Archives: International

Subscribe to International RSS Feed

CJEU Rules That Dynamic IP Addresses Are Personal Data

On October 19, 2016, the Court of Justice of the European Union issued its judgment in Patrick Breyer v. Bundesrepublik Deutschland, following the Opinion of Advocate General earlier this year. The CJEU followed the Opinion of the Advocate General and declared that the dynamic IP address of a website user is considered personal data.… Continue Reading

UK ICO Seeks Personal Liability for Directors

On October 13, 2016, Elizabeth Denham, the UK Information Commissioner, suggested at a House of Commons Public Bill Committee meeting that directors of companies who violate data protection laws should be personally liable to pay fines.… Continue Reading

CIPL and its GDPR Project Stakeholders Discuss DPOs and Risk under GDPR

Last month, the Centre for Information Policy Leadership held its second GDPR Workshop in Paris as part of its two-year GDPR Implementation Project. The purpose of the project is to provide a forum for stakeholders to promote EU-wide consistency in implementing the GDPR, encourage forward-thinking and future-proof interpretations of key GDPR provisions, develop and share relevant best practices, and foster a culture of trust and collaboration between regulators and industry. … Continue Reading

EDPS Issues Opinion on Coherent Enforcement of Fundamental Rights in the Age of Big Data

Recently, the European Data Protection Supervisor released Opinion 8/2016 on the coherent enforcement of fundamental rights in the age of big data. The Opinion updates the EDPS' Preliminary Opinion on Privacy and Competitiveness in the Age of Big Data, first published in 2014, and provides practical recommendations on how the EU's objectives and standards can be applied holistically across the EU institutions.… Continue Reading

CISPE Unveils Cloud Providers Code of Conduct

On September 27, 2016, Cloud Infrastructure Services Providers in Europe published its Data Protection Code of Conduct. CISPE, a relatively new coalition of more than 20 cloud infrastructure providers with operations in Europe, has focused the Code on transparency and compliance with EU data protection laws. … Continue Reading

CNIL Publishes Internet Sweep Results on Connected Devices

On September 26, 2016, the French Data Protection Authority published the results of the Internet sweep on connected devices. The sweep was conducted in May 2016 to assess the quality of the information provided to users of connected devices, the level of security of the data flows and the degree of user empowerment.… Continue Reading

Korean Privacy Law Updated

On September 22, 2016, Korean law firm Bae, Kim & Lee LLC released a Legal Update outlining amendments to Korea’s Personal Information Protection Act (“PIPA”) and the Act on the Promotion of IT Network Use and Information Protection (“IT Network Act”).… Continue Reading

Final Rules for the Data Privacy Act Published in the Philippines

Recently, the National Privacy Commission of the Philippines published the final text of its Implementing Rules and Regulations of Republic Act No. 10173, known as the Data Privacy Act of 2012. The IRR has a promulgation date of August 24, 2016, and went into effect 15 days after the publication in the official Gazette. … Continue Reading

TalkTalk Appeal Against ICO Fine for Late Notification of Data Breach Dismissed by First-Tier Tribunal

On August 30, 2016, the First-tier Tribunal (Information Rights) (the “Tribunal”) dismissed an appeal from UK telecoms company TalkTalk Telecom Group PLC (“TalkTalk”) regarding a monetary penalty notice issued to it on February 17, 2016, by the UK Information Commissioner’s Office (“ICO”). The ICO had issued the monetary penalty notice to TalkTalk, for the amount … Continue Reading

China Enacts E-Hailing Regulation to Protect Driver and Passenger Data

Last month, the People’s Republic of China’s administrative departments jointly published the Interim Measures for the Administration of Operation and Services of E-hailing Taxis. E-hailing is an increasingly popular emerging business in China that the Measures seek to regulate. The Measures will come into effect on November 1, 2016.… Continue Reading

China Publishes Regulation on the Use of Resident Identity Cards

Recently, the People’s Republic of China’s Ministry of Public Security, the National Development and Reform Commission and six other administrative departments jointly published the Announcement on Regulating the Administration of the Use of Resident Identity Cards. The Announcement came into effect on July 15, 2016, the date of its issuance.… Continue Reading

Article 29 Working Party and EDPS Release Opinions on the ePrivacy Directive

On July 25, 2016, the Article 29 Working Party and the European Data Protection Supervisor released their respective Opinions regarding the evaluation and review of Directive 2002/58/EC on privacy and electronic communications. Both the Working Party and the EDPS stressed that new rules should complement the protections available under the EU General Data Protection Regulation. … Continue Reading

The EU-U.S. Privacy Shield: A How-To Guide

Hunton partner Lisa Sotto and associate Chris Hydak recently published an article in Law360 entitled “The EU-U.S. Privacy Shield: A How-To Guide,” detailing the Privacy Shield principles, the benefits of certification, how the Shield will be enforced, and the challenges and risks associated with the future of the Privacy Shield. This blog post contains a link to the full article. … Continue Reading