On December 19, 2019, the members of the Permanent Representations of EU Member States to the Council of the European Union published a draft position on the application of the General Data Protection Regulation.
Continue Reading
EU Member States
CNIL Publishes Standard on Whistleblowing Hotlines
Posted on
Posted in European Union, International
On December 10, 2019, the French Data Protection Authority published the final version of its standard concerning the processing of personal data in the context of whistleblowing hotlines.…
Continue Reading
CJEU Rules “Right to be Forgotten” on Google Limited to the EU in Landmark Case
Posted on
On September 24, 2019, the Court of Justice of the European Union released its judgments in cases C-507/17, Google v. CNIL and C-136/17, G.C. and Others v. CNIL regarding (1) the territorial scope of the right to be forgotten, and (2) the conditions in which individuals may exercise the right to be forgotten in relation to links to web pages containing sensitive data.…
Continue Reading
CIPL Submits Comments to the EDPB’s Draft Guidelines on Data Processing Through Video Devices
Posted on
On September 6, 2019, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP submitted formal comments to the European Data Protection Board (the “EDPB”) on its draft guidelines on processing of personal data through video devices (the “Guidelines”). The Guidelines were adopted on July 10, 2019, for public consultation.
…
Continue Reading
EDPB Adopts Guidelines on Data Processing Through Video Devices
Posted on
Posted in European Union, International
The European Data Protection Board recently adopted its Guidelines 3/2019 on processing of personal data through video devices. Although the Guidelines provide examples of data processing for video surveillance, these examples are not exhaustive.…
Continue Reading
The Schrems Saga Continues: Schrems II Case Heard Before the CJEU
Posted on
Posted in European Union, International
On July 9, 2019, the hearing in the so-called Schrems II case (case C-311/18) took place at the Court of Justice of the European Union in Luxembourg. This blog entry provides highlights from the hearing, and also discusses the potential impact of the CJEU’s judgment in the case in the EU data protection landscape.…
Continue Reading
ICO Announces $124 Million Fine for Marriott International following Data Breach
Posted on
On July 9, 2019, the UK Information Commissioner’s Office announced that it intends to fine Marriott International £99,200,396 for a data breach violating the GDPR. This closely follows the £183 million fine for British Airways, announced on July 8.…
Continue Reading
ICO Announces $230 Million Fine for British Airways following Data Breach
Posted on
On July 8, 2019, the UK Information Commissioner’s Office announced that it intends to fine British Airways £183,390,000 for a data breach for violating the GDPR. This is the first fine to be announced publicly by the ICO under the GDPR.…
Continue Reading
EDPB Adopts Guidelines on Codes of Conduct and Monitoring Bodies
Posted on
Posted in European Union, International
The European Data Protection Board recently adopted its Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679. This blog entry provides an overview of the Guidelines.…
Continue Reading
ICO Reflects on a Year of GDPR
Posted on
The UK Information Commissioner’s Office recently published its reflections on the year that has passed since the implementation of the EU General Data Protection Regulation, together with a blog post by Elizabeth Denham, the UK Information Commissioner. …
Continue Reading