Dan Cooper

Daniel Cooper heads up the firm’s growing Data Privacy and Cybersecurity practice in London, and counsels clients in the information technology, pharmaceutical research, sports and financial services industries, among others, on European and UK data protection, data retention and freedom of information laws, as well as associated information technology and e-commerce laws and regulations. Mr. Cooper also regularly counsels clients with respect to Internet-related liabilities under European and US laws. Mr. Cooper sits on the advisory boards of a number of privacy NGOs, privacy think tanks, and related bodies.

Subscribe to all posts by Dan Cooper

The UK Adopts Data Protection Act 2018

By Dan Cooper on May 25, 2018 Posted in Children's Privacy, European Union, United Kingdom

Having received Royal Assent on May 23, 2018, the UK Data Protection Bill is now an Act of Parliament. The Data Protection Act 2018 (the “Act”) implements the General Data Protection Regulation (“GDPR”) and replaces the UK Data Protection Act 1998. Notable provisions that make use of the ability of Member States to implement different … Continue Reading

CJEU Rejects Consumer Privacy Class Action

By Dan Cooper and Joseph Jones on January 30, 2018 Posted in European Union, International

By Dan Cooper, Joseph Jones, and Ruth Scoles Mitchell On January 25, 2018, the Court of Justice of the European Union (“CJEU”) handed down a ruling permitting consumer privacy actions to be brought in the consumer’s home jurisdiction — as opposed to the jurisdiction in which the defendant data controller has its main establishment — … Continue Reading

EU Article 29 Working Party Releases Extensive GDPR Guidance on Data Processing at Work

By Dan Cooper on July 4, 2017 Posted in European Union

By Dan Cooper and Rosie Klement The EU’s Article 29 Working Party (“WP29”) has issued new guidance on data processing in the employment context. Adopted on June 8, 2017, the guidance primarily takes account of the existing data protection framework under the EU Data Protection Directive (Directive 95/46/EC), but also considers the developments coming into force … Continue Reading

CJEU Limits Public Record ‘Right to Be Forgotten’

By Dan Cooper, Phil Bradley-Schmieg and Joseph Jones on March 10, 2017 Posted in European Union

On March 9, 2017, the Court of Justice of the EU (“CJEU”) handed down a ruling limiting the reach of its prior “right to be forgotten” jurisprudence, by holding that the right does not prevail over society’s interest in access to official public records of company details required by law.… Continue Reading

UK Information Commissioner’s Office Publishes Draft Guidance on Consent under the GDPR

By Dan Cooper on March 8, 2017 Posted in European Union, United Kingdom

By Dan Cooper and Rosie Klement On March 2, 2017, the Information Commissioner’s Office (“ICO”) released draft guidance for UK organizations on how the notion of consent will be interpreted and applied when the General Data Protection Regulation (“GDPR”) comes into force in May 2018. The ICO is currently engaging in a public consultation on … Continue Reading

European Commission Unveils Data Economy Package: International Data Transfers

By Dan Cooper, Ezra Steinhardt and Joseph Jones on January 11, 2017 Posted in Cross-Border Transfers, European Union, International

On January 10, 2017, the European Commission unveiled the “last major Digital Single Market initiatives” addressing Europe’s digital future. These initiatives comprise the following: A proposal for a Regulation on Privacy and Electronic Communications (E-Privacy Regulation) (see our post here); A Communication on “Building a European Data Economy” (see our post here); and A Communication … Continue Reading

European Commission Unveils Data Economy Package: “Building a European Data Economy”

By Dan Cooper, Ezra Steinhardt and Joseph Jones on January 11, 2017 Posted in European Union, International

On January 10, 2017, the European Commission unveiled the “last major Digital Single Market initiatives” addressing Europe’s digital future. These initiatives comprise the following: A proposal for a Regulation on Privacy and Electronic Communications (E-Privacy Regulation) (see our post here); A Communication on “Building a European Data Economy”; and A Communication on exchanging and protecting … Continue Reading

European Commission Unveils Data Economy Package: E-Privacy Regulation

By Dan Cooper, Ezra Steinhardt and Joseph Jones on January 11, 2017 Posted in European Union, International

On January 10, 2017, the European Commission unveiled the “last major Digital Single Market initiatives” addressing Europe’s digital future. These initiatives comprise the following: A proposal for a Regulation on Privacy and Electronic Communications (E-Privacy Regulation) ; A Communication on “Building a European Data Economy” (see our post here); and A Communication on exchanging and … Continue Reading

CJEU Confirms Dynamic IP Addresses To Be Personal Data

By Dan Cooper, Mark Young and Joseph Jones on October 19, 2016 Posted in European Union, International

On Wednesday October 19, 2016 the Court of Justice of European Union (“CJEU”) issued its judgment in Case C-582/14, Patrick Breyer v Germany. The CJEU held that a “dynamic” IP address constitutes personal data (agreeing with the Opinion of the Advocate General from May this year). Dynamic IP addresses qualify as personal data, even if … Continue Reading

Agreement Reached on New EU-U.S. Safe Harbor: the EU-U.S. Privacy Shield

By Dan Cooper, Phil Bradley-Schmieg and Joseph Jones on February 2, 2016 Posted in Department of Commerce, European Union, Federal Trade Commission, International, United States

By Dan Cooper, Phil Bradley-Schmieg and Joseph Jones Today (February 2nd, 2016), the European Commission and U.S. Government reached political agreement on the new framework for transatlantic data flows. The new framework – the EU-U.S. Privacy Shield – succeeds the EU-U.S. Safe Harbor framework (for more on the Court of Justice of the European Union … Continue Reading

EU’s Highest Court Invalidates Safe Harbor with Immediate Effect

By Jetty Tielemans, Monika Kuschewsky, Dan Cooper, Mark Young and Kristof Van Quathem on October 6, 2015 Posted in European Union, International

Today, the Court of Justice of the European Union (the “CJEU”) invalidated the European Commission’s Decision on the EU-U.S. Safe Harbor arrangement (Commission Decision 2000/520 – see here). The Court responded to pre-judicial questions put forward by the Irish High Court in the so-called Schrems case. More specifically, the High Court had enquired, in particular, … Continue Reading

Highlights of the Canada Digital Privacy Act 2015

By Dan Cooper on June 24, 2015 Posted in Canada

On June 18, 2015, the Canadian Parliament passed the Digital Privacy Act (DPA), Senate Bill S-4, into law. The DPA amends Canada’s federal data protection statute, the Personal Information Protection and Electronic Documents Act (PIPEDA) in important respects, including introducing a new data breach notification requirement (which is not yet in force) and making other … Continue Reading

English Court of Appeal Decision Significantly Expands UK Privacy Law

By Dan Cooper on March 30, 2015 Posted in International, United Kingdom

Dan Cooper and Phil Bradley-Schmieg On March 27, 2015, the England and Wales Court of Appeal (EWCA) handed down a historic judgment in Google Inc v. Vidal-Hall & Ors [2015] EWCA Civ 311, with significant consequences for organizations handling personal data in, or from, the UK. This case was brought against Google Inc. by three … Continue Reading

CJEU Hears Oral Arguments in Pivotal EU-U.S. Safe Harbor Case

By Dan Cooper on March 27, 2015 Posted in European Union, International

By Dan Cooper and Phil Bradley-Schmieg On March 24, 2015, the Court of Justice of the EU (CJEU) heard arguments in Case C-362/14 (Schrems). The High Court of Ireland has asked the CJEU whether Ireland’s data protection authority (DPA) — and by extension other EU DPAs — is bound by the Commission’s adequacy decision (Decision 520/2000/EC) … Continue Reading

Top 10 International Privacy Developments of 2014

By Dan Cooper on February 4, 2015 Posted in European Union, International

By Dan Cooper and Maria-Martina Yalamova The CJEU “Right to be Forgotten” Ruling. In May 2014, the Court of Justice of the European Union (CJEU) delivered an important judgement in a referral from Spain’s National High Court involving Google, a Spanish national, and the Spanish data protection authority (Case C-131/12). The CJEU’s decision re-interpreted European … Continue Reading

Google, the CJEU, and the Long Arm of European Data Protection Law

By Dan Cooper on May 14, 2014 Posted in European Union, Online

By Dan Cooper, Mark Young and Kristof van Quathem On May 13, the European Court of Justice (the “Court”) handed down an important judgement in a referral from Spain’s National High Court involving Google, a Spanish national, and the Spanish data protection authority (Case C-131/12). The decision has wide-ranging consequences regarding the application of EU … Continue Reading

Brazil Enacts “Marco Civil” Internet Civil Rights Bill

By Dan Cooper on April 28, 2014 Posted in International

By Philippe Bradley and Dan Cooper On April 23rd, 2014 Brazil’s president signed into law a wide-ranging civil rights bill for Internet users and service providers (the “Marco Civil da Internet”, or “Marco Civil”). The law had been in the works since 2009; it was made a priority by the Brazilian government in the wake … Continue Reading

European Regulators Set Out Data Anonymization Standards

By Dan Cooper on April 23, 2014 Posted in Data Security, European Union

By Kristof van Quathem and Dan Cooper On April 10, 2014, the Article 29 Working Party adopted an Opinion on anonymization techniques. The Working Party accepts that anonymization techniques can help individuals and society reap the benefits of “open data” initiatives – initiatives intended to make various types of data more freely available – while … Continue Reading

European Regulators and the Eternal Cookie Debate

By Dan Cooper on October 18, 2013 Posted in Advertising & Marketing, European Union, International, Online, Privacy Policies, United Kingdom

By Dan Cooper, Mark Young and Maria-Martina Yalamova This week, the Article 29 Working Party (the “WP29”) released an opinion paper on what constitutes “consent” for purposes of complying with the EU’s “cookie” rules — rules that were revised to include a consent requirement nearly four years ago. The paper will be relevant to website … Continue Reading

European Court of Human Rights holds website liable for offensive anonymous comments

By Dan Cooper on October 15, 2013 Posted in European Union, International

By Dan Cooper and Colin Warriner On 10 October 2013, the European Court of Human Rights (ECHR) ruled that finding the owners of an online news portal liable for offensive comments posted by its users did not violate their right to freedom of expression. Reactions to the ruling (which may still be appealed to the … Continue Reading

Irish Data Protection Commissioner and FTC sign Memorandum of Understanding

By Dan Cooper on July 2, 2013 Posted in Federal Trade Commission, International

The Data Protection Commissioner Billy Hawkes has signed a memorandum of understanding (MOU) with the Chairwoman of the U.S. Federal Trade Commission (FTC), Edith Ramirez. The MOU is a statement of cooperation between the two agencies in their efforts to protect consumer privacy. It includes provisions calling for cooperation in relation to enforcement of relevant … Continue Reading

French Data Protection Authority: 3-Month Deadline for Google to Comply With Privacy Laws

By Dan Cooper on June 21, 2013 Posted in Advertising & Marketing, European Union, International

By Jorg Walter The CNIL announced in a press release on Thursday that it has issued a formal notice to Google Inc. that requires the search engine to provide clear and sufficient information to users about how their data is being used. In particular, the Paris based regulator wants Google to: Define specified and explicit … Continue Reading