Proskauer - Privacy & Cybersecurity (JD Supra European Union)

33 results for Proskauer - Privacy & Cybersecurity (JD Supra European Union)

  • Preparing for the Final Version of the New EU Standard Contractual Clauses for International Data Transfers

    It has been reported that European Commission will publish the final versions of new forms of Standard Contractual Clauses (“SCCs”) shortly (even potentially within the next few days). The Commission published draft versions of these SCCs and the implementing Commission Decisions in December 2020. These new SCCs are, arguably, the most significant development in European data protection law since

  • GDPR: FAQ for Non-EU Fund Managers

    The General Data Protection Regulation (the “GDPR”) comes into force automatically in each of the European Union Member States (“EU”) on 25 May 2018. Data protection regulation is not new, with the GDPR building on what is currently in place across the EU. The GDPR, however, seeks to align and bolster the data protection regime across the EU. This FAQ sets out some of the key questions that...

  • GDPR FAQ’s for Fund Managers

    The General Data Protection Regulation (the “GDPR”) comes into force automatically in each of the European Union Member States (“EU”) on 25 May 2018. Data protection regulation is not new, with the GDPR building on what is currently in place across the EU. The GDPR, however, seeks to align and bolster the data protection regime across the EU. This FAQ sets out some of the key questions that EU

  • What Employers Need to Know about Europe’s General Data Protection Regulation

    On April 14, 2016, the European Parliament approved the General Data Protection Regulation (“GDPR” or the “Regulation”), a new regulation that will replace the European Union’s (“EU”) current data privacy standard. As a regulation, the GDPR will impose a more uniform data protection regime across the Member States and makes more clear the extent of its jurisdictional reach than did its...

  • GDPR Compliance Update: Which Government Authorities Have Issued Official GDPR Guidance?

    This post provides an update as to the current status of official GDPR-related guidance. With a little under a year remaining until the European Union’s General Data Protection Regulation (GDPR) becomes enforceable, companies are on the lookout for any interpretive guidance from EU or member state authorities that will help them focus their compliance efforts....

  • Draft Privacy and Electronic Communications Regulation published by European Commission

    The European Commission has released proposals for new legislation that seeks to create stronger privacy in electronic communications. The draft Privacy and Electronic Communications Regulation (the “Regulation”) is intended to replace the ePrivacy Directive (2002/58/EC) and will also bring the law in line with the new rules as set out in the General Data Protection Regulation (the “GDPR”) as...

  • EU Court Rules that Dynamic IP Addresses are Personal Data…Sometimes

    On October 19, the Court of Justice of the European Union (CJEU) ruled that dynamic IP addresses may qualify as “personal data” under EU privacy law. As we covered here on the blog a few months ago, this decision is significant because it clarifies that companies that collect, store, process, and/or transfer dynamic IP addresses belonging to EU users may have to treat them in accordance with the...

  • An Overview of the New General Data Protection Regulation

    The European Parliament has approved the reformed General Data Protection Regulation (the “GDPR”). Given this is a Regulation (rather than a Directive), this legislation will apply automatically in every Member State (without need for additional domestic legislation) when it comes into force on May 25 2018.

  • Privacy Shield Adopted, But Uncertainty Remains

    On July 12, 2016, the European Commission adopted the EU-US Privacy Shield, a framework designed to replace the invalidated Safe Harbor program. In theory, the Privacy Shield offers its adherents a relatively simple, straightforward way to legally transfer personal data from the EU to the US. In reality, however, the Privacy Shield is likely to face legal challenges that may hinder its ability...

  • Are Dynamic IP Addresses Personal Data? A Primer

    Last month, one of the Advocate Generals (“AG”) of the Court of Justice of the European Union (“CJEU”), Manuel Campos Sánchez-Bordona, issued an opinion suggesting that dynamic IP addresses should be recognized as “personal data” under EU law. If the CJEU adopts this reasoning, it would represent a landmark decision that would resolve a contentious issue that has been plaguing EU data protection...

  • Article 29 Working Party has “Strong Concerns” About Privacy Shield

    On April 13, 2016, the EU’s Article 29 Working Party issued its much-anticipated statement on the viability of the proposed EU-US Privacy Shield. As we’ve detailed previously, EU and US officials reached agreement on the Privacy Shield arrangement, which was meant to serve as a replacement for the invalidated Safe Harbor program, back in February, and released details of the Privacy Shield scheme

  • A Primer on the GDPR: What You Need to Know

    Now that it’s been approved by the EU Parliament’s Civil Liberties Committee, Europe’s General Data Protection Regulation (the “GDPR” or the “Regulation”) is well on its way to replacing the 20-year-old Data Protection Directive (the “Directive”) as the EU’s omnibus data protection law. Although it won’t officially become law until it receives the approval of the EU Parliament, now is the time...

  • The European Commission Issues Guidance on Alternative Cross-Border Data Transfer Tools

    On November 6, 2015, one month after the European Court of Justice decision that invalidated the Safe Harbor framework, the European Commission (the “Commission”) issued a Communication setting forth its position on alternative tools for the lawful transfer of personal data from the EU to the United States. The Commission also stated its objective to conclude negotiations with the U.S....

  • Article 29 Working Party Issues Statement Following Landmark CJEU Safe Harbor Ruling

    Since the Article 29 Working Party on the Protection of Individuals (“WP29”) announced last week that it would it shortly issue a statement on the landmark CJEU ruling invalidating the Safe Harbor Decision (Schrems v. Data Protection Commissioner (C-362- 14)), we have been awaiting their guidance. Today, the WP29 issued an important statement offering some clarity to companies that, amid the...

  • US-EU Safe Harbor Invalidated: What Now?

    On October 6, 2015, the European Court of Justice (CJEU) invalidated the US-EU Safe Harbor framework, effective immediately. This momentous decision jeopardizes the continued flow of data from Europe to the US. As the Safe Harbor framework has been in place for 15 years and counts more than 4500 companies among its participants, today’s ruling is poised to have a major impact on US-EU trade,...

  • Uncertainty for the U.S.-EU Safe Harbor Intensified by Non-Binding Recommendation for EU High Court Advisor

    In a non-binding opinion issued on September 23, 2015, an Advocate General for the European Court of Justice (“ECJ”) recommended that the ECJ suspend the U.S.-EU Safe Harbor program (“Safe Harbor”) and reexamine whether the Safe Harbor provides adequate protection for personal data of EU citizens. In light of its non-binding nature, the opinion did not effect any legal change and the ECJ is free

  • In the E.U., Where to Bring Suit When the Subject is Data and the Defendant is a U.S. Company? Hint: It’s About More Than Just Location

    When are U.S. social media companies subject to European data privacy laws? As we reported in 2013, the answer is often contingent on geographic location – where the relevant data is processed. In 2013, for example, a German court ruled that Facebook was not subject to German data protection laws because the relevant data was processed in Ireland, not Germany.

  • EU Data Privacy Updates

    A brief rundown of developments in recent weeks in the area of EU data protection law: - EU Data Protection Regulation - On Monday, June 15, the EU Council (comprised, for purposes of data protection reform, of the justice ministers from each of the EU member states) reached an agreement on a draft data protection regulation, marking an important milestone in the ongoing effort to...

  • European Union Cookie Sweep Highlights Need for Improved Compliance

    On February 3, 2015, European data protection regulators released the Cookie Sweep Combined Analysis Report analyzing how websites use cookies to collect data from European citizens and highlighting noncompliance with Article 5(3) of the EU’s ePrivacy Directive. Among other requirements, this directive mandates that website operators obtain users’ consent for the use of cookies or similar...

  • European DPA’s Give Privacy Recommendations to Stakeholders Regarding the “Internet of Things”

    The Article 29 Working Party, which is composed of representatives of DPA’s from every European country, has recently rendered an opinion on data privacy issues surrounding the development of the “Internet of Things” (IoT), which includes wearable computing, quantified self devices, and domotics. Although such data is generated by “things” or devices, it is considered personal data because it may

  • Toward the enforceability of the “right to be forgotten” in Europe

    The European Court of Justice, in a decision rendered on May 13, 2014, held that search engines are considered data controllers under the Directive of October 24, 1995 on data protection, and as such they must provide data subjects with a “right to be forgotten.”

  • e-IDs: the Future of Secure Digital Identification?

    Over the past decade, the EU has made significant technological and legal strides toward the widespread adoption of electronic identification cards. An electronic ID card, or e-ID, serves as a form of secure identification for online transactions – in other words, it provides sufficient verification of an individual’s identity to allow that person to electronically sign and submit sensitive...

  • Where do we stand on the territorial scope of EU data protection law following the recent European Parliament vote?

    The determination of the territorial scope of the current EU Directive n° 95/46 is still under dispute both before national Courts and the European Court of Justice (ECJ). This issue may soon become moot with the adoption of future data protection regulation, which may modify and expand the territorial scope of EU data privacy law, especially following the results of the recent vote of the...

  • Article 29 Working Party Provides Guidance on Obtaining Valid Cookie Consent in the EU

    This past month, the European Union’s Article 29 Data Protection Working Party (the “Working Party”) issued the Working Document 02/2013 providing new guidance on obtaining consent for cookies (“Working Document”). The Working Document sets forth various mechanisms which can be utilized by websites to obtain consent for the use of cookies in compliance with all EU Member State legal requirements.

  • European Union Parliament Makes Progress on Adopting Proposed EU Data Protection Regulation

    On October 21, a key European parliamentary committee (the Committee on Civil Liberties, Justice and Home Affairs (“Committee”) approved an amended version of the draft EU Data Protection Regulation, paving the way for further negotiations with EU governmental bodies. The goal, according to a press release by the Committee, is to reach compromise on the draft agreement and a vote prior to the May

  • Navigating the Patchwork: When Is European Data Privacy Law Applicable to US Companies?

    Are social media companies based in the United States subject to European data privacy laws? Two recent judicial decisions – one in France and the other in Germany – arrived at different answers. The Civil Court of Paris held that Twitter, based in California, was obligated under the French Code of Civil Procedure to reveal the identity of its users in France who posted racist tweets. In Germany,

  • Six European Data Protection Authorities Will Launch Legal Actions against Google Stemming from its Privacy Policy

    The French, Italian, British, German, Spanish and Dutch Data Protection Authorities announced on April 2, 2013 that each will launch investigations and enforcement actions against Google on the grounds that its privacy policy is not compliant with the European Directive on Data Protection, available at http://eur-lex.europa.eu/en/index.htm, (the “Directive”).

  • European Data Protection Supervisor Weighs in on the Cloud Debate by Issuing an Opinion

    It has been reported that Google will give EU businesses the opportunity to store personal data exclusively on servers in the EU. This appears to have been prompted by compliance difficulties with the current EU data protection Directive when cloud computing service providers store personal data on servers or in data centres based outside the EU.

  • European Data Protection Authorities Publish Guidelines Clarifying Exemptions to Cookie Consent Requirement

    On June 7, 2012, the Article 29 Working Party, an independent advisory body composed of representatives from the national data protection authorities of the EU Member States, the European Data Protection Supervisor and the European Commission, issued Opinion 04/2012 regarding which types of cookies are exempted from the informed user-consent requirement under Directive 2002/58 of the European...

  • The Right To Be Forgotten

    On 25 January 2012, the European Commission published a proposed new data protection framework for the E.U. The new framework, unlike the current one, is to provide a consistent and harmonised set of rules for all 27 E.U. member states. One of the main objectives of the new framework is to better ensure that individuals know what is happening to their personal data. To this end, the European...

  • Request a trial to view additional results

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT