Header graphic for print
Inside Privacy Updates on Developments in Global Privacy & Data Security from Covington & Burling LLP

Category Archives: International

Subscribe to International RSS Feed

European Commission issues guidance on the impact of the Schrems (Safe Harbor) ruling of the EU’s Highest Court

Posted in European Union, International

By Monika Kuschewsky and Vera Coughlan Following the judgment of the Court of Justice of the EU of October 6 in the Schrems case (Case C-362/14) (see our previous blog post here), today, the European Commission issued guidance on transfers of personal data from the EU to the U.S. post Schrems. For the press release see… Continue Reading

Trans-Pacific Partnership Trade Agreement May Authorize Cross-Border Data Flows

Posted in International

The text of the Trans-Pacific Partnership (“TPP”) agreement was released to the public for the first time today.  The TPP has yet to be ratified by the twelve Pacific Rim nations that negotiated the agreement, including the United States, where it has encountered opposition in Congress.  The nations that participated in the negotiations for the… Continue Reading

Schrems (Safe Harbor) Judgment – German Data Protection Authorities Issue Position Paper

Posted in European Union

Today, the German supervisory authorities (“German DPAs”) responsible for data protection at federal and state (Länder) level published a position paper on the EU-U.S. Safe Harbor (available in German – see here).  This 14-point position paper follows a meeting that these authorities held last week.  Key points include: following the Safe Harbor judgment of the… Continue Reading

House Passes Bill Expanding Privacy Rights of EU Citizens in Wake of Schrems Ruling

Posted in Congress, European Union, International, United States

By Hannah Lepow On October 20, the U.S. House of Representatives passed a bill that would expand the privacy rights of citizens of the European Union in the United States. The bill, known as the Judicial Redress Act of 2015, would allow EU citizens and citizens of other allied nations limited rights to file suit… Continue Reading

Article 29 WP On the Schrems Ruling (Safe Harbor) − Latest Developments and Next Steps

Posted in European Union, United States

The Article 29 Data Protection Working Party (“Article 29 WP”), an EU advisory body on data protection composed of representatives of the national data protection authorities (“DPAs”), the European Data Protection Supervisor and the European Commission, met in plenary on Thursday, October 15, to discuss the first consequences of the judgment of the Court of… Continue Reading

Debate in the European Parliament’s LIBE Committee on the Schrems ruling

Posted in European Union, International, Uncategorized

By Monika Kuschewsky, Fredericka Argent and Joseph Jones On October 12, 2015, the European Parliament’s Civil Liberties, Justice and Home Affairs (“LIBE”) Committee held a debate to discuss the aftermath of the ruling of the Court of Justice of the European Union (“CJEU”) ruling in Case C-362/14 Maximillian Schrems v Data Protection Commissioner (see summary… Continue Reading

EU’s Highest Court Invalidates Safe Harbor with Immediate Effect

Posted in European Union, International

Today, the Court of Justice of the European Union (the “CJEU”) invalidated the European Commission’s Decision on the EU-U.S. Safe Harbor arrangement (Commission Decision 2000/520 – see here). The Court responded to pre-judicial questions put forward by the Irish High Court in the so-called Schrems case. More specifically, the High Court had enquired, in particular,… Continue Reading

UK ICO Issues Largest Ever Fine In Connection With Automated Marketing Calls

Posted in Advertising & Marketing, United Kingdom

By Mark Young and Joseph Jones The UK Information Commissioner’s Officer (“ICO”) has issued its largest fine to date in connection with using an automated calling system to make direct marketing calls.  The ICO found that Home Energy & Lifestyle Management Ltd (“HELM”), a green energy company that made millions of automated marketing calls in… Continue Reading

EU Parliament Policy Report Takes Dim View of EU Commission’s “Pro-Market” Policies on Big Data and Smart Devices

Posted in European Union

A European Parliament policy department has released a report, entitled Big Data and Smart Devices and Their Impact on Privacy, that criticizes the lack of focus on privacy and data protection in the European Commission’s “Digital Single Market” policy agenda, noting a “conflicting” intersection between the Commission’s Digital Single Market objectives and the EU’s efforts,… Continue Reading

EU’s Highest Court Rules on Applicable Law and Territorial Powers of the National Data Protection Authorities

Posted in European Union

On October 1st, 2015, the Court of Justice of the EU rendered its judgment in the Weltimmo case (C-230/14).  The case addressed two important aspects of EU data protection law, namely applicable law and the scope of the territorial powers of data protection authorities. The case arose out of a dispute between Weltimmo, a company registered… Continue Reading

EU-U.S. Safe Harbor: Judgment in the Schrems Case Scheduled For October 6

Posted in European Union, United States

The Court of Justice of the European Union (“CJEU”) in Luxembourg will render its judgment in the Schrems case (C-362/14 Maximilian Schrems v Data Protection Commissioner) on October 6, at 9:30 am CET (see here). For details on the case and its potential implications for the U.S.-EU Safe Harbor, see our earlier blog post (here)… Continue Reading

Advocate General Considers EU-U.S. Safe Harbor to be Invalid

Posted in European Union, United States

By Jetty Tielemans, Mark Young and Joseph Jones This morning (September 23, 2015), EU Advocate General (“AG”) Bot issued an Opinion in Case C-362/14 Maximilian Schrems v Data Protection Commissioner (see our earlier post on the hearing here).  The AG Opinion has gone further than expected, covering not just the power of national data protection… Continue Reading

UK Government Launches Cybersecurity Service For Healthcare Organizations

Posted in Cybersecurity, Data Breaches, Data Security, European Union, Health Privacy, United Kingdom

The UK government has announced a new national service providing expert cybersecurity advice to entities within the National Health Service (NHS) and the UK’s broader healthcare system.  The project, called CareCERT (Care Computing Emergency Response Team), is aiming for a full go-live in January 2016. 

Data Localization Requirements Through the Backdoor? Germany’s “Federal Cloud”, and New Criteria For the Use of Cloud Services by the German Federal Administration

Posted in Cloud Computing, Cybersecurity, Data Security, European Union, Sourcing, Technology Transactions

In May 2015, reports about the German government’s plans to establish federal German cloud infrastructure (the “Bundes-Cloud”) raised concerns about the possible introduction of data localization requirements (preventing the storage and processing of data outside Germany).  The criteria for the use of cloud services by Germany’s federal administration, which have recently been published, now give… Continue Reading

What You Need to Know About Germany’s Cybersecurity Law

Posted in Cybersecurity, Data Security, European Union

Whilst the discussions on the proposed Network and Information Security (NIS) Directive at European level are still ongoing (see Update on the Cybersecurity Directive − over to Luxembourg?, InsidePrivacy, June 12, 2015), less has been said about Germany new national Act to Increase the Security of Information Technology Systems (the “IT Security Law”).  The IT Security Law… Continue Reading

EU – US Umbrella Agreement about to be concluded: towards a transatlantic approach to data protection?

Posted in European Union, International, United States

By Jean de Ruyt and Monika Kuschewsky According to the European Commissioner for Justice, Consumers and Gender Equality, Věra Jourová, the EU and the US have finalized the EU-US Umbrella Agreement (for the press release, see here; a reportedly near-final draft of the agreement can be read here). This is a remarkable breakthrough after the first… Continue Reading

Regulators in the U.S. and U.K. Monitoring Mobile Apps and Websites Directed at Children

Posted in Advertising & Marketing, Children's Privacy, Federal Trade Commission, Mobile, United Kingdom, United States

By Megan L. Rodgers What information is being collected by mobile apps and websites directed at kids? With whom is that information shared? What notice is provided to parents? Regulators in the U.S. and abroad continue to focus on these issues. The FTC recently released a follow-up report on privacy notices in mobile apps directed… Continue Reading

China Issues Draft Network Security Law

Posted in China, Cybersecurity, Data Security, International

By Ashwin Kaja* and Yan Luo Close on the heels of a sweeping new National Security Law, the Standing Committee of the National People’s Congress released last month for public comment a very significant draft Network Security Law (“Draft Law”), also referred to as the draft Cybersecurity Law. Since it came into power in 2012,… Continue Reading

UK Supreme Court Will Hear Google’s Appeal in Important Privacy Case

Posted in Advertising & Marketing, European Union, United Kingdom

The UK Supreme Court has granted Google the right to appeal part of the English and Welsh Court of Appeal’s notable ruling in Google Inc. v. Vidal-Hall & Ors [2015] EWCA Civ 311. Our previous blog highlighted the facts of the case (brought by Internet users against Google’s ad-tracking practices) and the significant consequences of… Continue Reading

Progress on EU GDPR Reform: International Aspects Debated

Posted in European Union

A second round of “trilogue” negotiation on the EU General Data Protection Regulation (GDPR), on July 14th, has addressed the law’s territorial scope and rules relating to international data transfers (Articles 3 and Chapter 5, respectively). Although no agreed text has been released, public comments made by Jan Philipp Albrecht, the European Parliament’s lead negotiator… Continue Reading

Draft Regulations in China Preview Stricter Rules on Internet Advertising

Posted in Advertising & Marketing, China, Mobile, Online

On July 1, 2015, China’s State Administration for Industry and Commerce published a draft of the Interim Measures on Supervision of Internet Advertising (“Draft Internet Advertising Measures”; original Chinese here) for public comment. If adopted as drafted, the Draft Internet Advertising Measures would (1) require advertisements in email and instant messaging to contain conspicuous options… Continue Reading

EU General Data Protection Regulation – First day of ‘trilogue’ discussions

Posted in European Union

By Monika Kuschewsky and Vera Coughlan Today, the first meeting between the European Parliament (“EP”), the Council and the Commission (called “trilogue”) took place with the aim of reaching an agreement on the General Data Protection Regulation (“GDPR”) by the end of the year.  (For background, please see our previous InsidePrivacy post on the Council’s recently… Continue Reading

Highlights of the Canada Digital Privacy Act 2015

Posted in Canada

On June 18, 2015, the Canadian Parliament passed the Digital Privacy Act (DPA), Senate Bill S-4, into law.  The DPA amends Canada’s federal data protection statute, the Personal Information Protection and Electronic Documents Act (PIPEDA) in important respects, including introducing a new data breach notification requirement (which is not yet in force) and making other… Continue Reading

Covington Webinar: The EU General Data Protection Regulation – What’s Next and What It Means For Your Business

Posted in European Union

As we recently covered on this blog, on June 15, the Council of Ministers of the EU reached a long-awaited ‘common approach’ on a revised text of the proposed General Data Protection Regulation (GDPR). Covington will be running a webinar on July 1, repeated on July 2 to accommodate attendees from different timezones, at which specialists from Covington’s… Continue Reading