The French Supervisory Authority (CNIL) wrapped up 2020 with a EUR 20,000 fine against NESTOR, a French food preparation and delivery company catering to office employees....more
When the General Data Protection Regulation (GDPR) came into force throughout the European Union nearly three years ago, one of its most eye-catching features was its extraterritorial jurisdiction provisions. These extend the...more
The French Supervisory Authority has set 31 March 2021 as the end of the “reasonable period” to bring websites and mobile applications into compliance. Following the adoption and publication of its updated guidelines along...more
With the Brexit transition period ending on 31 December 2020, and no deal in sight, the future of cross-border data transfers between the European Economic Area (the EEA) and the United Kingdom remains unclear. On 1 January...more
The European Data Protection Board (EDPB) published two sets of new guidelines on 2 September 2020, on the concepts of controller and processor (Guidelines 07/2020, the Guidelines) and on the targeting of social media users...more
Following the French Administrative Supreme Court (Conseil d’État) dated 19 June 2020 (see our alert here), the French Supervisory (CNIL) published on 01 October 2020 its updated guidelines (the Guidelines), replacing its...more
On 4 July 2019, the French Data Protection (CNIL) published its Guidelines on Cookies and Other Tracking Technologies. The Guidelines further detailed the nature of the interplay between the General Data Protection Regulation...more
With the recent decision from the Court of Justice of the European Union invalidating the Privacy Shield framework and subjecting the Standard Contractual Clauses (SCCs) to higher standard of enforcement, global companies...more
The long awaited Schrems II decision was published by the Court of Justice of the European Union (CJEU) on 16 July 2020, and while it has already been summarized as the death blow to the Privacy Shield framework and the...more
In a highly anticipated Schrems II decision, the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield, the legal framework allowing transatlantic exchanges of personal data for commercial purposes...more
The current COVID-19 pandemic continues to raise many issues on employee privacy and how employers may balance processing their employees’ data with ensuring safety in the workplace. ...more
While privacy concerns associated to the implementation of COVID-19 contact tracing apps across the European Union exist, the French Data Protection Authority (CNIL) also released a position paper on the collection of...more
As the COVID-19 pandemic continues to spread around the world and cause unprecedented health and economic challenges, technological measures, once thought extreme, are now being deployed for the purposes of contact tracing,...more
As the COVID-19 pandemic continues to create disruptions to economies and businesses across the globe, we have found many businesses are facing increasing, and changing, risks in projects they have on foot - and IT projects...more
Approaching its second anniversary this month, the European General Data Protection Regulation (GDPR) has never been as relevant as in these unprecedented COVID-19 times. While several countries are considering the...more
With COVID-19 officially declared a pandemic by the World Health Organization, European governments and companies, facing unprecedented challenges, are encouraging their employees to work from home, protect their health and...more
November will see several opportunities to discuss privacy matters in Europe and meet with The Privacist contributors within the K&L Gates’ platform, in connection with the International Association of Privacy Professionals...more
11/11/2019
/ California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
Personal Data
BREXIT: DEAL OR NO-DEAL? DATA IS THE QUESTION -
With the Brexit deadline looming ahead on 31 October 2019, the situation seemingly reaches new levels of uncertainty every day. Last week, the U.K. Supreme Court’s eleven...more
10/4/2019
/ Cookies ,
Court of Justice of the European Union (CJEU) ,
Data Breach ,
Data Controller ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Personal Data ,
UK ,
UK Brexit
Our original political update was going to be more general in nature covering the turbulent state of British politics and the UK Prime Minister's "Do or Die" determination to leave the EU on 31 October with or without a deal....more
Further to the adoption of the so-called Trademark Package at the European level, comprised of Regulation no.2015/2424 (as codified by Regulation no.2017/1001 dated 14 June 2017) on European Union (“EU”) Trademarks (the...more
On January 23, 2019, the EU Data Protection Board (“EDPB” - the gathering of all European Union (EU) data protection authorities) adopted opinion no. 3/2019 (the “Opinion”) on the interplay between the Clinical Trials...more
On November 23, the European Data Protection Board (“EDPB”) - the gathering of all European Union (EU) data protection authorities - adopted new draft guidelines on territorial scope of the GDPR. The EDPB was previously known...more
Background - On 17 July 2018, the European Union (the “EU”) and Japan reached an agreement to recognize each other’s data protections systems as “equivalent”, and each commits to complete internal procedures by fall 2018 (the...more
8/28/2018
/ Corporate Counsel ,
Cybersecurity ,
Data Collection ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Japan ,
Personal Data ,
Popular
On July 2, 2018, the French Data Protection Authority (“Commission Nationale de l’Informatique et des Libertés” or “CNIL”) published its yearly thematic guidance for the priority axes of its control activities, notably...more
On 26 October 2017, France’s Financial Markets Authority, the “Autorité des Marchés Financiers” (“AMF”), published a discussion paper focusing on initial coin offerings (“ICOs”) that highlights the (many) dangers that arise...more