News & Analysis as of

General Data Protection Regulation (GDPR) Cybersecurity Personal Data

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
A&O Shearman

English Court reviews the ICOs first GDPR fine (again)

A&O Shearman on

In December 2019, the UK Information Commissioner’s Office (ICO) imposed a fine of £275,000 on Doorstep Dispensaree Limited (DDL) for multiple contraventions of the GDPR. On December 9 2024, five years on and three judgments...more

HaystackID

GDPR and AI Models: Key Insights from the EDPB’s Latest Opinion

HaystackID on

The European Data Protection Board (EDPB) has released a comprehensive opinion addressing key data protection concerns related to the development and deployment of artificial intelligence (AI) models. The opinion, requested...more

Osano

Privacy by Design: Understanding and Implementing the Framework

Osano on

As of this writing, the CAM4 security incident remains the largest data breach in history. The attack on the website exposed nearly 11 billion records, including users' names, email addresses, sexual orientations, chat...more

Orrick, Herrington & Sutcliffe LLP

Analysis of the CJEU Judgment Which Paves the Way for Competitor Civil Actions Regarding GDPR Violations

Orrick, Herrington & Sutcliffe LLP on

Entscheidung. Man darf sich fragen, warum Kündigungsbeschränkungen gerade im HV-Recht eine vergleichsweise hohe Bedeutung haben, obwohl eigentlich für andere Verträge nichts Abweichendes gelten dürfte. Auch das...more

Hogan Lovells

EDPB Opinion on controller accountability in sub-processing chains

Hogan Lovells on

On 9 October 2024, the European Data Protection Board (EDPB) published its Opinion 22/2024, clarifying the responsibilities of controllers when relying on processors and sub-processors. This guidance emphasizes the importance...more

Morgan Lewis

EU High Court Allows GDPR Claims in Business Litigation, Expands Scope of ‘Health Data’ Impacting Life Sciences and Consumer...

Morgan Lewis on

The Court of Justice of the European Union (CJEU), the EU’s highest court, recently announced its significant Lindenapotheke decision, permitting companies to use the General Data Protection Regulation in business-to-business...more

Hogan Lovells

New rigorous but practical EDPB guidelines on "legitimate interest" open for consultation

Hogan Lovells on

On 8 October 2024, the European Data Protection Board (“EDPB”) issued draft Guidelines 1/2024 concerning the processing of personal data based on legitimate interests under Article 6(1)(f) of the GDPR (“Guidance”), which...more

Morgan Lewis - Tech & Sourcing

GDPR: When Can Data Controllers Rely on 'Legitimate Interests' for Data Processing? New Guidelines from the EDPB

Morgan Lewis - Tech & Sourcing on

The European Data Protection Board (EDPB), the umbrella group of the EU’s data protection authorities, has issued new Guidelines 01/2024 of October 9, 2024 on the processing of personal data based on the legitimate interest...more

Hogan Lovells

Dutch DPA’s fine decision suspended by Dutch court amidst “(commercial) legitimate interest-controversy”

Hogan Lovells on

Once again, a Dutch district court has recalled a decision of the Dutch Data Protection Authority (Dutch DPA) for its too strict interpretation that purely commercial interests cannot be legitimate interests under Article...more

Morgan Lewis

German Data Protection Authorities on Asset Deals: Restrictions on Data Transfers Under GDPR

Morgan Lewis on

The German Data Protection Conference (DSK) on September 11, 2024 published guidance on asset deals (the Guidelines) that distinguishes between various stages of a sale process and the relevant personal data that can be...more

Hogan Lovells

What is quantum computing and what’s all the fuss about it?

Hogan Lovells on

Why is there so much hype around quantum computing? What are the main threats that this technology will bring? And what opportunities can be harnessed from it? In this article, we share our key takeaways from our recent...more

Ius Laboris

New guidelines for retention of emails

Ius Laboris on

The Italian Data Protection Authority has adopted an updated version of a guideline document on email retention that it originally issued in December 2023, but which had been suspended....more

Jones Day

Vital Signs: Digital Health Law Update | Spring 2024

Jones Day on

Welcome to Vital Signs, a curated compilation of the latest legal and regulatory developments in digital health. Our lead article reports on recent developments in the U.S. Food and Drug Administration's ("FDA") regulatory...more

A&O Shearman

UK - When is a data protection claim not a data protection claim?

A&O Shearman on

In a recent case, Pacini & Anor v Dow Jones & Company Inc., the publisher of the Wall Street Journal unsuccessfully applied to strike out a data protection claim concerning two historic articles....more

Osano

Will the U.S. Have a GDPR? With Rachael Ormiston of Osano

Osano on

In this episode of The Privacy Insider Podcast, host Arlo Gilbert is joined by Rachael Ormiston, Head of Privacy at Osano, to dive into the complex world of U.S. privacy regulations. How does the U.S. view privacy differently...more

Mayer Brown

Changes to the UK GDPR Shelved (For Now)

Mayer Brown on

With the announcement of UK General Election for Thursday 4 July 2024, the Data Protection and Digital Information Bill has not completed the legislative process before the end of the current parliamentary session and will...more

Hogan Lovells

Dutch DPA issues guidelines on data scraping

Hogan Lovells on

On 1 May 2024, the Dutch Data Protection Authority (DPA) issued guidelines on data scraping used by private organisations in relation to GDPR principles including ‘lawfulness’. The guidelines could affect the way GenAI...more

Orrick, Herrington & Sutcliffe LLP

CJEU Issues Landmark Adtech Decision on Personal Data and Joint Control with Broad Implications: What You Need to Know and Do

Orrick, Herrington & Sutcliffe LLP on

The Court of Justice of the European Union (CJEU) has made a landmark decision (7 March 2024, C-604/22) on the intricacies of adtech, personal data, and joint control against the background of the General Data Protection...more

Parker Poe Adams & Bernstein LLP

Feds Focus on Data Privacy and Cybersecurity in Latest Legislative and Rule Proposals

Parker Poe Adams & Bernstein LLP on

By now, companies that collect, process, and store the personal data of consumers are used to a fast pace of state privacy and cybersecurity legal activity. This year, companies should also expect increased activity from...more

Hogan Lovells

Bilan de l’activité contentieuse de la CNIL en 2023 : un rétroviseur pour lire l’avenir

Hogan Lovells on

Il n’y a pas de question plus difficile en matière contentieuse que celle de l’anticipation des risques de faire l’objet d’un contrôle ou d’une sanction. C’est la raison pour laquelle il est utile de se nourrir des évolutions...more

Osano

What Is a DPIA (Data Protection Impact Assessment)?

Osano on

Even though it may not seem like it, the purpose of laws like the EU GDPR (General Data Protection Regulation) isn’t just for the EU to gain additional revenue through fines and penalties. They exist to protect individuals’...more

Hogan Lovells

Spanish DPA´s guidelines for humanizing automated decisions

Hogan Lovells on

The Spanish Data Protection Agency ("Spanish DPA") has recently published on its blog guidance on the assessment of human intervention in automated decisions. Evaluating the degree of human intervention has become a critical...more

Mayer Brown

EDPB Provides Guidance On Determining A 'Main Establishment' And The 'One-Stop-Shop' Mechanism

Mayer Brown on

The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more

Hogan Lovells

GDPR fines: German court specifies requirements for fine notices in light of ECJ case-law

Hogan Lovells on

Following the European Court of Justice’s (“ECJ”) landmark judgement of 5 December 2023 (case no. C-807/21), the Higher Regional Court of Berlin specified the requirements for GDPR fine notices issued by data protection...more

Robinson+Cole Data Privacy + Security Insider

Italian Data Protection Authority Alleges Breaches of GDPR by ChatGPT Platform

Robinson+Cole Data Privacy + Security Insider on

On January 29, 2024, the Italian Data Protection Authority (Garante) notified OpenAI of breaches of data protection laws involving its ChatGPT platform....more

738 Results
 / 
View per page
Page: of 30
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide