News & Analysis as of

General Data Protection Regulation (GDPR) Data Protection

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
American Conference Institute (ACI)

How Can Companies Tackle Europe’s AI and Data Protection Rules?

Life science companies will have to grapple with unique questions in complying with the European Artificial Intelligence Act, including the scope of the law’s research exemption and the use of AI in personalized medicine and...more

A&O Shearman

Zooming in on AI – #10: EU AI Act – What are the obligations for “high-risk AI systems”?

A&O Shearman on

Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more

EDRM - Electronic Discovery Reference Model

Implications of the €310 Million LinkedIn Fine for GDPR Compliance

ComplexDiscovery’s Editor’s Note: This recent €310 million fine imposed on LinkedIn by Ireland’s Data Protection Commission (DPC) marks a powerful moment in GDPR enforcement, underlining the regulatory rigor facing global...more

Morgan Lewis

EU High Court Allows GDPR Claims in Business Litigation, Expands Scope of ‘Health Data’ Impacting Life Sciences and Consumer...

Morgan Lewis on

The Court of Justice of the European Union (CJEU), the EU’s highest court, recently announced its significant Lindenapotheke decision, permitting companies to use the General Data Protection Regulation in business-to-business...more

A&O Shearman

The European Data Protection Board publishes draft Guidelines on legitimate interest under GDPR for consultation

A&O Shearman on

On 9 October 2024, the European Data Protection Board (EDPB) published its draft Guidelines on the processing of personal data based on legitimate interest for public consultation. The draft Guidelines, adopted on 8 October...more

A&O Shearman

EU and UK Data Protection Regulatory Trends so far in 2024: a focus on international data transfers

A&O Shearman on

This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more

A&O Shearman

Zooming in on AI - #7: AI under financial regulations in the U.S., EU and U.K. - a comparative assessment of the current state of...

A&O Shearman on

This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more

Dunlap Bennett & Ludwig PLLC

How ISO 27001 Supports Consumer Privacy: Part 2

Successfully implementing ISO 27001 involves more than just putting policies in place — it requires a systematic approach that integrates information security into every level of the organization. The goal of ISO 27001 is to...more

A&O Shearman

Zooming in on AI - #5: AI under financial regulations in the U.S., EU and U.K. – a comparative assessment of the current state of...

A&O Shearman on

Rapid and accelerating developments in artificial intelligence have prompted governments around the world to consider how AI should be regulated and used responsibly by businesses, without stifling innovation. This is...more

Hogan Lovells

New rigorous but practical EDPB guidelines on "legitimate interest" open for consultation

Hogan Lovells on

On 8 October 2024, the European Data Protection Board (“EDPB”) issued draft Guidelines 1/2024 concerning the processing of personal data based on legitimate interests under Article 6(1)(f) of the GDPR (“Guidance”), which...more

Dunlap Bennett & Ludwig PLLC

How ISO 27001 Supports Consumer Privacy: Part 1

Mounting regulatory pressure to protect individual privacy rights has turned safeguarding personal data into a business imperative. Regulations like the General Data Protection Regulation (GDPR) in the European Union and the...more

Pillsbury - Consumer Protection Dispatch

GDPR Enforcement: Lessons from Recent Data Privacy Penalties

Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more

White & Case LLP

CJEU: Competitors Can Sue over Data Protection Violations

White & Case LLP on

The German Federal Court of Justice (Bundesgerichtshof), tasked with resolving a conflict between two competing pharmacists, sought guidance from the Court of Justice of the European Union ("CJEU") on interpreting the General...more

Alston & Bird

EDPB Adopts Opinion on the Use of Processors and Sub-processors

Alston & Bird on

On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised...more

Morgan Lewis - Tech & Sourcing

GDPR: When Can Data Controllers Rely on 'Legitimate Interests' for Data Processing? New Guidelines from the EDPB

The European Data Protection Board (EDPB), the umbrella group of the EU’s data protection authorities, has issued new Guidelines 01/2024 of October 9, 2024 on the processing of personal data based on the legitimate interest...more

Akin Gump Strauss Hauer & Feld LLP

Cybersecurity & Data Privacy Issues in Fund Finance

During the course of any lending transaction, lenders will conduct a due diligence review of the borrower, including reviewing any relevant “know-your-customer” information. In the context of a fund finance transaction, this...more

A&O Shearman

CJEU Commercial interests of controller can serve as a legitimate interest

A&O Shearman on

The CJEU considered: (a) whether a legitimate interest of the controller or third party must be determined by law, and (b) whether provision of personal data of the members of a sports federation to third parties in return...more

Fisher Phillips

Netherlands Imposes Record-Breaking Data Privacy Fine on Uber: 4 Key Steps Companies Can Take to Ensure Compliance

Fisher Phillips on

Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more

Wilson Sonsini Goodrich & Rosati

Cybersecurity: A Critical Element in Your 2025 Business Forecast

As cyberattacks become more sophisticated, cybersecurity remains a top concern for regulators, consumers, business partners, and investors. Weak security can cause substantial harm to a company and lead to litigation,...more

DLA Piper

Data Act Frequently Asked Questions Answered by the EU Commission

DLA Piper on

The EU Data Act is one of the cornerstones of the EU's Data Strategy and introduces a new and horizontal set of rules on data access and use to boost the EU's data economy. Most of the provisions of the Data Act will become...more

Hogan Lovells

Dutch DPA’s fine decision suspended by Dutch court amidst “(commercial) legitimate interest-controversy”

Hogan Lovells on

Once again, a Dutch district court has recalled a decision of the Dutch Data Protection Authority (Dutch DPA) for its too strict interpretation that purely commercial interests cannot be legitimate interests under Article...more

Morgan Lewis

German Data Protection Authorities on Asset Deals: Restrictions on Data Transfers Under GDPR

Morgan Lewis on

The German Data Protection Conference (DSK) on September 11, 2024 published guidance on asset deals (the Guidelines) that distinguishes between various stages of a sale process and the relevant personal data that can be...more

Foley & Lardner LLP

Cybersecurity in the Age of Industry 4.0 - Part 2

Foley & Lardner LLP on

This is the second article in our two-part series on Cybersecurity in the Age of Industry 4.0, focusing on the legal implications and potential liabilities manufacturers face from cyberattacks, as well as practical...more

Epiq

The Sedona Conference Commentary on Proportionality in Cross-Border Discovery: A Brief Overview | Epiq

Epiq on

The Sedona Conference (TSC) and its Working Group 6 on International Electronic Information Management, Discovery, and Disclosure recently published their Commentary on Proportionality in Cross-Border Discovery (Commentary)...more

Mayer Brown

Personal Data Sharing: What Information About Recipients Do We Need to Provide to Individuals Under the GDPR?

Mayer Brown on

Sharing personal data is necessary for most organisations, but it also entails certain data protection risks. Controllers who share personal data with others must, among other obligations, ensure that they comply with the...more

2,334 Results
 / 
View per page
Page: of 94

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide