News & Analysis as of

European Union EU Data Protection Laws Data Controller

The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of... more +
The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of WWII. The EU maintains a common currency as well as several intranational institutions, including the European Parliament and the European Commission. less -
A&O Shearman

CJEU publishes AG opinion on sale of a database of personal data

A&O Shearman on

The Court of Justice of the European Union (CJEU) published the Advocate General's Opinion on whether the GDPR would restrict the sale of a database by court enforcement officers to satisfy creditor claims without the consent...more

Brownstein Hyatt Farber Schreck

U.S. Companies Now Have a Framework for EU-U.S. Personal Data Transfers

Brownstein Hyatt Farber Schreck on

In a significant milestone for EU-U.S. cross-border transfers of personal data under Article 45 of the General Data Protection Regulation (GDPR), the European Commission adopted an adequacy decision for the new EU-U.S. Data...more

Wilson Sonsini Goodrich & Rosati

European Commission Proposes New Rules for Cross Border GDPR Enforcement

Wilson Sonsini Goodrich & Rosati on

On July 4, 2023, the European Commission (EC) published its proposal for a regulation laying down additional procedural rules for the enforcement of the EU General Data Protection Regulation (GDPR) (proposal). The proposal...more

A&O Shearman

Pakistan – MITT releases final draft of the personal data protection bill

A&O Shearman on

The Pakistan Ministry of Information Technology and Telecommunication (MITT) released a new draft of the Personal Data Protection Bill, 2023 (the PDPB) on 19 May 2023. The PDPB aims to regulate the collection, processing,...more

White & Case LLP

Somewhere Between a Summary and a Data Dump – CJEU Finds Controllers Must Provide Data Subjects a “Faithful And Intelligible” Copy...

White & Case LLP on

The Court of Justice of the EU (CJEU)1 has held that the General Data Protection Regulation (GDPR) requires controllers to provide data subjects a "faithful reproduction" of their personal data, which takes into account the...more

BCLP

Updated EU Data Transfers Guidance

BCLP on

The updated guidelines (05/2021) from the European Data Protection Board (“EDPB”) issued on 14 February 2023 (the “New Guidelines”) look at the interplay of two fundamental, protective mechanisms contained in the EU GDPR....more

Faegre Drinker Biddle & Reath LLP

CJEU Rules on Dismissal of DPOs and Conflict of Interest

Faegre Drinker Biddle & Reath LLP on

In a recent judgment, the Court of Justice of the European Union (the CJEU) has confirmed that Data Protection Officers (DPOs) can maintain other tasks and duties within their role, provided they do not result in a conflict...more

Dechert LLP

Belgian DPA Fines IAB: Rough Waters Ahead for Ad Industry

Dechert LLP on

On February 2, 2022, the Belgian Data Protection Authority (“DPA”) issued a decision finding that the Interactive Advertising Bureau ("IAB”) Europe’s Transparency and Consent Framework (“TCF”) violates key provisions of the...more

Wyrick Robbins Yates & Ponton LLP

5 Key Takeaways from the EDPB’s Final Guidelines on Examples Regarding Personal Data Breach Notification

Wyrick Robbins Yates & Ponton LLP on

Following a public consultation on an initial version released last January, the European Data Protection Board (“EDPB”) last month adopted a final version of its Guidelines on Examples regarding Personal Data Breach...more

Dechert LLP

French DPA Sets Conditions for Processors' Reuse of Personal Data Processed on Behalf of Controllers

Dechert LLP on

On January 12, 2022, the French data protection authority (“CNIL“) published guidance on the reuse of personal data by processors for their purposes (“Guidance”). This the most recent guidance of a major EU regulator on a...more

BCLP

BCLP Global Data Privacy FAQs: What counts as a “transfer” of data under the EU GDPR? New draft EU Guidelines released

BCLP on

It is well known that the EU GDPR (specifically, Chapter V) restricts transfers of personal data from the EU to a “third country” (i.e. a jurisdiction outside the EEA) or to an international organisation. But what is meant by...more

Akin Gump Strauss Hauer & Feld LLP

European Data Protection Board Forms Two New Taskforces to Address Schrems II Aftermath

Akin Gump Strauss Hauer & Feld LLP on

On Friday September 4, 2020, the European Data Protection Board (EDPB), a body consisting of representatives of all the Data Protection Authorities (DPAs) in the European Economic Area, announced that it had formed two new...more

Hinshaw & Culbertson LLP

GDPR and the Uniform Foreign Country Money Judgments Recognition Act

Hinshaw & Culbertson LLP on

You are an American company. While you sell product or otherwise interact with Europe, and thereby collect personal information about European residents, you have no assets or facilities on that continent. Nonetheless, you...more

Epstein Becker & Green

U.S. Employers and the GDPR: Where Are We Now?

Epstein Becker & Green on

Even though the General Data Protection Regulation (“GDPR”) became effective on May 25, 2018, its application to U.S.-based employers continues to evolve and increase in complexity. For U.S. employers of European Union (“EU”)...more

Husch Blackwell LLP

EDPB Issues Guidance For Cross-Border Data Transfers In Wake of Schrems II Judgment

Husch Blackwell LLP on

Keypoint: The EDPB’s FAQs resolve some open questions, such as whether there will be a grace period for companies relying on Privacy Shield, but raise other questions, such as what “supplementary measures” companies need to...more

BCLP

What are common examples of “legitimate interests” that are relied upon by controllers?

BCLP on

The GDPR prohibits a company from processing personal data unless one of six “lawful purposes” are present. One of those lawful purposes occurs when processing is necessary for a “legitimate interest pursued by the controller...more

BCLP

What types of contractual provisions are required for different types of service providers under the GDPR?

BCLP on

The type of contractual provisions that a company is required by the GDPR to impose upon a service provider differ based upon two primary factors: (1) whether the service provider is a “processor,” a “controller,” or a “joint...more

Jones Day

French Data Protection Authority Issues Draft Recommendations on Consent for Cookies

Jones Day on

The Situation: On July 4, 2019, the French data protection authority ("CNIL") published revised guidelines on the implementation of cookies or similar tracking technologies in order to take into account the new requirements...more

Best Best & Krieger LLP

GDPR Compliance

Best Best & Krieger LLP on

BB&K's Christina Morgan Talks About Data Privacy in Riverside Lawyer Magazine - Due to rising concerns about privacy in the digital world, in April 2016, the European Union adopted the General Data Protection Regulation...more

BCLP

GDPR Privacy FAQs: Are joint controllers jointly and severally liable for each other’s actions?

BCLP on

It is not clear at this point whether joint and several liability attaches to the actions of joint controllers. The GDPR states that a data subject “may exercise his or her rights under this Regulation in respect of and...more

BCLP

GDPR Privacy FAQs: Can a company share personal data in response to a non-compulsory document request from a government agency?

BCLP on

It depends. The GDPR prohibits a controller from “processing” personal data unless one of six situations, or permissible purposes, applies.  As the GDPR defines processing to include the “disclosure by transmission,...more

A&O Shearman

GDPR for Litigators

A&O Shearman on

Virtually all evidence, whether in litigation or arbitration or relating to investigations carried out by regulators or enforcement authorities, will contain some personal data. A year on from the EU General Data Protection...more

White & Case LLP

Chapter 13: Cross-Border Data Transfers – Unlocking the EU General Data Protection Regulation

White & Case LLP on

Why does this topic matter to organisations? In today's world, it is increasingly important to be able to move data freely to wherever those data are needed. However, the transfer of personal data to recipients outside the...more

White & Case LLP

Chapter 11: Obligations of processors – Unlocking the EU General Data Protection Regulation

White & Case LLP on

Why does this topic matter to organisations? Under the GDPR, the concept of a "processor" has not changed. Any entity that was a processor under the Directive likely continues to be a processor under the GDPR. However,...more

BCLP

GDPR’s Most Frequently Asked Questions: Are processors required to fully indemnify controllers for the actions of their...

BCLP on

The European Union's General Data Protection Regulation ("GDPR") is arguably the most comprehensive - and complex - data privacy regulation in the world. Although the GDPR went into force on May 25, 2018, there continues to...more

96 Results
 / 
View per page
Page: of 4
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide