Tag Archives: Jörg Hladjk

German DPA Issues Legal Opinion on Cloud Computing

Posted on June 23, 2010 by Hunton & Williams LLP

On June 18, 2010, the data protection authority of the German federal state of Schleswig-Holstein published a press release and a comprehensive legal opinion on cloud computing. The opinion provides an overview of cloud computing and discusses various practical and legal matters, including:

Applicable law issues
The legal basis for cloud computing and related processor and controller issues
Problems associated with the possibility of third-party access
The minimum requirements for data processor relationships and service provider contracts under the new German data protection law
Technical and organizational security measures
The legal landscape for clouds located outside the European Union

Tags: Adequacy, Binding Corporate Rules, Cloud Computing, Data Protection Authority, European Commission, Germany, Jörg Hladjk, Safe Harbor

German DPAs Require Data Exporters to Verify Safe Harbor Compliance

Posted on June 2, 2010 by Hunton & Williams LLP

On April 29, 2010, German data protection authorities issued a resolution regarding the obligations of German data exporters with respect to U.S. data importers that have self-certified under the Safe Harbor program. By requiring additional diligence when transferring data to Safe Harbor-certified entities, the resolution may appear to raise questions with respect to the European Commission’s decision that Safe Harbor certification is sufficient to demonstrate an adequate level of privacy protection.

Tags: European Commission, Germany, Jörg Hladjk, Safe Harbor

European Court of Justice Rules on German DPA System

Posted on March 10, 2010 by Hunton & Williams LLP

On March 9, 2010, the European Court of Justice ruled that the Federal Republic of Germany’s practice of “state supervision” over data protection authorities violates EU Data Protection Directive 95/46/EC. The case, brought by the EU Commission, is a milestone which will force Germany to change the structure of its DPA system and could have ramifications in other countries as well.

The Court’s decision is based on Article 28(1) of the Directive, which requires that data protection authorities (“DPAs”) act with “complete independence.” German law makes a distinction with regard to DPA supervision depending on whether the data processing is carried out by public or non-public bodies. There are therefore different authorities responsible for monitoring public entities’ compliance with data protection provisions versus those that monitor compliance by private parties and undertakings governed by public law which compete on the market (öffentlich-rechtliche Wettbewerbsunternehmen) outside the public sector (such as transportation and utility companies).

Tags: Data Protection Authority, EU Data Protection Directive, European Commission, Germany, Jörg Hladjk

Privacy and Information Security Law Blog - Global privacy and information security law updates and analysis

Tag Archives: Jörg Hladjk

German DPAs Require Data Exporters to Verify Safe Harbor Compliance

European Court of Justice Rules on German DPA System

Published By Hunton & Williams

Search

Subscribe

Topics

Recent Updates

Blogroll

Privacy News