Tag Archives: Data Localization

India’s Committee of Experts Releases Draft Personal Data Protection Bill

On July 27, 2018, the Government of India’s Committee of Experts released a draft Protection of Personal Data Bill. Together with an accompanying report, the draft bill moves India one step closer towards enacting a comprehensive data protection regime. Last year, the Supreme Court of India issued a landmark decision holding that privacy is a … Continue Reading

CJEU Confirms That National Data Retention Laws May Only Be Adopted Where “Strictly Necessary”

By Phil Bradley-Schmieg on January 6, 2017 Posted in European Union

On December 21, 2016 the Court of Justice of European Union (“CJEU”) issued its judgment in Joined Cases C-203/15 and C-698/15, Tele2 /Watson. The decision considered the legality of UK and Swedish laws permitting the generalized retention of communications metadata (for 6-12 months) for the purposes of prevention, detection or prosecution of crime (not necessarily … Continue Reading

LinkedIn Blocked in Russia Following Breach of Data Localization Laws

By Inside Privacy on November 17, 2016 Posted in Cross-Border Transfers, International

On November 11, 2016, a Russian court in Moscow upheld the decision of an earlier court to block online access to the website LinkedIn throughout Russia. This decision, which affirms a decision to penalize LinkedIn by the Russian data protection regulator, the Roskomnadzor, was based on the court’s view that LinkedIn had breached the new … Continue Reading

Privacy Shield Deal Passes Major EU Hurdle

By Phil Bradley-Schmieg on July 8, 2016 Posted in Cross-Border Transfers, European Union

On July 8, 2016, the draft EU-U.S. Privacy Shield adequacy decision was formally approved by the so-called “Article 31 Committee” of EU Member States (see press release, here). That approval opens the door for the College of EU Commissioners to approve the Privacy Shield on Monday (July 11). Once translated and published in the Official … Continue Reading

Data Localization Requirements Through the Backdoor? Germany’s “Federal Cloud”, and New Criteria For the Use of Cloud Services by the German Federal Administration

By Inside Privacy on September 15, 2015 Posted in Cloud Computing, Cybersecurity, Data Security, European Union, Sourcing, Technology Transactions

In May 2015, reports about the German government’s plans to establish federal German cloud infrastructure (the “Bundes-Cloud”) raised concerns about the possible introduction of data localization requirements (preventing the storage and processing of data outside Germany). The criteria for the use of cloud services by Germany’s federal administration, which have recently been published, now give … Continue Reading

Top 10 International Privacy Developments of 2014

By Dan Cooper on February 4, 2015 Posted in European Union, International

The CJEU “Right to be Forgotten” Ruling. In May 2014, the Court of Justice of the European Union (CJEU) delivered an important judgement in a referral from Spain’s National High Court involving Google, a Spanish national, and the Spanish data protection authority (Case C-131/12). The CJEU’s decision re-interpreted European data protection law to include … Continue Reading

Brazil Enacts “Marco Civil” Internet Civil Rights Bill

By Dan Cooper on April 28, 2014 Posted in International

By Philippe Bradley and Dan Cooper On April 23rd, 2014 Brazil’s president signed into law a wide-ranging civil rights bill for Internet users and service providers (the “Marco Civil da Internet”, or “Marco Civil”). The law had been in the works since 2009; it was made a priority by the Brazilian government in the wake … Continue Reading