Tag Archives: Europe

EU Parliamentary Elections: What Impact on the EU Data Protection Reform?

By: Sophie Noya On May 22-25, EU citizens elected Members of the European Parliament (“MEPs”) for a five-year term.  Several of the key parliamentary decision-makers on the data protection reform have been reelected, including the strongest supporters of far-reaching privacy rights such as the rapporteur, German Green Member Jan Philipp Albrecht, and Dutch Liberal Sophia … Continue Reading

EU Data Retention Directive Declared Invalid by Court of Justice of the EU

By Philippe Bradley and Mark Young The Court of Justice of the European Union (CJEU) today held that the EU Data Retention Directive (Directive 2006/24/EC)1 is invalid.  The CJEU ruled that the retention of data under the Directive constitutes an impermissibly broad and serious interference with fundamental human rights to private life and the protection of personal … Continue Reading

EU Article 29 Working Party Publishes Guidance on Data Breach Notification

Last week, the Article 29 Data Protection Working Party published a non-binding Opinion on data breach notifications, titled Opinion 03/2014 on Personal Data Breach Notification (the Opinion).  The Opinion provides helpful new guidance to companies seeking to understand whether or not notifications about a breach must be made to European privacy regulators and/or affected individuals … Continue Reading

Is Korea Moving Towards EU-Style Legislation for Financial Institutions?

In January 2014, a massive data leak of some 104 million credit card accounts shocked South Korea.  The number of affected accounts was twice the number of the population of South Korea’s.  The incident arose when a temporary employee of a personal credit rating agency that manages personal financial data of customers of three major … Continue Reading

U.S. To Review Safe Harbor Program

As part of an ongoing European tour, President Obama has met with several EU political leaders in Brussels today.  After the meeting, Herman van Rompuy, President of the EU, stated that the US has agreed to review the Safe Harbor.  There are no further details known at this stage but most likely the changes will be … Continue Reading

European Parliament Votes to Ensure that the Proposed Network and Information Security Directive Focuses on Protecting Critical Infrastructure

It has been an eventful week in the European Parliament in relation to data privacy and security matters.  Having already voted in favor of the General Data Protection Regulation (“GDPR”) and endorsed a controversial report into allegations of mass surveillance, the European Parliament voted yesterday on the proposed Network and Information Security (“NIS”) Directive.  In … Continue Reading

European Parliament Votes in Favor of Proposed General Data Protection Regulation

Today, the European Parliament (EP) voted in favor of the two reports of rapporteurs Jan-Philipp Albrecht and Dimitrios Droutsas concerning the proposed General Data Protection Regulation and the proposed Directive for the law enforcement sector. The support for the report on the proposed Regulation (see here), which the LIBE Committee of the EP had adopted … Continue Reading

Dissuading Companies from Violating Data Protection Rules: Senior European Commission Official Calls for ‘Significant’ Fines

Speaking at Berkeley’s Online Tracking Workshop today, Françoise Le Bail, Director-General of the European Commission’s DG Justice (the leading department regarding the EU data protection reforms) confirmed the European Commission’s vision that the EU needs stronger penalties in order to ensure effective enforcement of European data protection rules. Ms. Le Bail said that European privacy … Continue Reading

The Future of the Safe Harbor Agreement

Recent events in the European Parliament and European Council demonstrate that concerns over the U.S.-EU Safe Harbor Agreement are continuing to mount, and reform or even revocation of the Safe Harbor Agreement remains a possibility.  Today, Covington published a client alert that discusses recent developments involving the Safe Harbor Agreement and the potential impact of … Continue Reading

Google Fined by the CNIL for Privacy Breaches as European Regulators Continue Investigation

On January 8, 2014, the French data protection authority, the Commission nationale de l’informatique et des libertés (CNIL), announced that it was imposing a fine of €150,000 on Google, as well as a requirement that Google, within eight days of the decision, publicize the fine on its own website (at www.google.fr) for a period of … Continue Reading

Updating Ofcom’s Guidance on Network Security – New Consultation

In light of growing concerns over cybersecurity and evolving technology and operational practices, Ofcom (the independent regulator and competition authority for the UK communications industries) is seeking views on whether its existing guidance on network security should be revised.  Interested parties have until 21 February 2014 to respond.   Depending on the responses received, Ofcom intends … Continue Reading

Berlin Court Condemns Google, Strikes Provisions in Privacy Policy and Terms

On Tuesday, 19 November, the Regional Court of Berlin ruled against Google in a case brought by the Federation of German Consumer Associations (vzbv).  The vzbv had initiated an action for injunction against Google, requesting it to stop using certain clauses in its Terms of Use and Privacy Policy.  In Germany, consumer associations have a … Continue Reading

European Council Taps the Breaks–Adoption of EU General Data Protection Regulation Delayed

Only a few days after the leading parliamentary committee waved through the proposed amendments to the European Commission’s legislative proposal for a General Data Protection Regulation (see here and here), the EU Member States’ governments have decided to postpone the adoption of the Regulation to 2015.  Germany and the UK, in particular, supported the delay, albeit … Continue Reading

What Companies Should Know About the LIBE Committee’s Amendments to the EU’s Proposed Data Protection Regulation

By Mark Young On Monday, the LIBE Committee of the European Parliament adopted proposed amendments to the Commission’s legislative proposal for a General Data Protection Regulation.  Earlier this week we summarized the vote and procedural details (here).  In this alert, we provide more detail on the amendments that companies are likely to care most about, … Continue Reading

European Parliament Calls for Suspension of the SWIFT Agreement following NSA Surveillance Claims

On October 23, 2013, the European Parliament adopted a resolution calling for the suspension of an EU-US Agreement on the transfer of financial data for the purposes of the Terrorist Finance Tracking Program (the so-called “SWIFT Agreement”).  The resolution comes after allegations that the US National Security Agency (NSA) has had unauthorized access to EU citizens’ bank … Continue Reading

LIBE Committee Vote Completes Major Step Towards Adoption of EU Data Protection Regulation

In a historic vote today, the leading parliamentary committee on the European Commission’s proposed General Data Protection Regulation, the Civil Liberties Committee (“LIBE”), adopted all compromise amendments put forward to the Commission’s original proposal. The compromise amendments had been prepared by the rapporteur, Green Member of the Parliament, Jan Philipp Albrecht, in close collaboration with … Continue Reading

Criticism of Safe Harbor Continues to Rise in European Union Institutions

On 8 October, 2013, a group of Social and Democrat MEPs called for the suspension of the U.S.-EU Safe Harbor Framework (the “Safe Harbor”).  Their comments, which were triggered by the unauthorized disclosure of document describing a U.S. National Security Agency surveillance program known as “PRISM”, argued that the Safe Harbor is, variously, “misleading,” “vulnerable,” … Continue Reading

Web Tracking, Profiling, Mobile Apps, Privacy Notices and More Effective International Enforcement Coordination Among Hot Topics of the 35th International Conference of Privacy Commissioners

The 35th International Data Protection and Privacy Commissioners Conference, which comprises national, regional and local data protection and privacy authorities from all five continents, convened in Warsaw last week. The Conference adopted a total of nine resolutions and a declaration, which is the highest number of resolutions since the Conference’s first annual meeting back in … Continue Reading

Web Tracking, Profiling, Mobile Apps, Privacy Notices and More Effective International Enforcement Coordination Among Hot Topics of the 35th International Conference of Privacy Commissioners

The 35th International Data Protection and Privacy Commissioners Conference, which comprises national, regional and local data protection and privacy authorities from all five continents, convened in Warsaw last week. The Conference adopted a total of nine resolutions and a declaration, which is the highest number of resolutions since the Conference’s first annual meeting back in … Continue Reading

Advocate General Submits Opinion in Google Spain Case

On 25 June, the Advocate General (the “AG”) submitted an Opinion on a set of questions that a Spanish court referred to the Court of Justice of the European Union (the “Court”). This is the first time that the Court has been asked to interpret the European Data Protection Directive 95/46/EC (the ‘Directive’) in the context of internet … Continue Reading

Article 29 Working Party Releases New Opinion on Purpose Limitation

On April 2, the Article 29 Working Party (the “Working Party”) approved a new Opinion on a principle of European data protection law known as the “purpose limitation”.  The principle (which stems from Article 6(1)(b) of the Data Protection Directive) requires that data controllers only collect data for “specific”, “explicit” and “legitimate” purposes, and not … Continue Reading

German Government Proposes Cybersecurity Law

Following the German Government’s adoption of a cybersecurity strategy back in February 2011, and only a couple of weeks after the publication of the European Commission’s CyberSecurity Strategy and proposal for a Directive on Network and Information Security (see InsidePrivacy EU Adopts CyberSecurity Strategy and Proposes Network and Information Security Directive, February 7, 2013), Germany … Continue Reading

European Parliament’s Lead Committee for the Proposed EU General Data Protection Regulation Postpones Vote

The Civil Liberties, Justice and Home Affairs (LIBE) Committee of the European Parliament (EP)– the EP’s lead committee for the European Commission’s legislative proposal for a General Data Protection Regulation to replace the current EU Data Protection Directive–was supposed to vote at the end of April on the proposed amendments to the draft Regulation. However, … Continue Reading

The Battle Lines are Clearing Up: The Irish Presidency Note on the Proposed General Data Protection Regulation

According to recent press reports, the Irish Presidency has prepared a note to report to the Council of the EU on the progress achieved on the European Commission’s legislative proposal for a General Data Protection Regulation. Ireland holds the Presidency of the Council of the EU in the first half of 2013 and has already … Continue Reading
LexBlog