spanish E-privacy rules. ...more
When the General Data Protection Regulation (GDPR) was introduced, one of the central topics in the media was the possibility of large fines for data protection violations. Art. 83 of GDPR set benchmarks with a maximum fine...more
More than 60 U.S. and global data protection authorities and governmental agencies have issued guidance on health data collection, COVID-19 diagnosis disclosure, work-at-home practices, and return-to-work approaches. The...more
The European Data Protection Board (EDPB) and a number of European data protection supervisory authorities have recently issued guidance on processing personal data, including special categories of personal data (i.e., health...more
Global organizations need a clear, legal means to share data across borders, whether to conduct day-to-day business, comply with government regulations, perform under a contract, respond to lawsuits, or simply communicate and...more
Does the GDPR really apply to my company? From a data protection standpoint, this is the first thing that comes to mind within non-EU companies. In many cases, the GDPR seems like an issue of the Old Continent, so some assume...more
Since the first enforcement actions have been initiated, some with significant fines, many companies may find themselves somewhat at a loss as they may not fully know how to assess the risks involved and how to react should...more
In May of 2018, the European Union enacted the General Data Protection Rules, or GDPR, a legal framework that outlines not only how companies may collect and process personal information of EU residents, but how that data is...more
BB&K's Christina Morgan Talks About Data Privacy in Riverside Lawyer Magazine - Due to rising concerns about privacy in the digital world, in April 2016, the European Union adopted the General Data Protection Regulation...more
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
The Data Protection Supervisory Authority for the state of Berlin (Die Berliner Beauftragte für Datenschutz und Informationsfreiheit, “Supervisory Authority”) recently issued a fine for GDPR violations against Germany’s...more
We routinely hear from United States citizens who want advice on how to remove photographs, newspaper articles, videos or personal information about themselves from the internet. Originally published by the European...more