By

William RM Long

06 November 2017

European Commission Publishes its First Annual Review of EU-U.S. Privacy Shield

The EU-U.S. Privacy Shield has survived its infancy, although the October 18, 2017 European Commission report on its first annual review of the functioning of the EU-U.S. Privacy Shield (the “Report”) leaves uncertainty as to the long-term future of EU-U.S. Privacy Shield if the U.S. is unwilling or unable to adopt further Commission “recommendations”. The Report details the Commission’s findings on the implementation and enforcement of the Privacy Shield during its first year of operation. (more…)

SHARE
EmailPrintShare
31 October 2017

Article 29 Working Party Publishes Draft Guidelines on Notification of Personal Data Breaches Notification Under the GDPR

On October 3, 2017, the Article 29 Working Party (“WP29”) adopted draft guidelines regarding notification of personal data breaches under the EU’s General Data Protection Regulation (“GDPR”) which will require breach notification within 72 hours of awareness of a breach. (“Draft Guidelines”) (The Draft Guidelines appear to have been released for public comment during the week of 16th October). The deadline for comment is November 24, 2017. The Draft Guidelines are available here. The WP29 is a collective of EU data privacy supervisory authorities (“DPAs”). (more…)

SHARE
EmailPrintShare
20 October 2017

Article 29 Working Party Publishes Final Guidance on Data Protection Impact Assessments

On 4 October 2017 the Article 29 Working Party (“WP29”) published its final Guidelines on Data Protection Impact Assessment (“DPIA”) which were initially released in draft form in April 2017. Article 35 of the General Data Protection Regulation (“GDPR”) requires the use of DPIAs, or risk assessments of the proposed processing of personal data by an organisation, as part of regular business processes. The key revisions to note are in relation to the following concepts: (more…)

SHARE
EmailPrintShare
11 October 2017

Schrems Judgment in the Irish Commercial Court Raises Concerns over the “Model Contracts” for Transfer of Personal Data Out of Europe

An Irish High Court ruling may have a significant impact on one of the main mechanisms that global companies use to transfer personal data out of the European Economic Area (“EEA”).  The Irish High Court ruled on 3 October 2017 that the Standard Contractual Clauses (“SCCs”) used by companies to transfer data from the EEA to US, also frequently referred to as “Model Contracts,” must be the subject of review by the Court of Justice of the European Union. (more…)

SHARE
EmailPrintShare
26 September 2017

ECHR Ruled on Monitoring of Employee’s Electronic Communication

On 5 September 2017, the Grand Chamber of the European Court of Human Rights (the “ECHR”) overturned  the previous decision of the ECHR (sitting as a Chamber) and ruled that the Romanian courts had failed to strike a fair balance between the interest of an employer to monitor its employees’ electronic communications to ensure the smooth operation of the company and the employee’s right to respect for his private life and correspondence under Article 8 of the European Convention on Human Rights. However, in a question and answer  section on its website the EHCR made it clear that the ruling does not mean that employers cannot monitor employee’s communications at work. Employers may still monitor their employee’s communications as long as such a measure is accompanied by “adequate and sufficient safeguards against abuse.” (more…)

SHARE
EmailPrintShare
13 September 2017

EU Adequacy Ruling on Japan Expected

The EU Commission, through a joint statement on 4 July 2017 by Vera Jourova, EU Commissioner for Justice, and Haruchi Kumazawa, a Commissioner of Japan’s Personal Information Protection Commission, announced that the process is underway to provide Japan an EU adequacy decision on international data transfers by early 2018. Once approved, Japan will become the 13th country (crediting the US with an adequacy finding for organizations certifying under the Privacy Shield) globally and the first Asian country to be given adequate status by the EU Commission. (more…)

SHARE
EmailPrintShare
17 August 2017

Influential Stakeholders Debate a Cross-Sector Approach in Using Big Data for Improving Human Health

Big Data has been a hot topic of discussion in recent years. This was especially the case in Brussels, where the fiercely debated EU General Data Protection Regulation (GDPR) was adopted in 2016. A major concern for all of us is personal privacy. Less discussed is the use of Big Data for social good.

A traditional sectoral approach to harnessing the potential of Big Data for social good is insufficient. This is the case in terms of organisations from different sectors partnering to develop new technologies. It also means that legislation and policies on Big Data must be forward thinking and facilitate cross-sectoral co-operation. (more…)

SHARE
EmailPrintShare
10 August 2017

Greater Protection for Individuals and Larger Fines for Organisations Under a New UK Data Protection Bill

In a statement of intent published on 7 August 2017, the UK Government has committed to updating and strengthening data protection laws through a new Data Protection Bill (the “Bill”). The Bill will incorporate the new EU General Data Protection Regulation (the “GDPR”) into UK law.

According to the UK’s Minister of State for Digital, Matt Hancock, the Bill will “give [the UK] one of the most robust, yet dynamic, set of data laws in the world. The Bill will give people more control over their data, require more consent for its use, and prepare Britain for Brexit.” (more…)

SHARE
EmailPrintShare
21 July 2017

The Belgian Data Protection Authority Publishes Guidance on Records of Processing Activities Under the GDPR

The Belgian Commission for the Protection of Privacy (“Privacy Commission”) has recently published guidance on Article 30 of the GDPR which contains the obligation for data controllers and processors to record their processing activities.

This record will have to be up-to-date by 25 May 2018 and readily made available to the regulator should it ask to view it. (more…)

SHARE
EmailPrintShare
1 2 3 8
XSLT Plugin by BMI Calculator