News & Analysis as of

General Data Protection Regulation (GDPR) Cybersecurity Data Protection Authority

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
Alston & Bird

EDPB Adopts Opinion on the Use of Processors and Sub-processors

Alston & Bird on

On October 7, 2024, the European Data Protection Board (“EDPB”) adopted an opinion on obligations following from the use of processors and sub-processors (the “Opinion”). The EDPB is the body that seeks to ensure harmonised...more

Hogan Lovells

Dutch DPA’s fine decision suspended by Dutch court amidst “(commercial) legitimate interest-controversy”

Hogan Lovells on

Once again, a Dutch district court has recalled a decision of the Dutch Data Protection Authority (Dutch DPA) for its too strict interpretation that purely commercial interests cannot be legitimate interests under Article...more

A&O Shearman

UK - When is a data protection claim not a data protection claim?

A&O Shearman on

In a recent case, Pacini & Anor v Dow Jones & Company Inc., the publisher of the Wall Street Journal unsuccessfully applied to strike out a data protection claim concerning two historic articles....more

Hogan Lovells

Dutch DPA issues guidelines on data scraping

Hogan Lovells on

On 1 May 2024, the Dutch Data Protection Authority (DPA) issued guidelines on data scraping used by private organisations in relation to GDPR principles including ‘lawfulness’. The guidelines could affect the way GenAI...more

Hogan Lovells

Bilan de l’activité contentieuse de la CNIL en 2023 : un rétroviseur pour lire l’avenir

Hogan Lovells on

Il n’y a pas de question plus difficile en matière contentieuse que celle de l’anticipation des risques de faire l’objet d’un contrôle ou d’une sanction. C’est la raison pour laquelle il est utile de se nourrir des évolutions...more

Mayer Brown

EDPB Provides Guidance On Determining A 'Main Establishment' And The 'One-Stop-Shop' Mechanism

Mayer Brown on

The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more

Robinson+Cole Data Privacy + Security Insider

Italian Data Protection Authority Alleges Breaches of GDPR by ChatGPT Platform

Robinson+Cole Data Privacy + Security Insider on

On January 29, 2024, the Italian Data Protection Authority (Garante) notified OpenAI of breaches of data protection laws involving its ChatGPT platform....more

A&O Shearman

France CNIL calls for comments on its draft recommendation on security of critical data processing operations

A&O Shearman on

The French supervisory authority (CNIL) asked for public comments on its draft recommendation on data security in relation to processing that presents particularly high risks to individuals or to the public interest (the...more

Hogan Lovells

Public consultation on binding rules for phone marketing – Spanish update

Hogan Lovells on

The Spanish Data Protection Authority has opened a public consultation process to obtain comments for an incoming decision establishing the rules for commercial communications via telephone. This decision will be binding upon...more

Hogan Lovells

Comprendre et tirer les leçons de la riche activité de la CNIL de ces derniers mois

Hogan Lovells on

Les derniers mois ont vu une activité bouillonnante de la CNIL avec l’adoption de nombreuses délibérations. Nous avons analysé ces décisions pour comprendre les principales orientations prises par l’autorité française....more

A&O Shearman

DSK publishes decision on access by third country public authorities to data processed by processors in the EEA

A&O Shearman on

The German Data Protection Conference of supervisory authorities (DSK) issued a decision on how to evaluate the risk of personal data being accessed by non-EEA public authorities, or by a parent company, when processed by a...more

Hogan Lovells

German DPA comments on Executive Order for EU-U.S. Data Privacy Framework

Hogan Lovells on

Ever since the White House issued its Executive Order to pave a path for the new EU-U.S. Data Privacy Framework, stakeholders have provided both praise and criticism about whether the Executive Order sufficiently addresses...more

Orrick, Herrington & Sutcliffe LLP

Volkswagen Fined 1.1 Million Euros for GDPR Violations During Test Drives

Orrick, Herrington & Sutcliffe LLP on

On 26 July 2022, the Lower Saxony data protection authority ("Lower Saxony DPA") announced that it has imposed a fine of 1.1 million euros on Volkswagen ("VW") due to GDPR violations. It found that VW has violated data...more

Orrick, Herrington & Sutcliffe LLP

French and Italian Data Protection Authorities Take Issue with Google Analytics: Analysis and Key Takeaways

Orrick, Herrington & Sutcliffe LLP on

Google Analytics remains a hot topic for businesses and apparently also for data protection authorities (DPAs). With the advent of these new decisions and the new CNIL guidance, businesses have an even harder time justifying...more

Robinson+Cole Data Privacy + Security Insider

Google Analytics Runs Afoul of GDPR

Robinson+Cole Data Privacy + Security Insider on

Recent reports from several European Data Protection Authorities (DPAs), the bodies empowered to regulate consumer privacy under the General Data Protection Regulation (GDPR), have ruled that Google Analytics violates the...more

Hogan Lovells

European Commission criticizes Dutch DPA's interpretation of legitimate interest

Hogan Lovells on

The European Commission (EC) has proactively reached out to the Dutch Data Protection Authority (DPA) to criticize its interpretation of legitimate interest under the GDPR. The criticism is in response to enforcement actions...more

Hogan Lovells

Reform of the procedure before the French Data Protection Authority

Hogan Lovells on

On 24 January and 8 April 2022, the procedure before the French Data Protection Authority (CNIL) was reformed with the aim notably to better respond to the growing number of complaints that the CNIL receives each year...more

Hogan Lovells

Clinical trials in Spain: Takeaways from the new code of conduct (Part 1)

Hogan Lovells on

Last week we raised our hands to inform you about the Spanish Data Protection Authority’s approval of the "Code of Conduct on the processing of personal data in the field of clinical trials and other clinical research as well...more

Hogan Lovells

French DPA opened public consultation on standards for Early Access and Compassionate Access

Hogan Lovells on

The healthcare sector is a current focus of the French data protection authority (CNIL) which just published two draft standards regarding processing of personal data in the context of Early Access and Compassionate Access....more

Morgan Lewis - Tech & Sourcing

Germany Updates Privacy Guidance through Unfair Competition Act

Morgan Lewis - Tech & Sourcing on

The German Conference of DPAs (the DSK) has released new (legally non-binding) detailed Guidelines dated February 18, 2022 with respect to direct marketing in Germany. ...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - February 2022

Skadden, Arps, Slate, Meagher & Flom LLP on

In this month’s Privacy & Cybersecurity Update, we examine the Illinois Supreme Court’s decision in a case involving workers compensation and the state’s Biometric Information Privacy Act, U.K. data transfer regimes before...more

Epstein Becker & Green

Cookies Resulting in Cross Border Data Transfers to the United States Draw Scrutiny from European Data Privacy Regulators

Epstein Becker & Green on

Recent decisions from the European Union (EU) have placed renewed focus on the use of common cookies used on ecommerce and other websites used by consumers and employees and transfers of personal data collected through...more

Orrick, Herrington & Sutcliffe LLP

The Curious Incident of the Transparency and Consent Framework: Does IAB Europe's ad-consent popup system have a future?

Orrick, Herrington & Sutcliffe LLP on

On 2 February 2022 the Belgian Data Protection Authority ("Belgian DPA") ruled that IAB Europe's Transparency and Consent Framework ("TCF") does not comply with the GDPR and fined IAB Europe €250,000. While the sanctions...more

Wilson Sonsini Goodrich & Rosati

Belgian DPA Finds That IAB Europe’s Cookie Consent Framework Violates the GDPR

Wilson Sonsini Goodrich & Rosati on

On February 2, 2022, the Belgian Data Protection Authority (DPA) found that the Interactive Advertising Bureau Europe (IAB) Transparency & Consent Framework (TCF), a tool used to record individuals' online ad preferences,...more

Dechert LLP

Belgian DPA Fines IAB: Rough Waters Ahead for Ad Industry

Dechert LLP on

On February 2, 2022, the Belgian Data Protection Authority (“DPA”) issued a decision finding that the Interactive Advertising Bureau ("IAB”) Europe’s Transparency and Consent Framework (“TCF”) violates key provisions of the...more

130 Results
 / 
View per page
Page: of 6
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide