On May 24, 2017, the Bavarian Data Protection Authority published a questionnaire to help companies assess their level of implementation of the EU General Data Protection Regulation.… Continue Reading
On April 12, 2017, the Centre for Information Policy Leadership at Hunton & Williams LLP issued a discussion paper on Certifications, Seals and Marks under the GDPR and Their Roles as Accountability Tools and Cross-Border Data Transfer Mechanisms which sets forth recommendations concerning the implementation of the EU GDPR’s provisions on the development and use of certification mechanisms.… Continue Reading
On April 4, 2017, the Article 29 Working Party adopted its draft Guidelines on Data Protection Impact Assessment and determining whether processing is “likely to result in a high risk” for the purposes of Regulation 2016/679. The Guidelines aim to clarify when a data protection impact assessment is required under the EU GDPR.… Continue Reading
On April 4, 2017, the Article 29 Working Party adopted an Opinion on the Proposed Regulation of the European Commission for the ePrivacy Regulation. The Proposed ePrivacy Regulation is intended to replace the ePrivacy Directive and to increase harmonization of ePrivacy rules in the EU. … Continue Reading
On April 5, 2017, the Article 29 Working Party adopted the final versions of its guidelines on the right to data portability, Data Protection Officers and Lead Supervisory Authority, which were first published for comment in December 2016. The final publication of these revised guidelines follows the public consultation which ended in February 2017. … Continue Reading
On March 28, 2017, the French Data Protection Authority published its Annual Activity Report for 2016 and released its annual inspection program for 2017. The Report presents the main accomplishments in 2016 and highlights the diversified activity at both the national and EU level with the adoption of two major pieces of legislation.… Continue Reading
On March 15, 2017, the French data protection authority published a six step methodology and tools for businesses to prepare for the EU General Data Protection Regulation that will become applicable on May 25, 2018. The six steps are outlined in this entry. … Continue Reading
Recently, the UK Information Commissioner’s Office published draft guidance regarding the consent requirements of the EU General Data Protection Regulation that sets forth how the ICO interprets the GDPR’s consent requirements, and its recommended approach to compliance and good practice. … Continue Reading
On March 21, 2017, Hunton & Williams will host an in-person seminar in its London office featuring seasoned cybersecurity practitioners. This blog entry provides more information on the event.… Continue Reading
Hunton & Williams LLP, in coordination with the U.S. Chamber of Commerce, recently issued a report that provides a series of recommendations to enhance the effectiveness of data privacy regulators. … Continue Reading
On March 1, 2017, Hunton & Williams senior consultant attorney Rosemary Jay presented evidence on the data protection reform package and the impact of Brexit to the UK Parliament’s House of Lords EU Home Affairs Sub-Committee meeting. … Continue Reading
On February 21, 2017, Sweet & Maxwell released a Guide to the General Data Protection Regulation, written by Hunton & Williams senior consultant attorney Rosemary Jay. This blog entry contains a link to purchase the book. … Continue Reading
On February 23, 2017, the French Data Protection Authority launched an online public consultation on three topics identified by the Article 29 Working Party in its 2017 action plan for the implementation of the EU General Data Protection Regulation. The three topics are consent, profiling and data breach notification. … Continue Reading
On February 20, 2017, the Article 29 Working Party issued a template complaint form and Rules of Procedure that clarify the role of the EU Data Protection Authorities in resolving EU-U.S. Privacy Shield-related complaints.… Continue Reading
On February 15, 2017, the Centre for Information Policy Leadership at Hunton & Williams LLP submitted two sets of formal comments to the Article 29 Working Party. CIPL commented on the Guidelines for identifying a controller or processor’s lead supervisory authority, and on the Guidelines on the right to data portability.… Continue Reading
On February 15, 2017, the European Data Protection Supervisor published its Priorities for 2017. The EDPS Priorities consist of a note listing the strategic priorities and a color-coded table listing the European Commission’s proposals that require the EDPS’ attention, sorted by level of priority.… Continue Reading
On March 6 and 7, 2017, the Centre for Information Policy Leadership at Hunton & Williams LLP and over 100 public and private sector participants in CIPL’s GDPR Implementation Project will convene in Madrid, Spain, for CIPL’s third major GDPR implementation workshop.… Continue Reading
On February 1, 2017, Matt Hancock, the UK Government Minister responsible for data protection, was questioned by the House of Lords committee on the UK’s implementation plan of the EU General Data Protection Regulation in the context of Brexit. In responding to the questioning, Hancock revealed further details into the UK Government’s position on implementing the GDPR into UK law.… Continue Reading
On February 2, 2017, the UK government published a white paper entitled The United Kingdom’s exit from and new partnership with the European Union, which makes clear that the UK intends to maintain close ties with the European Union and its 27 remaining Member States after Brexit. … Continue Reading
On January 31, 2017, the Times of London reported that UK Prime Minister Theresa May plans to invoke Article 50 of the Treaty on European Union at the beginning of March, meaning that formal Brexit negotiations with the EU could begin thereafter.… Continue Reading
On January 25, 2017, President Trump issued an Executive Order entitled "Enhancing Public Safety in the Interior of the United States." This blog entry provides highlights on the Executive Order.… Continue Reading
On January 24, 2017, the UK Supreme Court handed down its judgment that the UK government cannot commence the UK’s withdrawal from the EU without the approval of Parliament.… Continue Reading
On January 11, 2017, the Swiss Federal Data Protection and Information Commissioner announced that it has reached an agreement with the U.S. Department of Commerce on a new Swiss-U.S. Privacy Shield framework, which will allow companies to legally transfer Swiss personal data to the U.S.… Continue Reading
On January 10, 2017, the European Commission published a communication addressed to the European Parliament and European Council on Exchanging and Protecting Personal Data in a Globalized World. The communication aims to facilitate commercial data flows and to foster law enforcement cooperation.… Continue Reading
