Photo of Dan Cooper

Dan Cooper

Daniel Cooper heads up the firm’s growing Data Privacy and Cybersecurity practice in London, and counsels clients in the information technology, pharmaceutical research, sports and financial services industries, among others, on European and UK data protection, data retention and freedom of information laws, as well as associated information technology and e-commerce laws and regulations. Mr. Cooper also regularly counsels clients with respect to Internet-related liabilities under European and US laws. Mr. Cooper sits on the advisory boards of a number of privacy NGOs, privacy think tanks, and related bodies.

Subscribe to all posts by Dan Cooper

Inside Privacy Audiocast: Episode 12 – Conversation with Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa

In celebration of data privacy as a human right as part of South Africa’s Human Rights Day 2021, we feature special guest Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa on Episode 12 of Covington’s Inside Privacy Audiocast. Together with Dan Cooper and Mosa Mkhize, we discuss the Information Regulator of South … Continue Reading

European Commission Publishes Draft UK Adequacy Decisions

On February 19, 2021, the European Commission published two draft decisions finding that UK law provides an adequate level of protection for personal data.  The first would allow private companies in the EU to continue to transfer personal data to the UK without the need for any additional safeguards (e.g., the Commission’s standard contractual clauses), … Continue Reading

Inside Privacy Audiocast: Episode 11 – Latest Developments on the EU’s ePrivacy Regulation

The EU’s ePrivacy Regulation, like the EU GDPR, has been highly anticipated since it was first proposed in 2017. What are the current developments and next steps in the process to enactment? What are some of the complicating factors of the proposed Regulation? Are there major differences between the initial proposal and where the text … Continue Reading

Abu Dhabi Global Market Issues New Data Protection Regulations

On February 14, 2021, the Abu Dhabi Global Market (“ADGM”), one of two significant financial services free zones in the United Arab Emirates, enacted its new Data Protection Regulations 2021 (the “Regulations”).  The Regulations will come into force and replace the current Data Protection Regulations 2015 following a transition period of 12 months for current … Continue Reading

European Commission Launches Consultation on Initiative to Fight Child Sexual Abuse

On February 11, 2021, the European Commission launched a public consultation on its initiative to fight child sexual abuse online (the “Initiative”), which aims to impose obligations on online service providers to detect child sexual abuse online and to report it to public authorities. The consultation is part of the data collection activities announced in … Continue Reading

Employee Confidentiality and Data Theft: Recent UK Developments

In this blog post, we look at a recent decision by the UK Court of Appeal and a separate prosecution brought by the Information Commissioner’s Office (“ICO”; the UK data protection authority), which together serve as a cautionary tale for employees and prospective future employers of the risks of civil liability and criminal conviction for … Continue Reading

Inside Privacy Audiocast: Episode 10 – Data Privacy Day 2021: Trends to Watch

On this special tenth episode of our Inside Privacy Audiocast, we celebrate Data Privacy Day 2021. Join Dan Cooper and Kurt Wimmer as they discuss the key global data privacy developments in 2020 and trends to look out for in 2021. Covington’s Inside Privacy Audiocast offers insights into topical global privacy issues and trends. Subscribe … Continue Reading

Inside Privacy Audiocast: Episode 9 – China’s Approach to Data Protection

On the ninth episode of our Inside Privacy Audiocast, we peer through the looking glass at China’s approach to data protection and the latest developments in its emerging data protection and cybersecurity regime. Dan Cooper, Yan Luo and Zhijing Yu discuss the variety of legal instruments in China’s quickly-evolving data protection and cybersecurity regulatory landscape, and how these … Continue Reading

EDPB and EDPS Release Joint Opinion on Draft EU Standard Contractual Clauses

On January 19, 2021, the European Data Protection Board (“EDPB”) and the European Data Protection Supervisor (“EDPS”) issued a joint opinion on the draft standard contractual clauses for international data transfers (“draft SCCs”) published by the European Commission (“EC”) on November 12, 2020, including a marked-up version of the clauses. The EDPB/EDPS joint opinion proposes … Continue Reading

Irish DPC publishes draft Fundamentals for a Child-Oriented Approach to Data Processing

On December 18, 2020, the Irish Data Protection Commission (“DPC”) published its draft Fundamentals for a Child-Oriented Approach to Data Processing (the “Fundamentals”). The Fundamentals introduce child-specific data protection principles and measures, which are designed to protect children against data processing risks when they access services, both online and off-line. The DPC notes that all … Continue Reading

Council of the EU Released a (New) Draft of the ePrivacy Regulation

On January 5, 2021, the Council of the European Union released a new, draft version of the ePrivacy Regulation, which is meant to replace the ePrivacy Directive.  The European Commission approved a first draft of the ePrivacy Regulation in January 2017.  The draft regulation has since then been under discussion in the Council. On January … Continue Reading

Brexit Deal Keeps EU-UK Data Flows Open as Parties Pursue Mutual Adequacy

On December 24th, with a year-end deadline and the holidays fast approaching, European Commission and United Kingdom (“UK”) officials announced they reached a deal on the EU-UK Trade and Cooperation Agreement (“Agreement”).  Once formally adopted by the European Union (“EU”) institutions, the Agreement will govern the relationship between the EU and UK beginning on January … Continue Reading

Inside Privacy Audiocast: Episode 8 – The Impact of the U.S. Election on Privacy Laws in the U.S.

On the eighth episode of our Inside Privacy Audiocast, we peer through the looking glass at the U.S. election and the future of privacy laws in the U.S. We discuss whether the November 3 election is likely to be a watershed event in the development of privacy laws in the U.S. In this episode, Dan … Continue Reading

The European Commission publishes a proposal for a Regulation on European Data Governance (the Data Governance Act)

On 25 November 2020, the European Commission published a proposal for a Regulation on European Data Governance (“Data Governance Act”).  The proposed Act aims to facilitate data sharing across the EU and between sectors, and is one of the deliverables included in the European Strategy for Data, adopted in February 2020.  (See our previous blog … Continue Reading

EDPB adopts recommendations on international data transfers following Schrems II decision

On 11 November 2020, the European Data Protection Board (“EDPB”) issued two draft recommendations relating to the rules on how organizations may lawfully transfer personal data from the EU to countries outside the EU (“third countries”).  These draft recommendations, which are non-final and open for public consultation until 30 November 2020, follow the EU Court … Continue Reading

Inside Privacy Audiocast: Episode 7 – Brexit and the Future of UK Data Privacy Law

Over the past 9 months, the UK has been hammering out the shape of its future trading relationship with the EU, as well as many others, and there apparently are signs of progress in the past few days as a result of intensified talks between the two sides. Some are reporting a deal will be … Continue Reading

Inside Privacy Audiocast: Episode 6 – View from Johannesburg Part II: Top Data Policy Trends to Look Out For in Africa

Recently, there has been a significant level of attention given to data protection and privacy matters on the Continent, and in the just the past year, we have seen new laws proposed or enacted in places like Nigeria, Egypt, Kenya, and of course South Africa, although prior to that, places like Morocco, Ghana and Mali … Continue Reading

Inside Privacy Audiocast: Episode 5 – View From Johannesburg Part I: GDPR vs. POPIA – What Should Businesses Be Considering?

On June 22, 2020, the South African President announced that certain provisions of POPIA would take effect on July 1, provisions which most regard as essential to the statute, such as those imposing conditions on the lawful processing of personal information, procedures for handling complaints, and general enforcement provisions. Only days later, the South African Information … Continue Reading

EDPB Publishes Draft Guidelines on the Targeting of Social Media Users

On 7 September 2020, the European Data Protection Board (“EDPB”) adopted draft guidelines on the targeting of social media users (the “Guidelines”).  The Guidelines aim to clarify the roles and responsibilities of social media providers and “targeters” with regard to the processing of personal data for the purposes of targeting social media users.… Continue Reading

English High Court Awards Damages for Quasi-Defamation Data Claim

The English High Court has recently awarded damages in a data privacy case, with two features of particular interest.  First, the nature of the claim is more reminiscent of a claim in defamation than for data privacy breaches, which is a development in the use of data protection legislation.  Secondly, the damages awarded (perhaps influenced … Continue Reading

Inside Privacy Audiocast: Episode 4 – A Look into the ACLU of California’s Position on the CPRA

On our fourth episode of our Inside Privacy Audiocast, we are aiming our looking glass at the California Privacy Rights Act, and are joined by guest speaker Jacob Snow, Technology and Civil Liberties Attorney with the American Civil Liberties Union of Northern California. In September 2019, Alastair Mactaggart, Board Chair and Founder of Californians for … Continue Reading

European Commission Proposes Interim Regulation to Combat Child Sexual Abuse Online

On 10 September 2020, the European Commission proposed an interim regulation designed to enable online communications service providers to combat child sexual abuse online. Once in force, this regulation will provide a legal basis for providers to voluntarily scan communications or traffic data on their services for the limited purpose of detecting child sexual abuse … Continue Reading

EDPB Publishes Guidelines on the GDPR Concepts of “Controller”, “Joint Controller” and “Processor”

On September 2, 2020, the European Data Protection Board (“EDPB”) adopted guidelines on the concepts of “controller” and processor” under the GDPR. The Article 29 Working Party had already issued a guidance on this topic in 2010. Although the GDPR did not change the definitions of “controller” and “processor”, the EDPB’s guidelines aim to bring … Continue Reading

Swiss Federal Data Protection Authority Removes the US from its List of Adequate Countries

On September 8, 2020, the Swiss Federal Supervisory Authority (“Swiss SA”) issued a position paper stating that Swiss companies can no longer rely on the Swiss-US Privacy Shield Framework to transfer data to the US. The Swiss SA did not revoke the Swiss-US Privacy Shield Framework because it does not have the power to do … Continue Reading
LexBlog