Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Jones Day Presents: Effect of GDPR, CCPA, and FTC on Blockchains
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
While mobile apps have become one of the major means of access to digital services, their ubiquity is accompanied by significant risks to users' privacy, due to the massive amount of personal data they collect and process....more
On 7 March 2024, the Court of Justice of the European Union issued a ruling (C-604/22 | IAB Europe) clarifying the concepts of personal data and controller in the context of the use of a Transparency and Consent Framework...more
On 8 March 2023, the newly-created Department for Science, Innovation and Technology (“DSIT”) introduced the UK government’s updated proposals for data protection reform in the shape of the Data Protection and Digital...more
On 3 May 2022, the European Commission launched its proposal for a Regulation for the European Health Data Space to “unleash the full potential of health data”. However, questions arise as to whether this proposal is a...more
Last week, the Belgian Data Protection Authority ruled that the IAB’s cookie consent framework violated the GDPR. This decision has tremendous potential implications on the ad tech industry, as both publishers and advertisers...more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
The Situation: On July 4, 2019, the French data protection authority ("CNIL") published revised guidelines on the implementation of cookies or similar tracking technologies in order to take into account the new requirements...more
The perplexing question of what U.S. companies must do to comply with EU “cookie” law became slightly more clear with the recent decision of the European Court of Justice (CJEU) in Planet49 GmbH, but numerous questions still...more
Why does this topic matter to organisations? Processing of personal data is lawful only if, and to the extent that, it is permitted under EU data protection law. Each and every data processing activity requires a lawful...more
Why does this topic matter to organisations? Processing of personal data is lawful only if, and to the extent that, it is permitted under EU data protection law. If the controller does not have a lawful basis for a given...more
Why does this topic matter to organisations? The defined terms set out in this Chapter are of critical importance to understanding how EU data protection law applies to an organisation. For example, the question of whether...more
On 23 January 2019, the European Data Protection Board (“EDPB”) issued an opinion on the interplay between the EU General Data Protection Regulation (“GDPR”) and the EU Clinical Trials Regulation (“CTR”). The CTR is not yet...more
On 21 January 2019, the French Data Protection Authority (the “French DPA”) fined Google LLC 50 million euros for breach of the GDPR. As we reported on this blog, just after GDPR became applicable, noyb.eu (None of Your...more
Six months have now passed since the implementation of the EU General Data Protection Regulation (GDPR). The GDPR has raised awareness of the importance of personal privacy as a fundamental right and placed data protection...more
Under the GDPR, processors must have a lawful basis for processing any data of an EU data subject. Consent is one of six lawful bases under the GDPR, and in this installment of GDPR SIDEBAR, we’ll cover best practices that...more
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) took effect. Although EU laws typically don’t have a worldwide impact, the GDPR will impact business across the globe. The GDPR has an extremely...more
The General Data Protection Regulation ("GDPR") becomes effective on May 25, 2018. Its goal is to protect EU citizens from privacy and data breaches. The key provisions of the GDPR and information on how it may impact...more
An immense volume of personal data (or personally identifiable information) is proliferating and flowing throughout the world. Personal data is an incredibly valuable asset to companies but data protection and privacy laws...more
In December 2017, the Article 29 Working Party released for comment a draft of its guidance on consent under the GDPR. Consent is one of the lawful bases for processing personal data and one of the permitted means by which...more
One of the most striking changes to EU privacy law under the EU’s General Data Protection Regulation (which goes into effect May 25, 2018) is the very strict approach to user consent. For many years, companies operating in...more
The UK's Information Commissioner, Elizabeth Denham, has launched a series of blogs designed to “bust some of the myths” which she believes have developed around the EU General Data Protection Regulation (GDPR). Her first...more
The European Parliament has approved the reformed General Data Protection Regulation (the “GDPR”). Given this is a Regulation (rather than a Directive), this legislation will apply automatically in every Member State (without...more
The EU General Data Protection Regulation (the “GDPR”) was adopted by the EU Parliament last April 14, 2016. The GDPR will replace the EU Data Protection Directive (95/46/EC), which was implemented more than 20 years ago....more
The EU Parliament Committee on Civil Liberties, Justice, and Home Affairs (“LIBE”) finally released the text of the long anticipated new data protection law. While the law has not formally been enacted, its adoption at this...more