Will the new EU General Data Protection Regulation prevent forum shopping?
It’s a common criticism of the current EU Data Protection Directive that its provisions determining applicable law invite forum shopping – i.e. encourage businesses to establish themselves in the...
View ArticleGerman monopoly commission advises not to regulate algorithms
This week, the German Monopoly Commission has published its extraordinary opinion on digital markets. Particularly interesting: the Commission advised not to regulate algorithms – which seems to be an...
View ArticleQ: Have we just passed a new EU data protection law? A: Not yet!
For those of you keeping tabs on EU data protection developments, today’s exciting news was that the Council of the EU has reached a “general approach” on Europe’s proposed General Data Protection...
View Article5 Practical Steps to help companies comply with the E-Privacy Directive (yes,...
This month (July 2015), the IAB Europe published new Guidance titled “5 Practical Steps to help companies comply with the E-Privacy Directive“. These 5 sensible steps in the document are aimed at brand...
View ArticleUnravelling the mysteries of the GDPR trilogues
In recent days, “trilogue” seems to be the buzz word on everyone’s lips following the adoption by the Council of Ministers of the European Union (the “Council”) of the General Data Protection...
View ArticleWhy are German courts allowed to take my global privacy policy apart?
Your service is innovative, you are ambitious, and the European digital market is there for the taking. Except that the EU is not the digital single market it strives to be just yet. Recent years have...
View ArticleWhat data protection reform would look like if it were up to me.
Earlier today I attended a superb session of the Churchill Club in Palo Alto, at which the European Data Protection Supervisor was speaking on data protection and innovation. As he spoke about the...
View ArticleEurope now holds the key to the future of privacy
A lot is being said about the CJEU’s ruling on Safe Harbour. Without any doubt, for the privacy community this is the most important legal development since the EU Commission’s announcement of a...
View ArticleGetting to know the GDPR, Part 2 – Out-of-scope today, in scope in the...
The GDPR expands the scope of application of EU data protection law requirements in two main respects: in addition to data “controllers” (i.e. persons who determine why and how personal data are...
View ArticleDPAs react to the CJEU’s decision on Safe Harbor
Since the CJEU’s decision of 6 October 2015 revoking the EU/US Safe Harbor program, Safe Harbor continues to make the headlines and there are new legal developments each day. This blog post summarizes...
View ArticleGetting to know the GDPR, Part 4 – “Souped-up” individual rights.
A key area of proposed change under the General data Protection Regulation (“GDPR“) relates to individual rights. The proposal is both to refresh individuals’ existing rights, by clarifying and...
View ArticleGetting to know the GDPR, Part 5: Your big data analytics and profiling...
What does the law require today? Currently, there is no legal definition of ‘profiling’ under European data protection law. The Directive 95/46/EC refers to ‘automated individual decisions’ without...
View ArticleEurope’s first ever EU-wide cyber-security rules “agreed”
On 7 December 2015 a European Parliament press release reported that EU MEPs had closed a deal with the European Council on the first ever EU rules on cyber-security. Though we’re yet to see the full...
View ArticleEU proposes new consumer rights for the return of data exchanged for digital...
We’ve previously commented in some depth on the EU’s Digital Single Market proposals, most of which are currently out to consultation. The European Commission today set out new plans for two proposals...
View ArticleThe Directive is Dead (Almost)! Long live the GDPR!
It’s here: after years and years of debate, the negotiating parties to the trilogue are reported finally to have agreed the text of the European Union’s successor privacy legislation: the General Data...
View ArticleGetting to know the General Data Protection Regulation, Part 6 – Designing...
Introduction One of the changes due to be implemented under the new General Data Protection Regulation (“GDPR”) is the explicit recognition of the concepts of ‘privacy by design’ and ‘privacy by...
View ArticleThe slow but inexorable fall of Safe Harbor
Recently, my colleague Phil Lee posted an obituary on Safe Harbor. The article was funny, a touch provocative, but especially well grounded. As we reach towards the end of January, never has the fate...
View ArticleNIS Directive establishes first EU-wide cyber security rules
In December 2015 the EU institutions came to an agreement on the Network and Information Security Directive (‘NIS Directive’), establishing a set of EU-wide rules on cyber security for the first time;...
View ArticleFrance to adopt GDPR provisions before it comes into force in 2018
France is getting ahead of the final adoption of the General Data Protection Regulation (“GDPR”) and is expected to adopt this year several provisions of the GDPR before it comes into force in 2018....
View Article
