On April 12, 2019, the European Data Protection Board published draft guidelines 2/2019 on the processing of personal data in the context of the provision of online services to data subjects. This blog entry provides an overview of the Guidelines.
Continue Reading
EU Member States
European Commission Releases Study on GDPR Data Protection Certification Mechanisms
Posted on
Posted in European Union, International
The European Commission recently issued its study on GDPR data protection certification mechanisms. The study’s objectives and key findings are outlined in this blog entry.…
Continue Reading
CNIL Publishes Binding Rules on Processing Biometric Data as Workplace Access Control
Posted on
On March 28, 2019, the French data protection authority published a “Model Regulation” addressing the use of biometric systems to control access to premises, devices and apps at work.…
Continue Reading
EU Parliament Approves the Proposal for Cybersecurity Act
Posted on
On March 12, 2019, the European Parliament approved the proposal for “Regulation of the European Parliament and of the Council on ENISA,” repealing Regulation (EU) No 526/2013 and an information and communications technology cybersecurity certification.…
Continue Reading
EDPB Issues Statement on U.S. Foreign Account Tax Compliance Act
Posted on
On February 25, 2019, the European Data Protection Board issued a statement regarding the transfer of personal data from Europe to the U.S. Internal Revenue Service for purposes of the U.S. Foreign Account Tax Compliance Act.…
Continue Reading
EDPB Reiterates the Need to Address Post-Brexit Data Transfers, Including BCRs
Posted on
At its plenary meeting today in Brussels, the European Data Protection Board adopted an Information Note on Data Transfers under the GDPR in the Event of a No-Deal Brexit and an Information Note on BCRs for Companies Which Have ICO as BCR Lead Supervisory Authority.…
Continue Reading
European Commission Issues GDPR Infographic
Posted on
Posted in European Union, International
On January 25, 2019, the European Commission issued an infographic on compliance with and enforcement and awareness of the GDPR since it took force on May 25, 2018.…
Continue Reading
Hunton Briefing Reflects on GDPR Implementation and Future Challenges
Posted on
On January 16, 2019, Hunton Andrews Kurth hosted a breakfast seminar in London, entitled “GDPR: Post Implementation Review.” This blog entry provides highlights on the key discussion points from the seminar. …
Continue Reading
Advocate General Finds Search Engine Operators May Limit the Scope of Right to Be Forgotten to the EU
Posted on
Posted in European Union, International
On January 10, 2018, Advocate General Szpunar of the Court of Justice of the European Union issued an Opinion in the case of Google v. CNIL, which is currently pending before the CJEU. In its Opinion, the Advocate General provided his views concerning the territorial scope of the right to be forgotten under the EU Data Protection Directive.…
Continue Reading
CNIL Fines Uber for Data Security Failure Related to 2016 Data Breach
Posted on
On December 20, 2018, the CNIL announced that it imposed a fine of €400,000 on Uber France SAS for failure to implement some basic security measures which resulted in the 2016 Uber data breach.…
Continue Reading