News & Analysis as of

Data Protection Authority

EU Data Transfer Solutions Under Further Judicial Scrutiny – What Next For Model Contract Clauses?

The European Union Court of Justice (“CJEU”) to rule on the validity of Model Contractual Clauses (“MCCs”) following referral by the Irish High Court. The Irish High Court has “well-founded” concerns that there is no...more

UK proposal for three-tier fee model for data controllers from May 2018

by Ropes & Gray LLP on

With the deadline for enforcement of the GDPR looming closer, many data controllers had believed that, with the abolition of the requirement to notify the Information Commissioner’s Office (ICO) of their data processing...more

Privacy Shield Gets Passing Grade

In reviewing the first year of implementation of the European Union-United States Privacy Shield, the Commission to the European Parliament and the Council declared it “adequate.”...more

Article 29 Working Party Issues Guidance on Breach-Notification Obligations under GDPR

by Ballard Spahr LLP on

The Article 29 Working Party (WP29) recently issued guidelines regarding data controllers' notification obligations following security breaches involving the personal data of EU citizens....more

European Commission Publishes First Annual Report on EU-US Privacy Shield

by Reed Smith on

Following our previous blog on the upcoming first annual review of the EU-US Privacy Shield, the European Commission (“Commission”) published its report on 18 October 2017 (“Report”). Overall, the Report confirms that the...more

The UK’s Data Protection Authority goes myth-busting: fining powers; consent; the "misconception" that the GDPR is an unnecessary...

by Ropes & Gray LLP on

The UK’s Information Commissioner’s Office has published a series of blog pieces to “bust some myths” about the General Data Protection Regulation, which comes into effect on 25 May 2018. According to the Information...more

European General Data Protection Regulation: GDPR Compliance for U.S. Business

The General Data Protection Regulation (GDPR) was approved by the European Union (EU) in 2016 and replaces the 1995 EU Data Protection Directive 95/46/EC. Enforcement begins May 25, 2018 – including the application of heavy...more

The EU – US Privacy Shield Passed Its First Annual Review

by Jackson Lewis P.C. on

The European Commission recently issued an overall positive review in its first annual report on the E.U. – U.S. Privacy Shield (“Privacy Shield”), after evaluating the Privacy Shield in its joint review with the US last...more

EU Commission’s First Annual Review Confirms Adequacy of the EU-U.S. Privacy Shield

On October 18, 2017, the European Commission published its report and supporting documents regarding its first annual review of the EU-U.S. Privacy Shield (Privacy Shield), which sets forth procedures and safeguards for...more

Automated Decision-Making Under the GDPR – A Right for Individuals or A Prohibition for Controllers?

by Hogan Lovells on

The complexity of the EU General Data Protection Regulation (“GDPR”) is often alleviated by the guidance of regulatory authorities who contribute their practical interpretation of the black letter of the law and provide...more

Connected Cars “Compliance Package” at the Forefront

by K&L Gates LLP on

On October 17, after about 18 months of waiting, a consultation involving more than 20 players, and two intermediate versions, the French Data Protection Authority (“Commission Nationale de l’Informatique et des Libertés” or...more

An English-Language Primer on Germany’s GDPR Implementation Statute: Part 4 of 5

by Alston & Bird on

Over the past year, the German government has been working on legislation to implement the EU’s General Data Protection Regulation (GDPR). On July 6, 2017, Germany did so by passing a statute titled the Data Protection...more

Windows 10 Fails to “Go Dutch” When it Comes to Protecting Privacy: Data Privacy Trends

by CloudNine on

According to Silicon (Windows 10 Data Collection Branded A Breach Of Dutch Privacy Law, written by Roland Moore-Colyer), the Dutch Data Protection Authority (DPA) has declared that Windows 10 breaches the data protection law...more

Looming Ruling on EU Data Transfer Rules Carries Potentially Serious Implications

by Jones Day on

The Situation: The European Court of Justice ("ECJ") is to rule on the validity of EU Standard Contractual Clauses used by companies to transfer personal data outside of the European Union, at the request of Ireland's High...more

New Consultations for the Interpretation of the GDPR Initiated by French Data Protection Authority on the Concepts of...

by K&L Gates LLP on

In June 2017, the Article 29 Working Party – the gathering the all Member States’ Data Protection Authorities (DPAs) – announced that the five last guidelines to be adopted as companion pieces to the General Data Protection...more

What's at Stake in the Latest Landmark EU International Data Privacy Case?

by Faegre Baker Daniels on

The long-running legal challenge on the validity of transfers of personal data from the European Union reached another milestone last week. On October 3, the Irish High Court referred questions on the validity of EU Standard...more

Irish Court Casts Serious Doubt on EU Model Clauses

by McDermott Will & Emery on

The validity of Model Clauses for EU personal data transfer to the United States is now in real doubt as a result of a new Irish High Court opinion stating that there are “well founded grounds” to find the Model Clauses...more

Will the EU box itself in? Fate of Standard Contractual Clauses (aka the Model Clauses) for personal data transfers is now in the...

Executive summary: The EU’s standard contractual clauses may be on the fast track to invalidation, putting a vast number of personal data transfers from the EEA at risk. A case brought by Maximilian Schrems (whose first...more

Spanish DPA Fines Facebook €1.2 Million for Data Protection Infringements

by Reed Smith on

The Spanish Data Protection Authority (AEPD) has imposed a fine of €1.2 million against Facebook following its investigation into whether Facebook’s data processing activities were in accordance with the Spanish Data...more

An English-Language Primer on Germany’s New GDPR Implementation Statute Part 2: Individual Rights, DPA Oversight and Enforcement,...

by Alston & Bird on

This is Part 2 of a two-part English-language overview of Germany’s recently passed new version of the Federal Data Protection Act (Bundesdatenschutzgesetz, or BDSG)—the BDSG-New, which implements the EU General Data...more

GDPR Update Data breaches and notifications (Dutch)

by Dentons on

Under the GDPR, data security plays a prominent role and the GDPR imposes strict obligations on data controllers and data processors regarding security. While the Dutch Data Protection Act (DDPA) already includes a data...more

UK publishes Data Protection Bill

by Dentons on

On Thursday 14 September 2017, the UK published its new Data Protection Bill. It comes with much fanfare that it will underpin a world class privacy regime for the UK, give individuals more control over their data, support...more

First Judgment on GDPR by German Administrative Court

by Reed Smith on

The General Data Protection Regulation (“GDPR”) will become applicable 25 May 2018. Even though the GDPR entered into force 24 May 2016, its provisions will be binding and enforceable only from 25 May 2018. In advance of the...more

The single authorization regarding the processing of personal data resulting from the Sapin II Law is finally applicable

by DLA Piper on

Through its Decision No. 2017-191 dated 22 June, 2017 (published in the Official Journal on 25 July , 2017), the French Data Protection Authority ("CNIL") amended the Single Authorization No. AU-004 on whistleblowing systems....more

GDPR Update: Data Processors (Dutch)

by Dentons on

In this GDPR Update we address the position of the data processor. The position of the data processor will be analysed from the perspective of the processor itself, as well as from the perspective of the data controller....more

473 Results
|
View per page
Page: of 19
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.