On June 7, 2017, the European Commission published a paper signalling the EU’s intention to increase its role in directing cybersecurity policy and responses across its member states. … Continue Reading
Recently, the Centre for Information Policy Leadership at Hunton & Williams LLP issued a white paper. The White Paper sets forth guidance and recommendations on the key concepts of transparency, consent and legitimate interest under the EU General Data Protection Regulation.… Continue Reading
With just under one year to go before the EU General Data Protection Regulation becomes law across the European Union, the UK Information Commissioner’s Office has continued its efforts to help businesses prepare for the new law, including by issuing updated guidance and its Information Rights Strategic Plan 2017-2021. The ICO also has taken steps to address its own role post-Brexit.… Continue Reading
On April 4, 2017, the Article 29 Working Party adopted an Opinion on the Proposed Regulation of the European Commission for the ePrivacy Regulation. The Proposed ePrivacy Regulation is intended to replace the ePrivacy Directive and to increase harmonization of ePrivacy rules in the EU. … Continue Reading
On April 5, 2017, the Article 29 Working Party adopted the final versions of its guidelines on the right to data portability, Data Protection Officers and Lead Supervisory Authority, which were first published for comment in December 2016. The final publication of these revised guidelines follows the public consultation which ended in February 2017. … Continue Reading
On February 2, 2017, the UK government published a white paper entitled The United Kingdom’s exit from and new partnership with the European Union, which makes clear that the UK intends to maintain close ties with the European Union and its 27 remaining Member States after Brexit. … Continue Reading
On January 31, 2017, the Times of London reported that UK Prime Minister Theresa May plans to invoke Article 50 of the Treaty on European Union at the beginning of March, meaning that formal Brexit negotiations with the EU could begin thereafter.… Continue Reading
On January 25, 2017, President Trump issued an Executive Order entitled "Enhancing Public Safety in the Interior of the United States." This blog entry provides highlights on the Executive Order.… Continue Reading
On January 10, 2017, the European Commission published a communication addressed to the European Parliament and European Council on Exchanging and Protecting Personal Data in a Globalized World. The communication aims to facilitate commercial data flows and to foster law enforcement cooperation.… Continue Reading
On January 10, 2017, the European Commission announced the final elements of its long-awaited “digital single market” strategy for Europe. The announcement includes two new proposed EU regulations as well as a European Commission Communication.… Continue Reading
On December 12, 2016, Politico reported that the European Commission intends to replace the e-Privacy Directive with a Regulation. The planned shift from a Directive to a Regulation means that the Regulation will create a harmonized set of requirements at the EU level that are directly applicable in the Member States. … Continue Reading
On November 30, 2016, the Centre for Information Policy Leadership at Hunton & Williams LLP issued a white paper on The One-Stop-Shop and the Lead DPA as Co-operation Mechanisms in the GDPR.… Continue Reading
Recently, German chancellor Angela Merkel spoke at Germany’s 10th National IT Summit, and called for EU Member States to take a pragmatic approach to the application of EU data protection laws.… Continue Reading
Recently, at a meeting of the Article 31 Committee, the European Commission unveiled two draft Commission Implementing Decisions that propose amendments to the existing adequacy decisions and decisions on EU Model Clauses. … Continue Reading
Last month, the Centre for Information Policy Leadership held its second GDPR Workshop in Paris as part of its two-year GDPR Implementation Project. The purpose of the project is to provide a forum for stakeholders to promote EU-wide consistency in implementing the GDPR, encourage forward-thinking and future-proof interpretations of key GDPR provisions, develop and share relevant best practices, and foster a culture of trust and collaboration between regulators and industry. … Continue Reading
On September 27, 2016, Cloud Infrastructure Services Providers in Europe published its Data Protection Code of Conduct. CISPE, a relatively new coalition of more than 20 cloud infrastructure providers with operations in Europe, has focused the Code on transparency and compliance with EU data protection laws. … Continue Reading
On September 27, 2016, the French Data Protection Authority announced the adoption of two new decisions that will now cover all biometric access control systems in the workplace. These two new decisions repeal and replace the previous biometric decisions adopted by the CNIL.… Continue Reading
On July 20, 2016, the French Data Protection Authority announced that it issued a formal notice to Microsoft Corporation ordering the company to address several alleged violations of the French Data Protection Act concerning the Windows 10 operating system.… Continue Reading
On July 19, 2016, Advocate General Saugmandsgaard Oe published his Opinion on two cases that sought to establish whether a general obligation to retain data is compatible with the fundamental rights to privacy and data protection under EU law.… Continue Reading
On July 12, 2016, the EU Commissioner for Justice, Consumers and Gender Equality Vera Jourova and U.S. Secretary of Commerce Penny Pritzker announced the formal adoption of the EU-U.S. Privacy Shield framework, which is composed of an Adequacy Decision and accompanying Annexes. … Continue Reading
On July 6, 2016, the Bavarian Data Protection Authority issued a short paper on video surveillance under the EU General Data Protection Regulation. The paper is part of a series of papers that the Bavarian DPA will issue periodically on specific processing activities under GDPR. … Continue Reading
On July 8, 2016, EU representatives on the Article 31 Committee approved the final version of the EU-U.S. Privacy Shield to permit transatlantic transfers of personal data from the EU to the U.S.… Continue Reading
On July 6, 2016, the European Parliament adopted the Directive on Security of Network and Information Systems, which will come into force in August 2016. The NIS Directive is part of the European Commission’s cybersecurity strategy for the European Union, and is designed to increase cooperation between EU Member States on cybersecurity issues.… Continue Reading
On July 5, 2016, the European Commission announced the launch of a new public-private partnership on cybersecurity, as part of its Digital Single Market and EU Cybersecurity strategies.… Continue Reading
