JD Supra European Union › Fox Rothschild LLP

• JD Supra European Union

In a detailed report titled "Ethics of Connected and Automated Vehicles," the European Commission sets out key data protection recommendations Definition: Connected and Automated Vehicles (CAVs) are vehicles that are both connected and automated and display one of the five levels of automation according to SAE International’s standard J3016, combined with the capacity to...

• JD Supra European Union

“Convention 108+ (Convention 108 as amended by the protocol) is set to become the international standard on privacy and data protection in the digital age, and represents a viable tool to facilitate international data transfers while guaranteeing an appropriate level of protection for people globally,” say Alessandra Pierucci, Chair of the Committee of Convention 108 and Jean-Philippe Walter,...

• JD Supra European Union

“Convention 108+ (Convention 108 as amended by the protocol) is set to become the international standard on privacy and data protection in the digital age, and represents a viable tool to facilitate international data transfers while guaranteeing an appropriate level of protection for people globally,” say Alessandra Pierucci, Chair of the Committee of Convention 108 and Jean-Philippe Walter,...

• JD Supra European Union

On the heels of the Court of Justice of the European Union’s decision in Schrems II, Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) has determined that the U.S.-Swiss Privacy Shield does not meet the “requirements of adequate data protection as defined by the FADP (Swiss Federal Act on Data Protection).” It issued a policy paper offering advice on transferring data to

• JD Supra European Union

New Zealand’s Data Protection Authority has offered its take on the Schrems II ruling that invalidated EU-U.S. Privacy Shield. “The Schrems litigation has again sent international shock waves in striking down a key EU/U.S. arrangement designed to facilitate data flows known as the Privacy Shield.”...

• JD Supra European Union

According to Italian Data Protection Authority Garante Per La Protezione Dei Dati Personale, The COVID-19 emergency does not automatically, and in itself, represent a sufficient legal basis for particularly invasive data processing, such as data processing aimed at allowing contact tracing by any public or private owner...

• JD Supra European Union

The European Court of Justice’s ruling in Schrems II, invalidating the EU-U.S. Privacy Shield framework as a means of transmitting personal data from the EU to the U.S., has drawn swift reaction from data protection authorities and other entities across Europe. Here are a few of the responses:...

• JD Supra European Union

The Court of Justice of the European Union (CJEU), in its decision in the Schrems II case, has invalidated the EU-U.S. Privacy Shield method for cross-border transfer of personal data from the European Union to the United States, citing surveillance practices by U.S. public authorities and inadequate legal recourse to EU individuals...

• JD Supra European Union

The European Data Protection Board has issued a statement on the adoption by the Hungarian government of derogations from certain data protection and access to information provisions of the European Union's General Data Protection Regulation...

• JD Supra European Union

Italy’s data protection agency, Italian Garante, has offered its opinion on a regulatory proposal for the creation of a COVID-19 tracing app. The proposed contact tracing system does not appear to conflict with the principles of personal data protection in that it:...

• JD Supra European Union

Coronavirus and Data Protection guidance from the Catalan Data Protection Authority: •Under Articles 6.1.(e) and 9.2.(i) GDPR, health authorities may share health data when this is needed for reasons of public interest in the field of public health, such as protection against serious trans-boundary health threats, or to guarantee high levels of quality and safety of healthcare and of...

• JD Supra European Union

The European Data Protection Board has published draft guidelines for public comment on the data protection aspects of connected vehicles. Key takeaways: The Relevant Players- Non exhaustive list of stakeholders: vehicle manufacturers, equipment manufacturers and automotive suppliers, car repairers, automobile dealerships, vehicle service providers, rental and car sharing companies, fleet...

• JD Supra European Union

Speak to me in algorithms. The European Data Protection Board (EDPB) has issued a letter on the appropriateness of the GDPR as a legal framework to protect citizens from unfair algorithms.

• JD Supra European Union

“Perhaps the more urgent need is to share ideas, instead of rushing to share people’s data,” writes European Data Protection Supervisor Wojciech Wiewiórowski. “More than ever, there is a need to illuminate new paths for rewarding more sustainable business models that do not rely on the ubiquitous and constant tracking of human behaviour and relationships, a practice which has already...

• JD Supra European Union

The International Association of Privacy Professionals is holding its 2019 Europe Data Protection Conference in Brussels. Partner Odia Kagan, who is in attendance, shares some takeaways from day two of the event.

• JD Supra European Union

The International Association of Privacy Professionals is holding its 2019 Europe Data Protection Conference in Brussels. Partner Odia Kagan, who is in attendance, shares some takeaways from day one of the event.

• JD Supra European Union

The European Data Protection Supervisor (EDPS) has issued guidance on the concepts of data controller and processor for European Union organizations. Though it covers EU institutions, the guidance contains many concepts that are applicable and instructive for other entities subject to the General Data Protection Regulation (GDPR).

• JD Supra European Union

The Information Commissioner of the Isle of Man has issued guidance on “accountability” under GDPR. Key takeaways: You need to develop, embed and maintain a culture of data protection in your processing activities, with compliance demonstrably supported from the top.

• JD Supra European Union

The European Commission expects the U.S. Department of Commerce (DoC) to request from companies evidence of the privacy provisions of the relevant contracts with third parties to assess compliance with the onward transfer principle.

• JD Supra European Union

Privacy Shield lives to shield another year (Part 1). The European Commission has published its third annual report on Privacy Shield.

• JD Supra European Union

The UK’s Information Commissioner’s Office shares its thoughts on the complexity of producing or deleting data used to train machine learning algorithms in data subject requests under GDPR.

• JD Supra European Union

The European Data Protection Board (EDPB) has issued final guidelines on the General Data Protection Resolution's (GDPR) legal basis of "Necessary for the Performance of a Contract" (Article 6(1)(b).

• JD Supra European Union

The Liechtenstein data protection authority has issued guidance on joint controllership under GDPR: Examples of joint controllers: 1.If two companies jointly organize a competition in which the name and address are collected by the participants for the subsequent delivery of the prizes.

• JD Supra European Union

Do I have to disclose documents with confidential internal correspondence, and comments from my staff as part of a GDPR data subject access request? The Court of The Hague says “Yes, you do.”

• JD Supra European Union

Shortly after the recent video surveillance guidance from the EDPB, the Information Commissioner of the Isle of Man published an updated CCTV data protection guidance. Key takeaways for controllers: General Considerations and Governance: CCTV images identify living individuals and are, therefore, personal data. This means that the use of CCTV will be covered by data...

• JD Supra European Union

Tardiness with transposing data protection laws comes with a hefty fine. The European Commission is asking the Court of Justice of the European Union to impose financial sanctions on Greece and Spain for failing to transpose the rules on the Data Protection Law Enforcement Directive before the May 6, 2018, deadline, according to a news release.

• JD Supra European Union

A Facebook “like” is actually more like “in a [Joint Controller] relationship” status, says the Court of Justice of the EU in a long awaited decision in the Fashion ID matter. At issue: The legal framework surrounding embedding a Facebook “Like” button on your website.

• JD Supra European Union

“Currently, unless a US CLOUD Act warrant is recognized or made enforceable on the basis of an international agreement, the lawfulness of such transfers of personal data cannot be ascertained” – EDPB/EDPS Joint response on impact of US CLOUD Act.

• JD Supra European Union

The European Data Protection Board (EDPB) publishes it’s first annual report and reveals a road map for guidance to come. In 2019 and 2020, the EDPB aims to focus on data subjects’ rights, the concept of the controller and processor and legitimate interest.

• JD Supra European Union

The European Data Protection Board has issued guidance on the use of video surveillance. Key takeaways: The monitoring purposes of cameras should be documented in writing.