Monika Kuschewsky

Subscribe to all posts by Monika Kuschewsky

EDPS-BEUC Joint Conference on Big Data Promotes Closer Dialogue

Last week, the European Data Protection Supervisor (the “EDPS”), in collaboration with European consumer organisation BEUC, hosted a joint conference on Big Data: individual rights and smart enforcement in Brussels (for the conference agenda, see here).  The conference brought together leading regulators and experts in the areas of competition, data protection and consumer protection, including … Continue Reading

EDPS Issues Opinion on Big Data and Enforcement

As announced last week, the European Data Protection Supervisor (“EDPS”) released on September 23, 2016 an opinion on “coherent enforcement of fundamental rights in the age of big data.”  This opinion follows an earlier Preliminary Opinion on privacy and competitiveness in the age of big data, published in 2004 (see our previous blog post here). … Continue Reading

EU and US Unveil the New Privacy Shield

At a joint press conference in Brussels this morning (July 12, 2016), EU Commissioner Jourová and the U.S. Secretary of Commerce, Penny Pritzker, presented the new EU-U.S. data transfer mechanism (see press release here, adequacy decision text here, annexes here and Q&A factsheet here).  The press conference followed the approval of the underlying adequacy decision … Continue Reading

Privacy Shield Deal Passes Major EU Hurdle

On July 8, 2016, the draft EU-U.S. Privacy Shield adequacy decision was formally approved by the so-called “Article 31 Committee” of EU Member States (see press release, here). That approval opens the door for the College of EU Commissioners to approve the Privacy Shield on Monday (July 11).  Once translated and published in the Official … Continue Reading

European Data Protection Supervisor Opinion on the Privacy Shield

On May 30, the European Data Protection Supervisor (the “EDPS”) issued an opinion on the Privacy Shield, see opinion here and press release here.  The EDPS acknowledged that the European Commission’s draft adequacy decision on the Privacy Shield is a step in the right direction and shows a number of improvements compared to the EU-U.S. … Continue Reading

European Parliament Passes Resolution on the Privacy Shield

This morning (May 26, 2016) the European Parliament (“EP”) approved a non-binding resolution on the proposed EU – U.S. Privacy Shield (see resolution here and press release here).  The resolution is far more positive in relation to the Privacy Shield than some of the proposals floated by some political groups earlier this week (see, for instance, the resolution proposed … Continue Reading

Digital Single Market – New Initiatives for Cloud Computing and Internet of Things

By Vera Coughlan, Monika Kuschewsky and Kristof Van Quathem Yesterday, the European Commission launched its “Digitising European Industry” package, a series of industry related initiatives aimed at “updating Europe’s digital infrastructure”, see press release here, Q&A here and homepage here.  The package includes reports and proposals addressing cloud computing, ICT standardization, eGovernment, Internet of Things … Continue Reading

EU DPA Enforcement Guidance Post-Schrems

Industry eagerly awaits further guidance from data protection authorities (“DPAs”) relating to the EU-U.S. Privacy Shield as well as on the validity (or otherwise) of other mechanisms for transfers to the U.S. such as standard contractual clauses (“SCCs”) and binding corporate rules (“BCRs”).  As we explained in recent posts (here and here), publication of an … Continue Reading

The New EU Data Protection Law: Key Elements for Business

The General Data Protection Regulation (GDPR) (see the latest text here), which was approved at the political level last week, heralds a new era of data protection in the EU and beyond.  The GDPR imposes numerous new obligations on companies both within and outside the EU, strengthens the rights of individuals and foresees stiff penalties … Continue Reading

LIBE Committee Votes in Favor of the GDPR

By Vera Coughlan and Monika Kuschewsky This morning, the European Parliament’s Civil Liberties, Justice and Home Affairs committee (“LIBE”) formally adopted the result of the negotiations on the EU’s General Data Protection Regulation (“GDPR”).  The text of GDPR was the outcome of trilogue negotiations between the European Parliament and Council and the Commission, which concluded … Continue Reading

Political Agreement on the EU General Data Protection Regulation – Start of a New EU Privacy Era?

By Monika Kuschewsky, Charlotte Ryckman and Vera Coughlan Today, the EU institutions reached the long-awaited political agreement on the General Data Protection Regulation (GDPR), which will fundamentally change the EU privacy landscape (for the Commission press release see here and the European Parliament press release here).  Almost four years after the publication of the legislative … Continue Reading

European Commission issues guidance on the impact of the Schrems (Safe Harbor) ruling of the EU’s Highest Court

By Monika Kuschewsky and Vera Coughlan Following the judgment of the Court of Justice of the EU of October 6 in the Schrems case (Case C-362/14) (see our previous blog post here), today, the European Commission issued guidance on transfers of personal data from the EU to the U.S. post Schrems. For the press release see … Continue Reading

Schrems (Safe Harbor) Judgment – German Data Protection Authorities Issue Position Paper

Today, the German supervisory authorities (“German DPAs”) responsible for data protection at federal and state (Länder) level published a position paper on the EU-U.S. Safe Harbor (available in German – see here).  This 14-point position paper follows a meeting that these authorities held last week.  Key points include: following the Safe Harbor judgment of the … Continue Reading

Article 29 WP On the Schrems Ruling (Safe Harbor) − Latest Developments and Next Steps

The Article 29 Data Protection Working Party (“Article 29 WP”), an EU advisory body on data protection composed of representatives of the national data protection authorities (“DPAs”), the European Data Protection Supervisor and the European Commission, met in plenary on Thursday, October 15, to discuss the first consequences of the judgment of the Court of … Continue Reading

Debate in the European Parliament’s LIBE Committee on the Schrems ruling

On October 12, 2015, the European Parliament’s Civil Liberties, Justice and Home Affairs (“LIBE”) Committee held a debate to discuss the aftermath of the ruling of the Court of Justice of the European Union (“CJEU”) ruling in Case C-362/14 Maximillian Schrems v Data Protection Commissioner (see summary of the ruling here and summary of the … Continue Reading

EU’s Highest Court Invalidates Safe Harbor with Immediate Effect

Today, the Court of Justice of the European Union (the “CJEU”) invalidated the European Commission’s Decision on the EU-U.S. Safe Harbor arrangement (Commission Decision 2000/520 – see here). The Court responded to pre-judicial questions put forward by the Irish High Court in the so-called Schrems case. More specifically, the High Court had enquired, in particular, … Continue Reading

EU’s Highest Court Rules on Applicable Law and Territorial Powers of the National Data Protection Authorities

On October 1st, 2015, the Court of Justice of the EU rendered its judgment in the Weltimmo case (C-230/14).  The case addressed two important aspects of EU data protection law, namely applicable law and the scope of the territorial powers of data protection authorities. The case arose out of a dispute between Weltimmo, a company registered … Continue Reading

EU-U.S. Safe Harbor: Judgment in the Schrems Case Scheduled For October 6

The Court of Justice of the European Union (“CJEU”) in Luxembourg will render its judgment in the Schrems case (C-362/14 Maximilian Schrems v Data Protection Commissioner) on October 6, at 9:30 am CET (see here). For details on the case and its potential implications for the U.S.-EU Safe Harbor, see our earlier blog post (here) … Continue Reading

Data Localization Requirements Through the Backdoor? Germany’s “Federal Cloud”, and New Criteria For the Use of Cloud Services by the German Federal Administration

In May 2015, reports about the German government’s plans to establish federal German cloud infrastructure (the “Bundes-Cloud”) raised concerns about the possible introduction of data localization requirements (preventing the storage and processing of data outside Germany).  The criteria for the use of cloud services by Germany’s federal administration, which have recently been published, now give … Continue Reading

What You Need to Know About Germany’s Cybersecurity Law

Whilst the discussions on the proposed Network and Information Security (NIS) Directive at European level are still ongoing (see Update on the Cybersecurity Directive − over to Luxembourg?, InsidePrivacy, June 12, 2015), less has been said about Germany new national Act to Increase the Security of Information Technology Systems (the “IT Security Law”).  The IT Security Law … Continue Reading

EU – US Umbrella Agreement about to be concluded: towards a transatlantic approach to data protection?

By Jean de Ruyt and Monika Kuschewsky According to the European Commissioner for Justice, Consumers and Gender Equality, Věra Jourová, the EU and the US have finalized the EU-US Umbrella Agreement (for the press release, see here; a reportedly near-final draft of the agreement can be read here). This is a remarkable breakthrough after the first … Continue Reading

EU General Data Protection Regulation – First day of ‘trilogue’ discussions

By Monika Kuschewsky and Vera Coughlan Today, the first meeting between the European Parliament (“EP”), the Council and the Commission (called “trilogue”) took place with the aim of reaching an agreement on the General Data Protection Regulation (“GDPR”) by the end of the year.  (For background, please see our previous InsidePrivacy post on the Council’s recently … Continue Reading

Covington Webinar: The EU General Data Protection Regulation – What’s Next and What It Means For Your Business

As we recently covered on this blog, on June 15, the Council of Ministers of the EU reached a long-awaited ‘common approach’ on a revised text of the proposed General Data Protection Regulation (GDPR). Covington will be running a webinar on July 1, repeated on July 2 to accommodate attendees from different timezones, at which specialists from Covington’s … Continue Reading
LexBlog