Tag Archives: General Data Protection Regulation (GDPR)

UK Company Fined For Buying And Selling Non-Compliant Marketing Databases

The UK Information Commissioner’s Office (ICO), which enforces data protection legislation in the UK, has fined a company £20,000 (approximately 24,000 USD / 23,000 EUR) for not exercising sufficient due diligence when buying and using marketing databases. The ICO found that over 580,000 individuals’ contact details had been obtained by The Data Supply Company Ltd … Continue Reading

UK Information Commissioner’s Office Publishes Draft Guidance on Consent under the GDPR

By Dan Cooper and Rosie Klement On March 2, 2017, the Information Commissioner’s Office (“ICO”) released draft guidance for UK organizations on how the notion of consent will be interpreted and applied when the General Data Protection Regulation (“GDPR”) comes into force in May 2018. The ICO is currently engaging in a public consultation on … Continue Reading

New EU GDPR Guidance: Data Portability, Data Protection Officers, and the One Stop Shop

The Article 29 Working Party (“WP29”) – the representatives of national data protection regulators in the EU – has issued new guidance on three important aspects of the new General Data Protection Regulation (“GDPR”), which comes into force in May 2018. This first salvo of GDPR-focused guidance concerns: the new “Right to Data Portability”, an … Continue Reading

Luxembourg Bill Amending the Data Protection Act with regard to the Authorization Regime

On August 31, 2016, a bill was presented to the Luxembourg Parliament (the “Bill”) to amend the Law of August 2, 2002, on the Protection of Persons with regard to the Processing of Personal Data. The Bill aims to reduce the current administrative burden and anticipates the application of the General Data Protection Regulation (“GDPR”) … Continue Reading

EDPS-BEUC Joint Conference on Big Data Promotes Closer Dialogue

Last week, the European Data Protection Supervisor (the “EDPS”), in collaboration with European consumer organisation BEUC, hosted a joint conference on Big Data: individual rights and smart enforcement in Brussels (for the conference agenda, see here).  The conference brought together leading regulators and experts in the areas of competition, data protection and consumer protection, including … Continue Reading

The CNIL and EDPS Launch Public Consultations

On June 16, 2016, the French data protection authority (“CNIL”) launched a public consultation on the General Data Protection Regulation (“GDPR).   The consultation focuses on four priority themes set out in the Article 29 Working Party’s 2016 Action plan: the data protection officer; the right to data portability; data protection impact assessments; and certification.… Continue Reading

European Data Protection Supervisor Opinion on the Privacy Shield

On May 30, the European Data Protection Supervisor (the “EDPS”) issued an opinion on the Privacy Shield, see opinion here and press release here.  The EDPS acknowledged that the European Commission’s draft adequacy decision on the Privacy Shield is a step in the right direction and shows a number of improvements compared to the EU-U.S. … Continue Reading

European Parliament Passes Resolution on the Privacy Shield

This morning (May 26, 2016) the European Parliament (“EP”) approved a non-binding resolution on the proposed EU – U.S. Privacy Shield (see resolution here and press release here).  The resolution is far more positive in relation to the Privacy Shield than some of the proposals floated by some political groups earlier this week (see, for instance, the resolution proposed … Continue Reading

EU Passes Sweeping New Privacy and Data Security Laws

As forecast in our latest blog on the topic (available here), the European Parliament today voted into law a new General Data Protection Regulation (“GDPR”) that will replace the EU’s all-encompassing Data Protection Directive as of mid-2018. Today’s vote brings to a close a legislative process that has lasted nearly five years; the law’s official publication, which should be … Continue Reading

European Commission Launches Consultation on Reform of the ePrivacy Directive

By Ezra Steinhardt and Vera Coughlan Following the expected approval of the final text of the General Data Protection Regulation (“GDPR”) in the European Parliament this week, the Commission is now turning its attention towards the ePrivacy Directive. On Monday (April 11, 2016), the Commission launched a public consultation to review and propose changes to the … Continue Reading

EU Poised to Formally Adopt New Data Protection Laws; Amended Texts Published

By Phil Bradley-Schmieg and Vera Coughlan.  This post has been updated to include links to the final texts and comparisons with preceding drafts. After three months of legal-linguistic checks and translations, the EU is poised to formally adopt the new EU General Data Protection Regulation (GDPR) and its sister law, the EU Policing and Criminal Justice … Continue Reading

Germany Extends Right of Qualified Consumer Associations to Challenge Privacy Violations

By Monika Kuschewsky Today, a German law to strengthen the private enforcement of certain data protection provisions that aim to protect consumers (the Law) entered in to force, following its publication in the Official Journal yesterday. We previously reported on the draft law here. The Law empowers certain qualified associations to seek injunctive relief against companies … Continue Reading

The New EU Data Protection Law: Key Elements for Business

The General Data Protection Regulation (GDPR) (see the latest text here), which was approved at the political level last week, heralds a new era of data protection in the EU and beyond.  The GDPR imposes numerous new obligations on companies both within and outside the EU, strengthens the rights of individuals and foresees stiff penalties … Continue Reading

LIBE Committee Votes in Favor of the GDPR

By Vera Coughlan and Monika Kuschewsky This morning, the European Parliament’s Civil Liberties, Justice and Home Affairs committee (“LIBE”) formally adopted the result of the negotiations on the EU’s General Data Protection Regulation (“GDPR”).  The text of GDPR was the outcome of trilogue negotiations between the European Parliament and Council and the Commission, which concluded … Continue Reading

Political Agreement on the EU General Data Protection Regulation – Start of a New EU Privacy Era?

By Monika Kuschewsky, Charlotte Ryckman and Vera Coughlan Today, the EU institutions reached the long-awaited political agreement on the General Data Protection Regulation (GDPR), which will fundamentally change the EU privacy landscape (for the Commission press release see here and the European Parliament press release here).  Almost four years after the publication of the legislative … Continue Reading

Progress on EU GDPR Reform: International Aspects Debated

A second round of “trilogue” negotiation on the EU General Data Protection Regulation (GDPR), on July 14th, has addressed the law’s territorial scope and rules relating to international data transfers (Articles 3 and Chapter 5, respectively). Although no agreed text has been released, public comments made by Jan Philipp Albrecht, the European Parliament’s lead negotiator … Continue Reading

EU General Data Protection Regulation – First day of ‘trilogue’ discussions

By Monika Kuschewsky and Vera Coughlan Today, the first meeting between the European Parliament (“EP”), the Council and the Commission (called “trilogue”) took place with the aim of reaching an agreement on the General Data Protection Regulation (“GDPR”) by the end of the year.  (For background, please see our previous InsidePrivacy post on the Council’s recently … Continue Reading

Council Agrees Common Approach on EU General Data Protection Regulation – Negotiations With Parliament and Commission on Final Text To Begin Imminently

In today’s Justice and Home Affairs (“JHA”) Council meeting (see here), the Council of Ministers of the EU agreed the Council’s long-awaited common approach on a revised text of the proposed General Data Protection Regulation (“GDPR”). The Presidency of the Council of the EU had published a compromise text for approval by the JHA Council … Continue Reading

The UK’s Data Protection Regulator to Introduce “Privacy Seals” for Businesses

By Fredericka Argent The UK’s Information Commissioner’s Office (ICO) has announced that it is looking to introduce a system of “privacy seals” for organizations doing business in the UK.  The seal is intended to be a consumer-facing stamp of approval demonstrating that a particular organization is meeting or surpassing the compliance requirements of the UK’s Data Protection … Continue Reading

Belgian Government Calls for EU Data Protection Authority

On Wednesday, January 28, 2015, better known as “Data Protection Day,” the Belgian Under-Secretary for Data Protection Bart Tommelein called for the creation of an EU Data Protection Authority.  He intends to present this position of the Belgian Government to the informal meeting of Ministers of Justice and of the Interior in Riga (Latvia).  The … Continue Reading

EU Confirms New Heads of the European Commission – But Who Will Drive Data Protection Reforms?

 By Philippe Bradley-Schmieg  The European Parliament voted yesterday (October 22, 2014) to approve the President of the European Commission’s selections for his team of European Commissioners. Jean-Claude Juncker’s picks received strong endorsement from MEPs, with 423 in favour, 209 against, and 67 abstentions.  Even so, he was forced to amend his proposal ahead of the … Continue Reading
LexBlog