On 27 June 2024, the Spanish supervisory authority (‘AEPD’) and the European Data Protection Supervisor (‘EDPS’), announced the joint publication of a report addressing the data protection challenges associated with neuro...more
Quick Hits Schrems II Recap Most people are now familiar with the Schrems II requirements to “know your transfers” and to protect personal data when such information is subject to processing (including remote access to...more
DORA became law in December 2022 but provides for a grace period until 17 January 2025 for organisations to put in place the necessary measures to comply. The new rules will require engagement from both an operational and...more
In August 2020, privacy activist organization NOYB – European Center for Digital Rights filed 101 complaints with the EU Supervisory Authorities (‘SAs’) in connection with the transfer of personal data from Europe to...more
Background - On April 4th, 2023, the European Data Protection Board (‘EDPB’), which is composed of representatives of the EU national supervisory authorities and the European Data Protection Supervisor (‘EDPS’), published an...more
On March 15, 2023, the European Data Protection Board (“EDPB”) – the body through which the EU Member States’ Supervisory Authorities cooperate – along with 26 EU Supervisory Authorities officially launched a “coordinated...more
Following the positions expressed by the Austrian, German, and French supervisory authorities, the Italian Supervisory Authority (Garante per la Protezione dei Dati Personali)(Garante) published on 9 June 2022 a specific...more
The Italian Garante per la Protezione dei dati Personali (‘Italian SA’) published a decision of February 10, 2022 in which it imposes a 20 million EUR fine on a company outside of Europe for violation of the EU General Data...more
The European Union is investing resources and issuing legal tools in order to foster the lawful and accountable use of artificial intelligence (AI). In Spain, the Government is also working to promote and maximize the use of...more
The Dutch Supervisory Authority (Autoriteit Persoongsgevens or "AP") has published a privacy booklet that primarily aims to support Works Council in its role with regard to privacy under the GDPR. Whilst the booklet provides...more
On 16 July, 2020 the European Court of Justice (“CJEU”) published its decision invalidating the EU-U.S. Privacy Shield and setting out enhanced requirements for using the so-called Standard Contractual Clauses for Processors...more
The Data Protection Supervisory Authority for the state of Berlin (Die Berliner Beauftragte für Datenschutz und Informationsfreiheit, “Supervisory Authority”) recently issued a fine for GDPR violations against Germany’s...more
On July 8, 2019, the UK Information Commissioner’s Office (ICO) announced its intention to fine British Airways GBP 183.39 million over a data breach in which the personal data of approximately 500,000 customers was...more
Dear GDPR, Before you were born, you already attracted a lot of attention, after all, not everyone is born over two years after they are conceived and has 28 parents! And your parents had to ?resist an enormous pressure...more
General data protection regulation – Irish funds working group updates - In July 2018, the Irish Funds General Data Protection Regulation ("GDPR") (Regulation (EU) 2016/679) working group (the "Working Group") issued an...more
Antitrust and Competition - Transactions in the digital sector and acquisition of data continue to attract scrutiny in Europe - On 6 September 2018, the European Commission cleared without conditions the proposed acquisition...more
Shortly after the GDPR’s entry into application on May 25, 2018, several EU Supervisory Authorities have activated online Data Protection Officer (“DPO”) notification tools, allowing organizations to communicate the contact...more
Home Mortgage Disclosure Act: FFIEC's Revised 'A Guide to HMDA Reporting: Getting It Right!' On March 14, 2018, the Office of the Comptroller of the Currency published an updated resource providing guidance for complying...more
On March 15, 2018, the Joint Committee of the European Supervisory Authorities (“ESA“) published its final report, together with a factsheet, on the use of big data by financial institutions (JC/2018/04). Chapter 4 of the...more
Antitrust and Competition - Another transaction in the technology sector referred to the European Commission for its review - The European Commission (“Commission”) is yet again set to review a transaction in the technology...more
On 6 September 2017, the Court of Justice, the European Union (“EU”)’s highest court, issued its much awaited decision in a case of abuse of dominance by a US microchip manufacturer using exclusivity or loyalty rebates, i.e....more
The FCA and PRA announced changes to enforcement process with the aim of strengthening the transparency and effectiveness of enforcement decision-making processes. Some of the changes have already come into force, the rest...more
The new (EU) 2016/679 General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. Its scope is broader than that of the current 95/46/CE Directive, which means that more companies headquartered outside of...more
On April 14, 2016, the European Parliament passed the General Data Protection Regulation (GDPR) and its companion, Data Protection Directive for Police and Criminal Justice Authorities. The GDPR is a comprehensive regulation...more