Latest Posts › EU Data Protection Laws

Share:

Article 29 Data Protection Working Party Publishes Final Guidelines on Data Protection Impact Assessments

On 4 October 2017, the Article 29 Working Party (“WP29”) released its final guidelines on Data Protection Impact Assessments (“DPIA”), which were initially proposed in draft form in April 2017. Article 35 of the General Data...more

Irish High Court Asks European Court to Rule on Legality of EU-US Data Transfers

On 3 October 2017, the Irish High Court held that it is up to the European Court of Justice (“ECJ”) to determine whether Standard Contractual Clauses (“SCCs”) are a valid method of transferring personal data outside of the EU...more

In the Wake of Schrems: EU White List of Adequate Nations and Standard Contractual Clauses Under Review

Early last month, the European Commission tabled proposed amendments to its existing decisions on the adequacy of third countries’ data protection laws, and to its decisions on the EU standard contractual clauses....more

ICO Responds to the ePrivacy Directive Consultation

In April, we reported that the European Commission had opened a public consultation seeking the views of various stakeholders on the current wording of, and possible changes to, the Privacy and Electronic Communications...more

CJEU Attorney General Opinion Seeks to Restrict the Interpretation of ‘Establishment’

In June, the Attorney General (“AG”) of the Court of Justice of the European Union (“CJEU”) issued his opinion (English translation pending) in the case of Verein für Konsumenteninformation v Amazon EU Sàrl (Case C-191/15)....more

Draft Privacy Guidelines for Mobile Health App Developers Published

Mobile health or ‘mHealth’ applications commonly raise complex privacy issues as a result of processing large amounts of sensitive personal data. Following the publication of its Green Paper on the topic in 2014, the European...more

Advocate General’s opinion states that IP addresses are Personal Data

On 12 May, the Advocate General’s (AG) opinion in Case C-582/14 Patrick Breyer v Germany was released, stating that dynamic IP addresses should be considered personal data for the purposes of EU data protection law. Although...more

The European Cloud Initiative: Will Data Protection Requirements Cause Stormy Weather?

The European Commission (EC) recently proposed the European Cloud Initiative (ECI): a plan to create a world-class data infrastructure to store, manage, transport and process data at high speeds. The primary aims are to...more

Turkish Parliament Enacts New Data Protection Law

In a step toward its accession to the EU, Turkey has enacted its first comprehensive Data Protection Law. The law was passed by the Turkish Parliament 24 March and published in the Official Gazette 7 April....more

European Commission Launches Public Consultation on Revision of ePrivacy Directive

Pursuant to its Digital Single Market strategy and adoption of the General Data Protection Regulation (GDPR), the European Commission (EC) has launched a public consultation on the revision of Directive 2002/58/EC, better...more

The Data Protection Directive Is Dead! Long Live the General Data Protection Regulation!

After four years of protracted discussions and negotiations, the General Data Protection Regulation (the “GDPR”) gained final approval from the European Parliament 14 April. It will enter into force 20 days after publication...more

Update on the UK’s Information Commissioner, IP Addresses and Russia’s ‘Right to be Forgotten’ Laws

With the Privacy Shield, the Umbrella Agreement and the GDPR capturing significant attention, it would be easy to overlook some of the other important developments that have taken place in the data protection sphere. We have...more

Passage of the U.S. Redress Act Raises Confidence in Privacy Protection for Transatlantic Data Flows

The U.S. Judicial Redress Act has been signed into law by President Obama. The move marks an important step in data transfer relations between the EU and the United States, gives the green light to the EU-U.S. law enforcement...more

Article 29 Working Party updates its Opinion on applicable law

The Article 29 Working Party (WP29) has updated its Opinion on applicable law and has introduced a new ‘inextricable link’ test representing a new element to the existing ‘in the context of the activities of an establishment’...more

Happy Data Protection Day! ICO and Senate Committee’s spotlight on data protection

In preparation for European Data Protection Day on 28 January, the ICO commissioned a survey on attitudes towards data protection. The YouGov poll revealed growing public concern over data privacy and security. Of more...more

If Safe Harbor is dead in the water, what does that mean for you?

The invalidation of the EU-U.S. Safe Harbor framework in October 2015 has created uncertainty for businesses that were reliant on the regime to transfer data to the United States, and has caused political shockwaves on both...more

Intrusive Surveillance Technologies next on the agenda for the EDPS

In an Opinion and press release issued 15 December 2015, the European Data Protection Supervisor (EDPS), Giovanni Buttarelli, urged caution over the trade and use of covert monitoring technologies. The Opinion focussed on...more

Agreement reached on the GDPR

Earlier this month, we reported the progress of trilogue discussions on the long-awaited General Data Protection Regulation (GDPR). On 15 December 2015, almost four years after the legislative proposal was originally tabled...more

Could the UK see a shake-up of its Data Retention Powers? Questions referred to the CJEU

On 20 November 2015 the UK’s Court of Appeal referred questions on data retention to the Court of Justice of the European Union (CJEU) following a challenge to the Data Retention and Investigatory Powers Act (DRIPA) 2014....more

Optical Express appeal highlights the need for caution over third-party marketing lists

In a decision of 31 August 2015, the First-Tier Tribunal provided important clarification on the use of third-party mailing lists. Optical Express v Information Commissioner (EA/2014/0014) is significant for organisations...more

Round-up of Safe Harbor guidance issued by EU Data Protection Authorities

October has been a busy month for Data Protection Authorities in the EU. Following the Court of Justice of the European Union’s judgment in Maximillian Schrems v Data Protection Commissioner (C-362-14) on 6 October,...more

U.S. Congress passes the Judicial Redress Act, but does it provide effective redress?

In an uncharacteristically swift move, the United States Congress passed the Judicial Redress Act (“Act”) on 20 October 2015. The Act proposes to extend safeguards implemented under the Privacy Act 1974, and, if brought into...more

The Article 29 Working Party releases statement on Safe Harbor

Background On 16 October, the Article 29 Working Party released a statement (“Statement”) on the implications of the Court of Justice of the European Union’s (“CJEU”) judgment in Maximillian Schrems v Data Protection...more

Another day…another set-back for Europe’s plans for a single market

Plans for a single market have been delivered yet another blow, this time as a result of an ECJ preliminary ruling against a relatively unknown Slovakian company. The court ruled in Weltimmo SRO v. Nemzeti Adatvedelmi es...more

The Safe Harbor Ruling – FAQs and What Your Business Should Do Now

Overview questions - 1. I’m Safe Harbor certified and have seen news articles reporting that “Safe Harbor is invalid”. What does that mean? On 6 October, the European Court of Justice delivered a judgment which...more

36 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.