Industry eagerly awaits further guidance from data protection authorities (“DPAs”) relating to the EU-U.S. Privacy Shield as well as on the validity (or otherwise) of other mechanisms for transfers to the U.S. such as standard contractual clauses (“SCCs”) and binding corporate rules (“BCRs”). As we explained in recent posts (here and here), publication of an … Continue Reading
Today, the Court of Justice of the European Union (the “CJEU”) invalidated the European Commission’s Decision on the EU-U.S. Safe Harbor arrangement (Commission Decision 2000/520 – see here). The Court responded to pre-judicial questions put forward by the Irish High Court in the so-called Schrems case. More specifically, the High Court had enquired, in particular, … Continue Reading
On October 1st, 2015, the Court of Justice of the EU rendered its judgment in the Weltimmo case (C-230/14). The case addressed two important aspects of EU data protection law, namely applicable law and the scope of the territorial powers of data protection authorities. The case arose out of a dispute between Weltimmo, a company registered … Continue Reading
On June 2, 2015, the Article 29 Working Party updated its published guidance on the topic of Processor BCRs. In their latest guidance document, the Working Party focus specifically on the sensitive topic of disclosures to law enforcement agencies (LEAs). By means of Processor BCRs, data processors are able to share EU-originating personal data within … Continue Reading
On Wednesday, January 28, 2015, better known as “Data Protection Day,” the Belgian Under-Secretary for Data Protection Bart Tommelein called for the creation of an EU Data Protection Authority. He intends to present this position of the Belgian Government to the informal meeting of Ministers of Justice and of the Interior in Riga (Latvia). The … Continue Reading
On October 23, the Trans-Atlantic Business Dialogue held a briefing session on the EU-U.S. Safe Harbor Agreement. Ted Dean, Deputy Assistant Secretary at the U.S. Department of Commerce, gave an update on the negotiations with the European Commission. Following the Snowden revelations and a resolution of the European Parliament, the European Commission on November 17, … Continue Reading
by Kristof Van Quathem On January 8, 2013, MEP Jan Philipp Albrecht released his draft report on the proposed EU Data Protection Regulation. Albrecht, of the European Green Party, is rapporteur for the Civil Liberties, Justice and Home Affairs (LIBE) Committee of the European Parliament, the lead Committee for the proposal. His draft report will … Continue Reading
On 24 November 2011, the EU Court of Justice decided that ISPs cannot be forced to filter Internet traffic to fight intellectual property violations. In 2007, the Brussels Court of First Instance obliged the ISP Scarlet to filter all internet traffic and to block traffic involving violations of intellectual property rights, in particular in … Continue Reading
The Article 29 Working Party recently released an opinion on data breach notification in the EU. The opinion addresses two main issues: Experience to date with the existing breach notification rules in the ePrivacy Directive. The breach notification obligation imposed by article 4.3-5 of the ePrivacy Directive (2002/58/EC) only applies to providers of electronic communications … Continue Reading
