On April 4, 2017, the Article 29 Working Party adopted an Opinion on the Proposed Regulation of the European Commission for the ePrivacy Regulation. The Proposed ePrivacy Regulation is intended to replace the ePrivacy Directive and to increase harmonization of ePrivacy rules in the EU. … Continue Reading
On February 15, 2017, the European Data Protection Supervisor published its Priorities for 2017. The EDPS Priorities consist of a note listing the strategic priorities and a color-coded table listing the European Commission’s proposals that require the EDPS’ attention, sorted by level of priority.… Continue Reading
On January 10, 2017, the European Commission announced the final elements of its long-awaited “digital single market” strategy for Europe. The announcement includes two new proposed EU regulations as well as a European Commission Communication.… Continue Reading
On December 12, 2016, Politico reported that the European Commission intends to replace the e-Privacy Directive with a Regulation. The planned shift from a Directive to a Regulation means that the Regulation will create a harmonized set of requirements at the EU level that are directly applicable in the Member States. … Continue Reading
On July 25, 2016, the Article 29 Working Party and the European Data Protection Supervisor released their respective Opinions regarding the evaluation and review of Directive 2002/58/EC on privacy and electronic communications. Both the Working Party and the EDPS stressed that new rules should complement the protections available under the EU General Data Protection Regulation. … Continue Reading
Recently, the Centre for Information Policy Leadership at Hunton & Williams LLP co-hosted a one-day workshop in Amsterdam with the Dutch Ministry of Security and Justice, as part of its kick off of CIPL’s new long-term project on the implementation of the EU General Data Protection Regulation. This blog entry provides highlights on the project and a link to its workshop report.… Continue Reading
On April 11, 2016, the European Commission launched a public consultation to evaluate and review Directive 2002/58/EC on the processing of personal data and the protection of privacy in the electronic communications sector, also known as the e-Privacy Directive.… Continue Reading
On January 7, 2016, the European Data Protection Supervisor published his Priorities for 2016. The EDPS Priorities include the GDPR and transatlantic data flows. … Continue Reading
On January 20, 2015, a group of public officials and industry representatives debated the progress of the EU General Data Protection Regulation and offered views on the key issues that remain outstanding.… Continue Reading
On November 25, 2014, the Article 29 Working Party adopted Opinion 9/2014 on device fingerprinting. This Opinion addresses the applicability of the consent requirement in Article 5.3 of the e-Privacy Directive to device fingerprinting.… Continue Reading
On March 25, 2014, the Article 29 Working Party adopted an Opinion that provides data breach notification guidance. This blog post summarizes key points from the Opinion.… Continue Reading
On December 16, 2013, the French Data Protection Authority released practical guidance on how to obtain consent for the use of cookies and similar technologies in compliance with EU and French data protection requirements.… Continue Reading
On October 2, 2013, the Article 29 Working Party issued a Working Document providing guidance on how to obtain consent for the use of cookies and similar technologies in compliance with EU legal requirements. This blog entry summarizes the Working Document's suggestions of what to include in a cookie consent mechanism.… Continue Reading
On September 26, 2013, the UK Information Commissioner’s Office (“ICO”) published new breach notification guidance (the “Guidance”), applicable to telecom operators, Internet service providers (“ISPs”) and other public electronic communications service (“ECS”) providers.… Continue Reading
On August 24, 2013, a new breach notification regulation takes effect across the EU. The new regulation is intended to foster a consistent, pan-European approach to breach notification by Internet service providers, telecommunications providers and other public electronic communications service providers.… Continue Reading
On July 1, 2013, the Republic of Croatia became the 28th member state of the European Union. Croatia is now obligated to implement all EU legislation, including the EU Data Protection Directive 95/46/EC.… Continue Reading
On June 24, 2013, the European Commission announced new technical implementing measures that address the EU data breach notification requirement for telecom operators and internet service providers.… Continue Reading
On June 14, 2013, the European Data Protection Supervisor issued an Opinion addressing (1) the joint communication of the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy on their cybersecurity strategy, and (2) the European Commission’s proposed draft directive on measures to ensure uniformly high security measures for network and information security across the EU.… Continue Reading
On May 20, 2013, the Irish Office of the Data Protection Commissioner published its annual report for 2012, which summarizes the activities of the Office of the Data Protection Commissioner during 2012, including its investigations and audits, policy matters, and European and international activities.… Continue Reading
On February 27, 2013, the Article 29 Working Party adopted an Opinion addressing personal data protection issues related to the development and use of applications on mobile devices and clarifying the legal framework applicable to the various parties that develop and distribute mobile apps.… Continue Reading
On November 21, 2012, the UK Committee of Advertising Practice released new rules on online behavioral advertising that are part of a wider pan-European industry initiative to further refine the EU Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011.… Continue Reading
On June 7, 2012, the Article 29 Working Party adopted an Opinion analyzing the exemptions to the requirement that users must give informed consent for the use of cookies, and outlining the circumstances under which certain types of cookies may be exempt from the consent requirement. … Continue Reading
In recent weeks, regulators in California and Illinois have issued guidance on responding to data security breaches, while UK and California authorities released online forms for organizations to use when providing notification of a breach to regulators.… Continue Reading
On December 8, 2011, the Article 29 Working Party adopted an Opinion on the EASA/IAB best practice recommendations relevant to compliance with EU restrictions on the use of cookies.… Continue Reading
