JD Supra European Union › Davis Wright Tremaine LLP

• JD Supra European Union

Earlier this month, the European Data Protection Board (EDPB) issued its long-anticipated draft guidance on supplemental tools to ensure that data transfers out of the European Union (EU) to third countries comply with the GDPR.

• JD Supra European Union

Attempts by U.S. legislators to address the privacy issues raised by the ongoing COVID-19 pandemic have stalled. But for companies seeking to balance the goals of furthering public health and protecting individuals' privacy, the European Union is providing policy guidance that may be exportable.

• JD Supra European Union

The Court of Justice of the European Union (CJEU) issued a long awaited opinion yesterday (July 16, 2020) in Data Protection Commissioner v. Schrems1 finding the EU-U.S. Privacy Shield inadequate for lawfully transferring the personal data of EU residents from the EU to the United States for commercial purposes.

• JD Supra European Union

Proposes Risk-Based Framework for Potential AI Regulations - Less than three months after taking office, European Commission (Commission) President Ursula von der Leyden fulfilled her promise to articulate a framework for regulating Artificial Intelligence (AI).

• JD Supra European Union

Internet-based email services, such as Gmail, are not subject to European telecom regulation, the European Court of Justice has ruled. The decision is a partial setback for EU telecom regulators’ efforts to require OTT services to comply with telecom regulations.

• JD Supra European Union

Telephone calling apps, such as Skype, Viber and Google Hangouts, are subject to European telecom regulation, the European Court of Justice has ruled. Such services may now be required to comply with EU obligations that apply to traditional telephone services, such as registration, privacy, consumer protection and law enforcement access to user communications.

• JD Supra European Union

Santa’s practice of monitoring behavior of children across the globe has been publically disclosed for decades, but the recent implementation of the EU General Data Protection Regulation (GDPR) and enactment of the California Consumer Privacy Act (CCPA) raise new questions about the lawfulness of Santa’s activities and rights of children when it comes to collection of data about their activities,

• JD Supra European Union

New “e-Evidence Regulation” Gives Direct Police Access to Data Across EU Borders and Abroad - The European Union will require tech companies to provide data to European investigators stored in another EU country or even outside the EU under a new e-Evidence Regulation proposed by the European Commission on April 17.

• JD Supra European Union

Next year will be full of growing pains as both the public and private sector interpret, implement, and refine their efforts to comply with the GDPR. Large, multinational companies with a presence in the EU (and who are at the greatest risk of EU enforcement actions) will put pressure on their vendors across the globe to adopt practices compliant with the GDPR.

• JD Supra European Union

Although the EU General Data Protection Regulation comes into force in May 2018, European regulators are still producing guidance and member states are still adopting legislation to accommodate national differences. Put simply, it is unclear how to prepare for the GDPR in relation to some issues.

• JD Supra European Union

Ample bandwidth has been eaten by panicky commentary over the fines possible under the EU’s upcoming General Data Protection Regulation (GDPR). Sure, the GDPR arms EU data protection authorities with a hefty compliance stick.

• JD Supra European Union

The digital marketing industry is powered by information about individuals (“personal data”) that pulses through a supply web. As this FTC infographic shows, some industries such as retail, energy, financial services, and health care, have direct relationships with those individuals. Other industries, such as data marketing, generally are at least one step removed. In fact, the most...

• JD Supra European Union

Beginning August 1, U.S.-based companies that self-certify their compliance with the EU-U.S. Privacy Shield will be able to import data under the new data transfer framework. But how can your company best prepare? Companies in the United States may be excited that the EU-U.S. Privacy Shield – the new trans-Atlantic data transfer compact approved by the European Commission on...

• JD Supra European Union

The push for the European Union and the United States to reopen negotiations over the EU-U.S. Privacy Shield may have just become a shove, due to a recent opinion released by the European Data Protection Supervisor (EDPS) assessing the data protections offered and recommending a series of substantial changes to the new data transfer framework. On May 30, the EDPS released...

• JD Supra European Union

On May 26, 2016, the European Parliament passed a resolution (2016/2727 (RSP)) calling on the European Commission (EC) to reopen negotiations with the United States to improve perceived “deficiencies” in the EU-U.S. Privacy Shield, the successor trans-Atlantic data transfer arrangement drafted by the U.S. and the EU after the Court of Justice of the European Union (CJEU) invalidated the U.S.-EU...

• JD Supra European Union

On May 4, 2016, the final version of the European Union’s General Data Protection Regulation (“GDPR”) was published in the Official Journal of the EU. The GDPR, which will replace the EU’s current Data Protection Directive, will enter into force on May 25, 2016; however, enforcement of the GDPR will not begin until May 25, 2018, giving businesses and other entities subject to EU privacy and data...

• JD Supra European Union

As has been widely reported, the U.S.-EU Safe Harbor – probably the most commonly used method for transferring personal data to the United States – has been invalidated by an EU court. The court’s decision has wide-ranging implications for data protection compliance for U.S. businesses and other organizations with activities in Europe.

• JD Supra European Union

A European court has taken an initial step toward invalidating the U.S.-EU Safe Harbor Framework, one of the primary means for transferring personal data of Europeans to the U.S. It adds more pressure on EU authorities and the U.S. government to update privacy protections under the Safe Harbor program.

• JD Supra European Union

The Fourth European Union Anti-Money Laundering Directive (Fourth AML Directive), approved by the European Parliament on May 20, 2015, went into effect on June 25, 2015, repealing the 2005 Third AML Directive. Given the evolving nature of the money laundering and terrorist financing typologies, as well as the decade-old Third AML Directive in place, the Fourth AML Directive was not an unexpected...

• JD Supra European Union

Three developments in the last two months suggest websites face greater liability for content authored by third parties in the European Union—including reader comments, posts on message boards and social networks, and search engine results.

• JD Supra European Union

FTC proposes twenty-year compliance program for two companies that have settled charges that they misrepresented that they are currently compliant with the US-EU Safe Harbor Framework. Does your company rely on the US-EU Safe Harbor Framework in order to transfer personal consumer data about EU residents outside of Europe?

• JD Supra European Union

Within the span of two days, both the Federal Trade Commission (FTC) and the U.S. Department of Justice announced initiatives meant to assuage the European Union’s concerns over trans-Atlantic data flows and to secure Europe’s future commitment to the U.S.-EU Safe Harbor initiative.

• JD Supra European Union

In a significant and concerning decision, the European Court of Justice (“ECJ”) has endorsed the so-called “right to be forgotten” and ruled that, in some circumstances, search engines can be compelled to remove search result links to websites, news articles, court records and other documents that reveal truthful information about individuals — even when the information is not prejudicial and has

• JD Supra European Union

The Court of Justice of the European Union, the highest court in the EU, declared the EU’s 2006 Data Retention Directive invalid in a judgment issued on April 8, 2014. The directive, which has been implemented via national legislation by most EU member states, requires telecommunications and Internet providers to collect and retain traffic and location data regarding users’ calls and Internet...

• JD Supra European Union

The European Parliament has finalized its version of the proposed Data Protection Regulation, which would substantially change personal data protection rules in the 31-country European Economic Area. The Parliament’s LIBE committee voted October 21 on a final package of amendments to the European Commission’s draft regulation in January 2012. After formal approval by the full Parliament,...

• JD Supra European Union

Over the last few weeks, two big stories have made headlines in the food industry. Beginning in early February, news media across Europe began reporting that food products tested in several European countries contained horsemeat, purportedly marketed as beef. The reports also indicated that it was highly likely that consumers had eaten this mislabeled, and in some cases tainted, product. A few...

• JD Supra European Union

On 23 November 2012 the Governing Council of the European Central Bank (ECB) approved the “Oversight expectations for links between retail payment systems”, which lay down Eurosystem oversight requirements with regard to links established by retail payment systems operating in the euro area.

• JD Supra European Union

The European Payments Council, a decision making body of the European banking industry, released a mobile payments white paper in October 2012. The white paper presents an overview on mobile payments for Single Euro Payments Area (SEPA) payment instruments, including detailed analysis of both mobile contactless and remote payments.

• JD Supra European Union

New pop-up windows about online cookies are now greeting visitors to popular UK-based websites. The changes are part of the steps being taken to comply with the new European rules that require consent to the setting of cookies.

• JD Supra European Union

On Jan. 25, 2012, the European Commission released the final version of its proposed revisions to the European Union’s data protection framework. The package of changes represents a comprehensive reform of the EU’s 1995 data protection rules. Significant changes include: • A “right to be forgotten,” which would give individuals a right to demand that user