EU Data Protection Directive

On July 29, 2019, the Court of Justice of the European Union released its judgment in case C-40/17, Fashion ID GmbH & Co. KG vs. Verbraucherzentrale NRW eV, ruling that Fashion ID should be considered a joint controller with Facebook regarding the collection and disclosure of personal data to Facebook as a result of embedding the Facebook ‘Like’ button on its website.
Continue Reading CJEU Ruling on Websites Using Facebook ‘Like’ Buttons

On April 12, 2019, the European Data Protection Board published draft guidelines 2/2019 on the processing of personal data in the context of the provision of online services to data subjects. This blog entry provides an overview of the Guidelines.
Continue Reading EDPB Publishes Guidelines on the Contractual Legal Basis for Data Processing of Online Services

On January 10, 2019, Advocate General Szpunar of the Court of Justice of the European Union issued an Opinion in the case of Google v. CNIL, which is currently pending before the CJEU. In its Opinion, the Advocate General provided his views concerning the territorial scope of the right to be forgotten under the EU Data Protection Directive.
Continue Reading Advocate General Finds Search Engine Operators May Limit the Scope of Right to Be Forgotten to the EU

On January 29, 2018, the Centre for Information Policy Leadership at Hunton & Williams LLP submitted formal comments to the Article 29 Working Party on its Guidelines on Consent. The Guidelines were adopted by the Working Party on November 28, 2017, for public consultation.
Continue Reading CIPL Submits Comments to Article 29 WP’s Proposed Guidelines on Consent