News & Analysis as of

General Data Protection Regulation (GDPR) Regulatory Requirements Personal Data

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
A&O Shearman

CJEU publishes an updated Fact Sheet summarising key case law on protection of personal data

A&O Shearman on

On April 28 2025, the Court of Justice of the European Union (CJEU) published an updated version of the fact sheet (the Fact Sheet) summarising key case law on protection of personal data. The Fact Sheet covers the case law...more

Amundsen Davis LLC

Is My U.S.-Based Company Subject to the GDPR? Clearing Up European Data Privacy Law Misinformation

Amundsen Davis LLC on

If you are a compliance professional for a U.S.-based company, you have probably been told at some point that you have to worry about the General Data Protection Regulation (GDPR). Have you encountered one of these...more

Latham & Watkins LLP

Preparing for the European Health Data Space - Opportunities and Challenges for Europe’s Digital Future

Latham & Watkins LLP on

The EU regulation designed to facilitate secondary use of clinical data for research brings benefits for health research, but also poses challenges for companies....more

Baker Botts L.L.P.

Right to Erasure in the Spotlight as EU Data Protection Board Launches 2025 Coordinated Action

Baker Botts L.L.P. on

The European Data Protection Board (EDPB), the independent EU body responsible for ensuring the consistent application of the EU General Data Protection Regulation (GDPR) across all EU member states, has kicked off its...more

Latham & Watkins LLP

Kingdom of Saudi Arabia Issues New Data Transfer Risk Assessment Guidelines

Latham & Watkins LLP on

The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more

Alston & Bird

Belgian Data Protection Authority Issues Updated Guidance on Direct Marketing Rules

Alston & Bird on

On March 10, 2025, the Belgian Data Protection Authority (BDPA) updated its 2020 guidance on the processing of personal data for direct marketing purposes (see the updated guidance here in French and in Dutch)....more

Jackson Lewis P.C.

EU Data Enforcement Sweep: Are GDPR-Covered Entities Complying Properly with Data Subjects’ Right of Erasure?

Jackson Lewis P.C. on

The European Data Protection Board (EDPB) has launched its 2025 enforcement sweep targeting organizations’ compliance with data subjects’ right of erasure (right to delete or be forgotten), focusing particularly on how...more

Constangy, Brooks, Smith & Prophete, LLP

Chile brings its data privacy laws in line with global data privacy standards

Constangy, Brooks, Smith & Prophete, LLP on

Chile has amended its data privacy law granting significant rights to data subjects, and imposing stricter obligations on data controllers and processors. Published in the Official Gazette (Diario Oficial) on December 13,...more

Jenner & Block

Client Alert: New GDPR Investigations into the Use of Children’s Data

Jenner & Block on

The UK’s data protection regulator, the Information Commissioner’s Office (ICO), has recently announced investigations into three companies in connection with the use of children’s personal information. In a statement on...more

Barnea Jaffa Lande & Co.

Significant Shift in the Israeli Privacy Protection Authority’s Definition of Consent

Barnea Jaffa Lande & Co. on

The Israeli Privacy Protection Authority (PPA) has issued a new statement introducing a significant change in the interpretation of the law and in the required methods for obtaining consent to the collection and processing of...more

A&O Shearman

Polish supervisory authority publishes updated guide on personal data protection breaches

A&O Shearman on

On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more

DLA Piper

A New Prohibition Era for AI: Why You Could Be ‘Bootlegging’ Banned Tech

DLA Piper on

If hearing the word “prohibition” brings to mind the moonshine, speakeasies, and bootleg liquor of 1920s America, you’re not alone. It conjures images from ‘Boardwalk Empire’ or ‘The Untouchables’. But today’s prohibition...more

Jackson Lewis P.C.

Firings at the US Privacy and Civil Liberties Oversight Board and Potential Impact on Transatlantic Data Transfers

Jackson Lewis P.C. on

President Trump recently fired the three democrats on the Privacy and Civil Liberties Oversight Board (PCLOB). Since these firings bring the Board to a sub-quorum level, they have the potential to significantly disrupt...more

Sheppard Mullin Richter & Hampton LLP

Don’t Forget the EU: Italy Issued First GenAI Fine of €15 Million Alleging GDPR Violations 

Sheppard Mullin Richter & Hampton LLP on

At the end of 2024 the Italian Data Protection Authority issued a 15 million euro fine in the first generative AI-related case brought under GDPR. According to Garante (the Italian authority), OpenAI trained ChatGPT with...more

A&O Shearman

Data protection guidance for firms sharing customer information for the prevention of fraud

A&O Shearman on

The UK Information Commissioner’s Office (the ICO) has published guidance to help firms take steps to protect customers’ personal information when data is shared between firms to prevent fraud and scams....more

DLA Piper

EU: EDPB Opinion on AI Provides Important Guidance Though Many Questions Remain

DLA Piper on

A much-anticipated Opinion from the European Data Protection Board (EDPB) on AI models and data protection has not resulted in the clear or definitive guidance that businesses operating in the EU had hoped for. The Opinion...more

Wilson Sonsini Goodrich & Rosati

EU Court Awards Damages for Breach of EU Data Transfer Rules

Wilson Sonsini Goodrich & Rosati on

On January 8, 2025, the second highest court of the European Union (EU), the General Court of the Court of Justice of the EU (the Court), ordered (in Bindl v European Commission, Case T-354/22) the European Commission (EC) to...more

Jackson Lewis P.C.

Israel’s GDPR-like Legislation Set to Take Effect in 2025

Jackson Lewis P.C. on

In 2024, Israel became the latest jurisdiction to enact comprehensive privacy legislation, largely inspired by the EU’s General Data Protection Regulation (“GDPR”). On August 5, 2024, Israel’s parliament, the Knesset, voted...more

Perkins Coie

Privacy Law Recap 2024: State Consumer Privacy Laws

Perkins Coie on

U.S. privacy law continued to expand in 2024, both geographically and substantively. We now have 19 states with comprehensive consumer privacy laws (some of which are already in effect, while others become effective in...more

A&O Shearman

EU and UK Data Protection Regulatory Trends so far in 2024: a focus on international data transfers

A&O Shearman on

This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more

BCLP

Analysing the CNIL’s Latest Recommendations for AI Systems

BCLP on

Following the very recent adoption of the EU Regulation on AI (the AI Regulation) the CNIL (the French data regulator) has issued the second in its series of recommendations for the development of privacy-friendly AI models....more

Akin Gump Strauss Hauer & Feld LLP

Delaware Data Protection Act: What Businesses Need to Know

Akin Gump Strauss Hauer & Feld LLP on

In September 2023, Delaware became the seventh state in 2023 to enact comprehensive privacy law with the Delaware Personal Data Privacy Act (DPDPA), joining Indiana, Iowa, Montana, Oregon, Tennessee and Texas. The DPDPA will...more

Mayer Brown

EDPB Provides Guidance On Determining A 'Main Establishment' And The 'One-Stop-Shop' Mechanism

Mayer Brown on

The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more

A&O Shearman

Pensions: what's new this week - 2 October 2023

A&O Shearman on

Welcome to your weekly update from the Allen & Overy Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. This week we cover topics including: GMP equalisation...more

Littler

Department of Commerce Launches the EU-U.S. Data Privacy Framework: Considerations for Multinational Employers that Transfer EU...

Littler on

As of July 17, 2023, U.S.-based multinational employers that can access the personal data of their workforce members in the European Union (EU) via a human resources information system (HRIS), or otherwise transfer the...more

60 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide