The EU Cyber Resilience Act (CRA) (Regulation (EU) 2024/2847) is a pioneering piece of EU legislation that establishes mandatory cybersecurity standards for most hardware and software products made available on the EU market....more
By its much anticipated judgment of 4 May 2023, the European Court of Justice (CJEU) specified the requirements under which data subjects affected by a breach of the GDPR can claim for compensation of non-material damages...more
On 13 December 2022, the European Commission (“EC”) published its draft adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”) that is intended to foster trans-Atlantic data flows and address the concerns raised by...more
Ever since the White House issued its Executive Order to pave a path for the new EU-U.S. Data Privacy Framework, stakeholders have provided both praise and criticism about whether the Executive Order sufficiently addresses...more
In a recent judgment, the District Court Munich I granted a data subject compensation under Article 82 GDPR for non-material damages suffered as a result of an unauthorized third-party access to the subject's personal data....more
The table below sets out the guidance provided by data protection authorities (DPA) in response to the European Court of Justice’s landmark judgment in Case C-311/18 Data Protection Commissioner v. Facebook Ireland and...more
7/23/2020
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Ireland ,
Personal Data ,
Personally Identifiable Information ,
Schrems I & Schrems II ,
Standard Contractual Clauses
The Court of Justice of the European Union today invalidated the EU-US Privacy Shield and called into question the extent to which EU data exporters could rely on the European Commission’s Standard Contractual Clauses for...more
Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. ...more
2/25/2019
/ Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Germany ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular
Many companies have been struggling with GDPR implementation over the past two years, putting much effort into new roles, privacy concepts, and workflows. ...more
2/22/2019
/ Cybersecurity ,
Data Protection ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
EU Data Protection Laws ,
Failure to Comply ,
Fines ,
General Data Protection Regulation (GDPR) ,
Germany ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Regulatory Violations
In the first fine issued by a German data protection authority under the European General Data Protection Regulation (“GDPR”), on 21 November 2018 the authority of the German state of Baden-Württemberg (“LfDI”) imposed a fine...more
11/26/2018
/ BDSG ,
Corporate Counsel ,
Data Breach ,
Data Protection Authority ,
Encryption ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
Germany ,
Hackers ,
Information Technology ,
Personal Data ,
Personally Identifiable Information ,
Security Standards ,
Social Media
Datenschutzgrundverordnung stark im Zeichen des Datenschutzes. Viele Unternehmen hatten die Mammut-Aufgabe, die relevanten Anforderungen des Datenschutzes an die Verarbeitung personenbezogener Daten umzusetzen.
...more
10/25/2018
/ Advertising ,
Automotive Industry ,
Confidential Business Information (CBI) ,
Copyright ,
Data Breach ,
General Data Protection Regulation (GDPR) ,
Influencers ,
Infringement ,
Instagram ,
Intellectual Property Protection ,
Likelihood of Confusion ,
News Stories ,
Patents ,
Porsche ,
Regulatory Requirements ,
Reporting Requirements ,
Social Media ,
Unified Patent Court