Tag Archives: eu

French Data Protection Authority Issues Guidance on Interaction of Blockchain Technology with GDPR

Last month, the French data protection authority (the CNIL) issued initial guidance addressing issues that applications utilizing blockchain technology should consider in order to comply with the European General Data Protection Regulation (GDPR). As recognized by the CNIL, there are certain natural conflicts between GDPR and blockchain technology. A critical feature of the blockchain is … Continue Reading

Apple CEO Calls for Comprehensive US Privacy Laws

Tim Cook, Apple CEO, recently delivered the keynote address for a privacy conference, attended by policy experts and European Union (EU) lawmakers in Brussels, Belgium, where he advocated for new data privacy laws in the United States, similar to the EU’s General Data Protection Regulation (GDPR). Cook said that modern technology has led to the … Continue Reading

California Enacts “GDPR-Esque” Privacy Law

On June 28, 2018, the California State Legislature passed, and Governor Jerry Brown signed, the California Consumer Privacy Act of 2018, bringing to the United States many of the rights and compliance obligations currently being applied by the European Union through its General Data Protection Regulation (GDPR). Effective January 1, 2020, the Act gives California … Continue Reading

EU-US Transatlantic Data Flows Subject to Further Legal Challenge

Last week, the High Court of Ireland submitted eleven questions to the Court of Justice for the European Union (CJEU) to consider about the personal data transfer regime between the European Union (EU) and the United States. This referral stems from a new claim by Max Schrems, an Austrian lawyer and privacy activist. Schrems previously … Continue Reading

European Commission Releases GDPR Guidance

All privacy professionals, whether in the EU or the U.S., need to have an understanding of the implications of General Data Privacy Regulation (GDPR) compliance, particularly since the fines and penalties that could be imposed for non-compliance are intimidating. GDPR goes into effect on May 25, 2018, and many companies are struggling to become compliant … Continue Reading

Big Data and Antitrust: Rethinking Competition Law in the Data Economy

As we approach calendar year end, traditionally the busiest period of the year for mergers and acquisitions, it is worth revisiting whether our existing competition law framework can and does properly assess the market power of big data. This spring, The Economist magazine joined the ranks of some antitrust regulators, particularly from the EU, in … Continue Reading

5 Focus Areas in Preparation for GDPR Compliance

In less than 300 days, the European General Data Protection Regulation (GDPR) will go into effect and forever change the privacy landscape. Leading industry organization, Gartner, Inc., predicts that more than 50 percent of companies affected by the GDPR will not be fully compliant. Of course, the affected companies will include both European and non-European … Continue Reading

General Data Protection Regulation (GDPR) Series Part #2: The Importance of Self-Assessment

The General Data Protection Regulation (GDPR) (EU) 2016/679 of 27 April 2016 which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union. Over the next twelve (12) months, several European Union law firms we work very closely with will join us … Continue Reading

Repeal of FCC Privacy Rules Sparks Concern in U.S. and Europe

The Federal Communications Commission (FCC) privacy rules required providers such as Comcast Corp. and AT&T Inc. to get subscribers’ permission before collecting and sharing their personal data. On April 4, 2017, President Donald Trump signed a congressional resolution rescinding those rules and sparking major concern both in the U.S. and Europe. Indeed, according to a … Continue Reading

General Data Protection Regulation (GPDR) Series Part #1: Introduction and Overview

The General Data Protection Regulation (GPDR) (EU) 2016/679 of April 27, 2016, which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union. Over the next twelve (12) months, several European Union law firms we work very closely with will join us … Continue Reading

GDPR Effective Date and Geographical Scope of Application

The GDPR will apply as of May 25, 2018. It provides a single set of very innovative rules directly applicable in the entire European Union (EU), without the need for national implementing measures—which means that any personal data processing ongoing at this date shall be in compliance with the GDPR. This leaves one year for … Continue Reading

Global Privacy and Data Security in 2016 and 2017

In 2016, new privacy, cybersecurity and/or data security legislation passed or became effective in a number of countries, some adopting data security measures for the first time. Several countries adopted cybersecurity focused measures with criminal penalties, hoping to more effectively combat cyber-attacks. Other countries implemented or strengthened regulations on the collection and handling of their … Continue Reading

Update on the Privacy Shield

Last July, the United States and the European Union agreed on a new framework to allow for the transfer of Europeans’ personal data to the United States. This new framework, known as Privacy Shield, replaced the Safe Harbor Principles which the European Court of Justice struck down over concerns about the U.S.’s government’s online data … Continue Reading

Transatlantic Data Transfer: An Update

The EU-US Privacy Shield, designed to protect EU citizens’ personal data when it is transferred to US organisations, has now been in place for a couple of months. How is it shaping up? How we arrived at the Privacy Shield… Under current EU data protection laws, as well as under the forthcoming General Data Protection Regulation … Continue Reading

EU-US Privacy Shield for transatlantic data transfers finalized

This article co-authored with guest blogger Peter Wainman, a partner with Mills & Reeve LLP Transfers of personal data from most European countries to the U.S. have been exposed to legal attack since October 2015, when privacy campaigner Max Schrems successfully sued the Irish authorities over data transfers made by Facebook Ireland.  The main objection with … Continue Reading

Bitstamp obtains first payment institution license in the world

Bitstamp, the third largest Bitcoin exchange in the world and located in Luxembourg, announced on April 25, 2016, that it has obtained a payment institution license from Luxembourg, which means it is the first nationally licensed Bitcoin exchange in the world. The license was obtained through the European Union’s passport program, which gives reciprocity for … Continue Reading

EU Safe Harbor Program declared invalid by EU’s highest court

The European Court of Justice, (the EU’s highest court), ruled on Tuesday, October 6th that the safe harbor pact between the EU and the U.S. should be declared invalid because it fails to provide adequate protection for EU citizens’ data. The ruling follows Advocate General Yves Bot’s opinion (covered here) two weeks ago that the … Continue Reading
LexBlog