Archives: International Privacy Laws

Subscribe to International Privacy Laws RSS Feed

UK Information Commissioner’s Office Issues Guidance on Use of Encryption and Passwords in Connection with GDPR

The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures. This month, the United Kingdom’s Information Commissioner’s Office (ICO) issued new guidance focused on two specific measures the ICO recommends that companies consider in complying with the GDPR security requirements: … Continue Reading

French Data Protection Authority Issues Guidance on Interaction of Blockchain Technology with GDPR

Last month, the French data protection authority (the CNIL) issued initial guidance addressing issues that applications utilizing blockchain technology should consider in order to comply with the European General Data Protection Regulation (GDPR). As recognized by the CNIL, there are certain natural conflicts between GDPR and blockchain technology. A critical feature of the blockchain is … Continue Reading

Apple CEO Calls for Comprehensive US Privacy Laws

Tim Cook, Apple CEO, recently delivered the keynote address for a privacy conference, attended by policy experts and European Union (EU) lawmakers in Brussels, Belgium, where he advocated for new data privacy laws in the United States, similar to the EU’s General Data Protection Regulation (GDPR). Cook said that modern technology has led to the … Continue Reading

Facebook Acknowledges Breach of Sensitive Data for Nearly 30 Million Users

As we previously noted, Facebook originally announced a breach late last month, in which hackers took advantage of a code vulnerability in the website’s “View As” feature, to access user’s data. However, on October 12, 2018, Facebook stepped back the number of affected accounts from 50 to roughly 30 million, and it acknowledged that hackers … Continue Reading

GDPR Awareness Is On The Rise as Complaints Increase

The United Kingdom data privacy watchdog reports that the number of complaints received since the EU’s General Data Protection Regulation (GDPR) took effect three months ago has almost doubled.  Under GDPR, anyone who believes their personal data has been misused can file a complaint with the Information Commissioner’s Office, or ICO. Legal Experts say GDPR … Continue Reading

EU-US Transatlantic Data Flows Subject to Further Legal Challenge

Last week, the High Court of Ireland submitted eleven questions to the Court of Justice for the European Union (CJEU) to consider about the personal data transfer regime between the European Union (EU) and the United States. This referral stems from a new claim by Max Schrems, an Austrian lawyer and privacy activist. Schrems previously … Continue Reading

Congress Enacts CLOUD Act within Omnibus Spending Bill to Address Overseas Storage of Electronic Data, Potentially Mooting Supreme Court’s Pending Microsoft Case

On March 23, 2018, the President signed into law the Consolidated Appropriations Act of 2018 (H.R. 1625), an omnibus spending bill that includes the Clarifying Lawful Overseas Use of Data Act (the CLOUD Act). Among other provisions, the CLOUD Act amends the Stored Communications Act of 1986 (18 U.S.C. §§ 2701-2712, hereinafter the SCA) by … Continue Reading

European Commission Releases GDPR Guidance

All privacy professionals, whether in the EU or the U.S., need to have an understanding of the implications of General Data Privacy Regulation (GDPR) compliance, particularly since the fines and penalties that could be imposed for non-compliance are intimidating. GDPR goes into effect on May 25, 2018, and many companies are struggling to become compliant … Continue Reading

General Data Protection Regulation (GDPR) Series, Part #3: GDPR Consent and Fair Processing

The General Data Protection Regulation (GDPR) (EU) 2016/679 of 27 April 2016 which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union. Over the next several months, several European Union law firms we work very closely with will join us in … Continue Reading

5 Focus Areas in Preparation for GDPR Compliance

In less than 300 days, the European General Data Protection Regulation (GDPR) will go into effect and forever change the privacy landscape. Leading industry organization, Gartner, Inc., predicts that more than 50 percent of companies affected by the GDPR will not be fully compliant. Of course, the affected companies will include both European and non-European … Continue Reading

EU-Japan’s Major Trade Pact Includes Agreement to Review Restrictions on Personal Data Flows Between The European Union and Japan

Japan and the European Union announced an agreement in principle on major components of a substantial free trade deal on the eve of the recent G20 summit in Hamburg. This free trade deal rivals NAFTA in scope and impact, as it will impact 40 percent of the world’s trade. Once finalized, this free trade pact … Continue Reading

General Data Protection Regulation (GDPR) Series Part #2: The Importance of Self-Assessment

The General Data Protection Regulation (GDPR) (EU) 2016/679 of 27 April 2016 which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union. Over the next twelve (12) months, several European Union law firms we work very closely with will join us … Continue Reading

Repeal of FCC Privacy Rules Sparks Concern in U.S. and Europe

The Federal Communications Commission (FCC) privacy rules required providers such as Comcast Corp. and AT&T Inc. to get subscribers’ permission before collecting and sharing their personal data. On April 4, 2017, President Donald Trump signed a congressional resolution rescinding those rules and sparking major concern both in the U.S. and Europe. Indeed, according to a … Continue Reading

General Data Protection Regulation (GPDR) Series Part #1: Introduction and Overview

The General Data Protection Regulation (GPDR) (EU) 2016/679 of April 27, 2016, which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union. Over the next twelve (12) months, several European Union law firms we work very closely with will join us … Continue Reading

GDPR Effective Date and Geographical Scope of Application

The GDPR will apply as of May 25, 2018. It provides a single set of very innovative rules directly applicable in the entire European Union (EU), without the need for national implementing measures—which means that any personal data processing ongoing at this date shall be in compliance with the GDPR. This leaves one year for … Continue Reading

Update on the Privacy Shield

Last July, the United States and the European Union agreed on a new framework to allow for the transfer of Europeans’ personal data to the United States. This new framework, known as Privacy Shield, replaced the Safe Harbor Principles which the European Court of Justice struck down over concerns about the U.S.’s government’s online data … Continue Reading
LexBlog