Robinson+Cole Data Privacy + Security Insider (JD Supra European Union)

PAL-V, the first flying car to be allowed on the road in Europe, is now also the first flying car to complete full certification with the European Union Aviation Safety Agency (EASA).

Last week, the High Court of Ireland submitted eleven questions to the Court of Justice for the European Union (CJEU) to consider about the personal data transfer regime between the European Union (EU) and the United States.

All privacy professionals, whether in the EU or the U.S., need to have an understanding of the implications of General Data Privacy Regulation (GDPR) compliance, particularly since the fines and penalties that could be imposed for non-compliance are intimidating. GDPR goes into effect on May 25, 2018, and many companies are struggling to become compliant by the deadline.

This week, the world learned of widespread and serious vulnerabilities in most central processing units (CPU). CPUs manage the instructions received from the hardware and software running on a computer. The vulnerabilities, named Meltdown and Spectre, affect virtually every computer existing today, in particular those with Intel, Advanced Micro Devices, Inc. (AMD), Nvidia and Arm Holdings (ARM)...

In less than 300 days, the European General Data Protection Regulation (GDPR) will go into effect and forever change the privacy landscape. Leading industry organization, Gartner, Inc., predicts that more than 50 percent of companies affected by the GDPR will not be fully compliant. Of course, the affected companies will include both European and non-European companies.

Japan and the European Union announced an agreement in principle on major components of a substantial free trade deal on the eve of the recent G20 summit in Hamburg. This free trade deal rivals NAFTA in scope and impact, as it will impact 40 percent of the world’s trade. Once finalized, this free trade pact is expected to remove tariffs and other trade barriers between the EU and Japan on a...

The Federal Communications Commission (FCC) privacy rules required providers such as Comcast Corp. and AT&T Inc. to get subscribers’ permission before collecting and sharing their personal data. On April 4, 2017, President Donald Trump signed a congressional resolution rescinding those rules and sparking major concern both in the U.S. and Europe.

The General Data Protection Regulation (GPDR) (EU) 2016/679 of April 27, 2016, which comes into force in May 2018, will introduce major changes to the law on the processing of personal data in the European Union.

The GDPR will apply as of May 25, 2018. It provides a single set of very innovative rules directly applicable in the entire European Union (EU), without the need for national implementing measures—which means that any personal data processing ongoing at this date shall be in compliance with the GDPR. This leaves one year for companies to ensure compliance with the GDPR.

The EU-US Privacy Shield, designed to protect EU citizens’ personal data when it is transferred to US organisations, has now been in place for a couple of months. How is it shaping up?

Transfers of personal data from most European countries to the US have been exposed to legal attack since October 2015, when privacy campaigner Max Schrems successfully sued the Irish authorities over data transfers made by Facebook Ireland. The main objection with the Safe Harbor was that transferring EU citizens’ data to the U.S. subjected the data to the U.S. government’s bulk surveillance.

The recognition by the European Union of a “Right to be Forgotten” has caused much controversy, but seemingly progress is being made. The Right, which entitles Europeans to petition data controllers to prevent harmful information about them from appearing in web searches, has been criticized for opening the door to bad-faith claimants to silence legitimate journalism.

In order to better address both the opportunities and risks associated with the innovative use of consumer data by financial institutions, the European Banking Authority (EBA) released a discussion paper last week seeking public comments on the subject.

Bitstamp, the third largest Bitcoin exchange in the world and located in Luxembourg, announced on April 25, 2016, that it has obtained a payment institution license from Luxembourg, which means it is the first nationally licensed Bitcoin exchange in the world.

As we previously reported, this February, United States (U.S.) and European Union (EU) negotiators announced the “U.S.-EU Privacy Shield” as a replacement to the U.S. Safe Harbor. Many U.S. companies relied on the Safe Harbor to transfer data from the EU to the US.

The General Data Protection Regulation (GDPR) was recently approved by the 28 member states of the Council of European Union. By plenary vote, the European Parliament approved GDPR on April 14. The GDPR will take effect two years after publication in the E.U. Official Journal, which is expected to be in May.

The U.S. Department of Commerce and the European Commission announced on Tuesday that they have entered into a new transatlantic safe harbor transfer agreement, which comes two days after the deadline set by EU data protection authorities.

Big changes are underway in the world of data protection within the European Union. At the end of December, the European Commission approved the final version of the General Data Protection Regulation (GDPR).

On December 17, 2015, the European Parliament’s Civil Liberties, Justice and Home Affairs Committee approved the final text of the European Union General Data Protection Regulation, after lengthy negotiation.

The GDPR (General Data Protection Regulation) outlines a series of amendments to the data protection and data privacy requirements applicable to all companies with European customers, regardless of where the company’s headquarters reside.

Last week, the Vienna Higher Regional Court ruled that most of Max Schrems’ claims against Facebook can proceed, including his claim that Facebook improperly allowed his personal information to be shared with the National Security Agency.

Last week, (September 23, 2015), Advocate General Yves Bot (AG), an adviser to Europe’s highest court, issued a nonbinding opinion that the agreement between the EU and the U.S. for data transfers from the EU to the U.S. should be deemed invalid by the European Court of Justice.

While Google did in fact comply with the Court of Justice of the European Union’s (CJEU) May 2014 order, which allowed individuals in Europe to request that a search engine ‘delist’ certain information about them from Internet links that harm their privacy, and did process over 25 million individual requests for information removal from all European versions of Google Search, the company is not...

The European Union (EU) General Data Protection Regulation (GDPR) is one step closer to replacing the EU’s 1995 data privacy directive, known as 95/46/EU. In late June, the Council of Ministers from the EU member states approved a general approach to the GDPR. The European Parliament, the European Council and the European Commission (EC) are now negotiating the GDPR approach and wording, which is