In January 2021, the Belgian Supervisory Authority issued detailed guidance (available in Dutch and French) on how to securely destroy personal data in accordance with the General Data Protection Regulation (“GDPR”). Among other things, the guidance aims to help controllers and processors comply with their obligations under Article 32 of the GDPR.… Continue Reading
On January 27, 2020, the French Supervisory Authority (“CNIL”) issued a guidance for developers of websites and applications which sets out the main principles of the General Data Protection Regulation (“GDPR”), expounds on their application in the online environment, and gives practical tips to help developers respect users’ privacy when deploying websites and apps. The … Continue Reading
On December 21, 2016 the Court of Justice of European Union (“CJEU”) issued its judgment in Joined Cases C-203/15 and C-698/15, Tele2 /Watson. The decision considered the legality of UK and Swedish laws permitting the generalized retention of communications metadata (for 6-12 months) for the purposes of prevention, detection or prosecution of crime (not necessarily … Continue Reading
By Philippe Bradley and Dan Cooper On April 23rd, 2014 Brazil’s president signed into law a wide-ranging civil rights bill for Internet users and service providers (the “Marco Civil da Internet”, or “Marco Civil”). The law had been in the works since 2009; it was made a priority by the Brazilian government in the wake … Continue Reading
A judge in the Northern District of California recently agreed with the Seventh Circuit that the Video Privacy Protection Act (“VPPA”) does not provide a private right of action premised solely on an allegedly unauthorized retention of information. Plaintiffs sued Sony Computer Entertainment America LLC (“SCEA”) and Sony Network Entertainment International LLC (“SNEI”) for alleged violations of the … Continue Reading
Today the European Commission adopted an evaluation report on the Data Retention Directive. This Directive requires EU Member States to ensure that telecommunications service providers retain certain categories of data for the purpose of investigations, detection and prosecution of serious crime, as defined by the national law of the Member States. Since its adoption in … Continue Reading
In testimony before a House Judiciary subcommittee on Tuesday, Jason Weinstein (Deputy Assistant Attorney General for the DOJ Criminal Division) emphasized the importance of data retention from internet and cell phone service providers in fighting crime. He invited Congress to consider legislation that would strengthen data retention standards. Weinstein offered several examples of federal and … Continue Reading
EU Home Affairs Commissioner Cecilia Malmström announced that the European Commission will propose amendments to the Data Retention Directive (2006/24/EC) following publication of an evaluation report on the Directive early next year. Under the Directive, Member States must ensure that providers of publicly available electronic communications services or public communications networks retain certain traffic data on … Continue Reading