Tag Archives: EU Data Protection

Inside Privacy Audiocast: Episode 11 – Latest Developments on the EU’s ePrivacy Regulation

The EU’s ePrivacy Regulation, like the EU GDPR, has been highly anticipated since it was first proposed in 2017. What are the current developments and next steps in the process to enactment? What are some of the complicating factors of the proposed Regulation? Are there major differences between the initial proposal and where the text … Continue Reading

Inside Privacy Audiocast: Episode 10 – Data Privacy Day 2021: Trends to Watch

On this special tenth episode of our Inside Privacy Audiocast, we celebrate Data Privacy Day 2021. Join Dan Cooper and Kurt Wimmer as they discuss the key global data privacy developments in 2020 and trends to look out for in 2021. Covington’s Inside Privacy Audiocast offers insights into topical global privacy issues and trends. Subscribe … Continue Reading

Spanish Supervisory Authority Issues Guidance on Auditing Data Processing Activities Involving Artificial Intelligence

On January 12, 2020, the Spanish Supervisory Authority (“AEPD”) issued guidance on how to audit personal data processing activities that involve Artificial Intelligence (“AI”) (available here, in Spanish).  The AEPD’s guidance is directed at data controllers and processors, as well as AI developers, data protection officers (“DPO”), and auditors.  The guidance aims to help ensure … Continue Reading

Supervisory Authorities Cannot Circumvent One-Stop-Shop According to CJEU Advocate General

On January 13, 2021, the Advocate General (“AG”), Michal Bobek, of the Court of Justice of the European Union (“CJEU”) issued his Opinion in Case C-645/19 Facebook Ireland Limited, Facebook Inc., Facebook Belgium BVBA v. the Belgian Data Protection Authority (“Belgian DPA”).  The AG determined that the one-stop shop mechanism under the EU’s General Data … Continue Reading

Brexit Deal Keeps EU-UK Data Flows Open as Parties Pursue Mutual Adequacy

On December 24th, with a year-end deadline and the holidays fast approaching, European Commission and United Kingdom (“UK”) officials announced they reached a deal on the EU-UK Trade and Cooperation Agreement (“Agreement”).  Once formally adopted by the European Union (“EU”) institutions, the Agreement will govern the relationship between the EU and UK beginning on January … Continue Reading

Twitter Fine: a View into the Consistency Mechanism, and “Constructive Awareness” of Breaches

On December 15, 2020, the Irish Data Protection Commission (“DPC”) fined Twitter International Company (“TIC”) EUR 450,000 (USD 500,000) following a narrow investigation into TIC’s compliance with obligations to (a) notify a personal data breach within 72 hours under Article 33(1) GDPR; and (b) document the facts of the breach under Article 33(5) GDPR. The … Continue Reading

German Federal Agencies Publish Privacy and IT Security Requirements for Digital Health Applications

On April 21, 2020, the Regulation on the Requirements and Reimbursement Process for Digital Health Applications (Digitale Gesundheitsanwendungen-Verordnung or „DiGAV“, available here) entered into force in Germany.  Among other provisions, the DiGAV includes specific IT security and privacy requirements.  Shortly after the law took effect, Germany’s Federal Medicines and Medical Devices Agency (“BfArM”) also released … Continue Reading
LexBlog