The lead negotiators of the Council of the EU and the European Parliament have reached an agreement on a new EU regulation for the European Health Data Space (EHDS). Once adopted, the regulation will expand individuals’...more
While the European Parliament and European Commission look to finalize the EU Artificial Intelligence (AI) Act, many are interested to see how its relationship with the General Data Protection Regulation (GDPR) will play out,...more
India enacted its new privacy law—the Digital Personal Data Protection Act, 2023 (DPDP Act) on August 11. Once in effect, the DPDP Act will replace the relevant provisions of the Information Technology Act, 2000, Information...more
The EU-US Data Privacy Framework (DPF) became effective on July 10, and on the same day, the European Commission adopted an Adequacy Decision relating to the DPF. As a successor of the EU-US Privacy Shield, the EU-US DPF...more
The European Union (EU) Commission released its Draft Adequacy Decision for the EU-US Data Privacy Framework on December 13, which, in conjunction with President Biden’s executive order issued on October 7, will further...more
The Swiss government has drafted a proposed list of countries that are approved to receive personal data transfers out of Switzerland. Japan and South Korea are excluded from the current and proposed lists, requiring...more
The German Higher Regional Court of Karlsruhe (OLG Karlsruhe) recently repealed the July 13, 2022, decision of the Procurement Chamber of the German state of Baden-Württemberg that had argued that the mere risk of access to...more
World events, such as the COVID-19 pandemic, have accelerated the need for business operations to grow more digitally reliant and driven. As the global network grows and becomes more interconnected, privacy and...more
9/15/2022
/ Biometric Information ,
Computer Fraud and Abuse Act (CFAA) ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Personal Information Protection Law (PIPL) ,
Popular
As the challenges to and requirements governing data protection continue to evolve, data privacy remains a hot topic on the minds of security and compliance professionals around the world. If the last few years provide any...more
The German Federal Court of Justice (BGH) ruled on May 28 that an opt-out for cookies settings is inadmissible under German law under Section 15(3) of the German Telemedia Act (TMG) in conformity with the ePrivacy Directive...more
California is the fifth largest economy in the world. Its new laws and regulations have an impact far beyond its borders. Many Non-US companies do business in California. The California Consumer Privacy Act (CCPA), which...more
The EU Commission issued its report on the third annual review of the functioning of the EU-US Privacy Shield (Privacy Shield) on October 23. The annual review and corresponding report is required of the Commission by the its...more
The EU Council Presidency on September 18 put forward to member states an 88-page compromise proposal on the Eprivacy Regulation with considerable changes and amendments. There are several proposed changes to the provisions...more
The European Court of Justice (ECJ) in Luxembourg rendered a judgment on July 12 that explains, among other things, what a (joint) data controller is. The judgment is on the “old” EU Data Protection Directive 95/46/EC, but...more
On March 23, US President Donald Trump signed the omnibus spending bill, a portion of which contained the Clarifying Lawful Overseas Use of Data Act (CLOUD Act). The CLOUD Act’s main goal is to offer guidance to providers of...more
The powers of EU data protection authorities are significantly strengthened by the decision, allowing them to suspend some or all personal data flows into the United States in certain circumstances.
In Maximillian...more
10/7/2015
/ Advocate General ,
Binding Corporate Rules ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
Edward Snowden ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
National Security Agency (NSA) ,
Pending Legislation ,
Personal Data ,
Prior Express Consent ,
PRISM Program ,
SCC ,
U.S. Commerce Department ,
Umbrella Agreement ,
US-EU Safe Harbor Framework
Data transfers can be suspended until investigation is complete.
In Maximillian Schrems v. Data Protection Commissioner (case C-362/14), the Advocate General ruled that EU data protection authorities do have powers to...more
9/28/2015
/ Advocate General ,
Binding Corporate Rules ,
Cloud Computing ,
Data Collection ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
Edward Snowden ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Prior Express Consent ,
Privacy Policy ,
Public Disclosure ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
Parties to transactions involving personal data in Europe are well-advised to investigate whether individual consent or the offer of opt-outs are required to avoid the risk of fines and other sanctions imposed by the DPA or...more
8/25/2015
/ Cross-Border Transactions ,
Data Privacy ,
Data Protection ,
Email ,
EU ,
EU Data Protection Laws ,
Fines ,
Marketing ,
Middle Market ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Prior Express Consent ,
Sanctions