On May 3, 2022, the European Commission published a proposal for a Regulation on the European Health Data Space (EHDS) (“EHDS Regulation”, or “Proposal”). With the Proposal, the European Commission aims to make significant...more
5/26/2022
/ Digital Health ,
Electronic Health Record Incentives ,
Electronic Protected Health Information (ePHI) ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Life Sciences ,
Member State ,
Patient Privacy Rights ,
Popular ,
Proposed Regulation
On March 25, 2022, US President Joe Biden and European Commission President Ursula von der Leyen made the long-awaited announcement that the United States and the European Union have agreed, in principle, to the...more
The European Commission has presented its draft Data Act, which will affect a broad range of companies and heavily emphasizes data accessibility and fairness. Companies should begin to evaluate their current practices and...more
French regulators have held that the use of Google Analytics violates the GDPR, a decision that likely has broad implications for web analytics companies and website operators.
On February 10, 2022, the French Data...more
2/16/2022
/ Analytics ,
CNIL ,
Corporate Counsel ,
Data Protection Authority ,
Facebook ,
FISA ,
France ,
General Data Protection Regulation (GDPR) ,
Google ,
International Data Transfers ,
Schrems I & Schrems II
Businesses that transfer personal data to and from the United Kingdom will soon have clarity regarding transfers from the UK to recipients outside the EU/EEA.
On February 2, 2022, the United Kingdom Secretary of State...more
Last week, the Belgian Data Protection Authority ruled that the IAB’s cookie consent framework violated the GDPR. This decision has tremendous potential implications on the ad tech industry, as both publishers and advertisers...more
2/8/2022
/ Adtech ,
Advertising ,
Belgium ,
Consent ,
Cookies ,
Data Controller ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Online Advertisements ,
Publishers
On June 4th, 2021, the European Commission adopted and published a new set of so-called standard contractual clauses (“SCCs”) providing a legal basis for international transfers of personal data from the EU/EEA to third...more
6/7/2021
/ EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
On November 11, 2020, the European Data Protection Board (“EDPB”) released two documents as a follow-up to the Court of Justice of the European Union’s (“CJEU”) notable July 2020 decision, known as Schrems II. These documents...more
On 16 July 2020, the Court of Justice of the European Union (CJEU) issued a judgment in Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems (Case C-311/18, “Schrems II”) ruling that the Privacy Shield...more
The European Court of Justice (the “Court”) issued the long-awaited “Schrems II” decision. (see Facebook Ireland Ltd. v. Maximillian Schrems).
In its decision, the Court (1) struck down the Privacy Shield program that...more
Throughout the world, the coronavirus pandemic is creating enormous challenges. While data protection is not the main concern, the European Data Protection Authorities (DPAs) made it clear that the European General Data...more
Throughout the world, the coronavirus pandemic is creating enormous challenges. While data protection is not the main concern, the European Data Protection Authorities (DPAs) made it clear that the European General Data...more
On February 19, 2020, the European Commission (“EC”) published a series of documents outlining its vision for Europe’s digital future. Amongst these, the EC’s White Paper on Artificial Intelligence: A European approach to...more
The European Data protection Board (“EDPB”), which is composed of representatives of the national data protection authorities and the European Data Protection Supervisor, unveiled a two-year work program on February 12, 2019....more
On January 23, 2019, the European Data Protection Board (“EDPB”), which is composed of representatives of the national data protection authorities and the European Data Protection Supervisor, adopted an Advisory Opinion...more
2/20/2019
/ Clinical Trials ,
Consent ,
Data Collection ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Pharmaceutical Industry ,
Public Interest ,
Scientific Research
The European Data protection Board (“EDPB”), which is composed of representatives of the national data protection authorities and the European Data Protection Supervisor, recently adopted an Advisory Opinion (“Opinion”) on...more
2/12/2019
/ Advisory Opinions ,
Clinical Trials ,
Consent ,
Data Protection ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Life Sciences ,
Personal Data ,
Pharmaceutical Industry ,
Public Interest
The European Data protection Board (“EDPB”), which is composed of representatives of the national data protection authorities, and the European Data Protection Supervisor, adopted its report on the second annual review of the...more
2/4/2019
/ Court of Justice of the European Union (CJEU) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Information Reports ,
International Data Transfers ,
National Security ,
Personal Data ,
Surveillance ,
Transparency ,
US-EU Safe Harbor Framework
On January 23, 2018, the European Commission (“EC”) adopted its adequacy decision on Japan. Japan issued an equivalent decision regarding data transfers from Japan to the European Union on the same day. This means that...more
On October 24, 2018, the European Commission (“EC”) opened a Public Consultation on a Recommendation that will identify the main challenges linked to the deployment of connected and automated vehicles. Stakeholders, including...more
This is the seventh issue of WilmerHale's 8-in-8 Recent Trends in European Law and Policy Alert Series. Our attorneys will share insights on current and emerging issues affecting companies doing business in Europe and across...more
This is the inaugural issue of WilmerHale’s 8-in-8 Recent Trends in European Law and Policy Alert Series. Over the next eight weeks, our attorneys will share insights on current and emerging issues affecting companies doing...more
5/31/2018
/ Cybersecurity ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Multinationals ,
Personal Data ,
Popular
This is the inaugural issue of WilmerHale's 8-in-8 Recent Trends in European Law and Policy Alert Series. Over the next eight weeks, our attorneys will share insights on current and emerging issues affecting companies doing...more
On December 6, 2017, the European Union’s Article 29 Working Party released two sets of guidelines on Binding Corporate Rules (“BCRs”) it had adopted a week earlier. BCRs are internal rules that define a group of companies’...more
Brexit raises critical issues regarding the future transfer of personal data outside of the EU, not least as to the role of the UK Data Protection Authority, the Information Commissioner’s Office (“ICO”), and as to its...more
11/22/2017
/ Binding Contractual Rules ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Member State ,
Personal Data ,
Popular ,
UK ,
UK Brexit ,
UK Data Protection Act
One of the key components of the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) is its stronger enforcement mechanisms. Administrative fines are one of the most powerful parts of the enforcement...more