The European Data protection Board (“EDPB”), which is composed of representatives of the national data protection authorities, and the European Data Protection Supervisor, adopted its report on the second annual review of the...more
2/4/2019
/ Court of Justice of the European Union (CJEU) ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Information Reports ,
International Data Transfers ,
National Security ,
Personal Data ,
Surveillance ,
Transparency ,
US-EU Safe Harbor Framework
This is the inaugural issue of WilmerHale’s 8-in-8 Recent Trends in European Law and Policy Alert Series. Over the next eight weeks, our attorneys will share insights on current and emerging issues affecting companies doing...more
5/31/2018
/ Cybersecurity ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Multinationals ,
Personal Data ,
Popular
This is the inaugural issue of WilmerHale's 8-in-8 Recent Trends in European Law and Policy Alert Series. Over the next eight weeks, our attorneys will share insights on current and emerging issues affecting companies doing...more
Brexit raises critical issues regarding the future transfer of personal data outside of the EU, not least as to the role of the UK Data Protection Authority, the Information Commissioner’s Office (“ICO”), and as to its...more
11/22/2017
/ Binding Contractual Rules ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Member State ,
Personal Data ,
Popular ,
UK ,
UK Brexit ,
UK Data Protection Act
One of the key components of the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) is its stronger enforcement mechanisms. Administrative fines are one of the most powerful parts of the enforcement...more
On October 18, the Article 29 Working Party released its draft of “Guidelines on Personal data breach notification under Regulation 2016/679” (“Guidelines on Personal data breach notification,” WP250). The guidelines are not...more
On October 18, the Article 29 Working Party released its draft of “ Guidelines on Automated individual decision-making and Profiling for the Purpose of Regulation 2016/679” (“Guidelines on Automated individual decision-making...more
On October 18, 2017, the EU Commission (“Commission”) published its report and other working documents (“Report”) on its first annual review of the EU-US Privacy Shield Framework (“Privacy Shield”). The Report summarizes that...more
The European Data Protection Supervisor (EDPS) has recommended further changes to the proposed ePrivacy Regulation that would have significant impacts on the electronic communication sector and other online companies. In a...more
The EU General Data Protection Regulation’s (GDPR) requirements are coming into focus quickly as EU data protection authorities continue to issue guidance on different aspects of the law. On April 4, 2017, the Article 29...more
While companies prepare for the EU General Data Protection Regulation (GDPR) to take effect in May 2018, another highly significant item on the agenda is arguably the current review process of the proposal for a Regulation on...more
On February 20, 2017, the Article 29 Working Party released procedures and a template complaint form for implementing the EU-US Privacy Shield. The procedures govern the functioning of the informal data protection authority...more
On January 10, 2017, the European Commission presented its proposal for a Regulation on Privacy and Electronic Communications (the “Proposed Regulation”). The Proposed Regulation would repeal and replace Directive 2002/58/EC...more
On December 21, 2016, the Grand Chamber of the Court of Justice of the European Union handed down another important judgment regarding data privacy in the European Union. The court held that under the Charter on Fundamental...more
The EU’s Article 29 Working Party (WP29) held a plenary meeting in early December 2016. At the meeting, the WP29 adopted guidelines and issued FAQs relating to the EU General Data Protection Regulation’s (GDPR’s) provisions...more
The European Commission formally adopted the EU-US Privacy Shield on July 12, 2016, ending months of legal uncertainty with a new framework for governing transatlantic data transfers after the Privacy Safe Harbor framework...more
7/13/2016
/ Data Protection Authority ,
Data Retention ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Privacy Policy ,
Self-Certification ,
Surveillance ,
Third-Party ,
U.S. Commerce Department
After months of back and forth, an updated version of the EU-US Privacy Shield agreement originally announced in February is on the verge of being formally adopted on Tuesday, July 12, 2016. While the final documents...more
The first European Union-wide rules on cybersecurity have been adopted by the European Parliament. Approved on July 6, 2016, the Directive on Security of Network and Information Systems (NIS Directive) creates new risk...more
7/7/2016
/ Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Digital Service Providers ,
ENISA ,
EU ,
EU Cybersecurity Directives ,
International Harmonization ,
Member State ,
Operators of Essential Services ,
Popular ,
Risk Management
On Monday, February 29th, the European Commission and U.S. Department of Commerce released a collection of documents summarizing actions taken on both sides of the Atlantic to implement the new Privacy Shield framework. This...more
3/2/2016
/ Article 29 Working Group ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Personal Data ,
Self-Certification ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
On December 15, 2015, the European Union reached an agreement on the final text of the new General Data Protection Regulation. The Regulation will replace the 1995 Data Protection Directive, which is currently the basis for...more
In a landmark judgment in Schrems v Data Protection Commissioner (C-362/14) (October 6, 2015) (“Safe Harbor judgment”), the European Court of Justice (“ECJ”) found the Safe Harbor Decision of the European Commission...more