To mark International Data Protection Day 2016 we would like to share with you some exciting new projects we have been working on to help you and your organisation prepare for what is expected to be an interesting year for data protection, privacy and security. Everything you need to know about the EU Data Protection …
A survey commissioned by the ICO has shown that nearly 80% of people would think twice about or definitely not use services offered by an entity who had been subject to a data breach. The survey was commissioned for European Data Protection Day tomorrow (28th Jan) and for the Information Commissioner’s talk at the Advertising …
UK: ICO warns of reputational risks from a data breach Read More »
As we anticipated earlier in 2015 (in our earlier article), there is an increasing move towards transparency in Government contracts. We had the Transparency Agenda, driving out cost information and the publication of contracts on a central portal. We now have a draft bill being deliberated in Parliament which would extend the application of the …
UK: Freedom of Information – bill debate re extension to Government contractors Read More »
As we enter this last week of January, attention is focusing once again on whether EU and US representatives will be able to agree a “Safe Harbor 2” data transfer regime to provide a replacement for the original struck down last year. We understand that a key piece of the US compliance regime (the Judicial …
ONLINE SHOPS, BEWARE! NEW OBLIGATION TO ADD A HYPERLINK ON YOUR WEBSITES TO THE EUROPEAN ONLINE DISPUTE RESOLUTION PLATFORM. Since 9 January 2016, a European Online Dispute Resolution (“ODR”) Platform has been put in place by the European Commission. The Platform is intended to be used by online shops and consumers for settling their …
EUROPE: website compliance, email marketing and website terms Read More »
On 6 November 2015, the European Commission issued guidance in the form of a Communication on the transfer of personal data from the EU to the US following the Schrems Judgment at the beginning of October (for information on the Judgment, see DLA Piper’s Privacy Matters blog post). The following points are stressed in the Communication: Alternative bases …
Nineteen renowned privacy experts from the US and the EU, amongst them DLA Piper’s Patrick Van Eecke, have developed ten practical proposals to increase the transatlantic level of protection of personal data. Most proposals can be implemented within existing different legal systems and are applicable worldwide. It concerns pragmatic bridges that benefit people, companies, governments and supervisory authorities. …
EUROPE – UNITED STATES: 10 practical proposals for bridging the US-EU data privacy ocean Read More »
On October 6th, in a ground-breaking Decision, the Court of Justice of the European Union (CJEU) declared the US Safe Harbor scheme to be invalid, as well as confirming that individuals have the right to challenge any similar schemes that may be established by the European Commission through their national data protection authorities. The US Safe Harbor …
Ground-breaking European Court Decision – US Safe Harbor declared invalid Read More »
By Jan Pohle In an earlier post, my colleagues reported on the Safe Harbor case currently being dealt with at the European Court of Justice. For the time being the Safe Harbor certification basically justified a data transfer from Germany to the United States. Nevertheless since 2013 the Safe Harbor Agreement became subject to decreasing …
Germany: Impact of Safe Harbor case on German data transfers? Read More »
By Patrick Van Eecke & Loretta Marschall Today an important statement was issued endangering the free flow of personal data from the European Union to the United States. Advocate General Bot issued his opinion to the Court of Justice of the European Union (CJEU) in the Facebook case on whether or not a national supervisory …
Getting foggy in the Safe Harbor – Privacy agreement between EU and US at stake? Read More »
Written by Tara McGraw Swaminatha and Christopher Scott Companies around the world are seeing the resurgence of an old scam: wire transfer phishing attacks that trick employees into wiring money from company bank accounts to criminals’ bank accounts. Over the past several months, many companies have lost millions of dollars to such relatively simple attacks. …
Wire transfer phishing − an old scam returns: simple steps to protect your organization Read More »
By Giulio Coraggio Digital health has massive potentials, but its implementation requires to comply with standards that are now even more stringent after the issue of new guidelines by the Italian privacy authority. Digital health has the goal of combining health with wealth in terms of cost saving for the State through electronic systems able …
The cyber-attack suffered by Hacking Team revealed unexpected vulnerabilities of systems with considerable consequences for businesses whose cyber risk strategy shall be reassessed. The press extensively covered during the last days the case concerning the cyber attack suffered by the Hacking Team, a government-sponsored provider of device monitoring solutions. Following the attack, over 1 million emails …
Hacking Team case – is your cyber risk strategy enough? Read More »
The Federal Trade Commission (“FTC”) has launched a new initiative, dubbed “Start with Security,” which is focused on assisting businesses in developing greater security to protect consumers’ personal information. To kick off the initiative, the FTC issued Protecting Personal Information: A Guide for Business, which is based on the lessons learned from the approximately fifty (50) data …
By Patrick van Eecke and Mathieu Le Boudec A recent survey commissioned by the European Commission reveals that data protection remains an important concern for EU citizens. Key findings of the survey are that: Control over personal data More than eight out of ten respondents feel that they do not have complete control over their …
Written by Scott Thiel On 1 July, 2015, the Standing Committee of the National People’s Congress, China’s top legislature, approved the new National Security Law of the People’s Republic of China (中华人民共和国国家安全法, the “New Law”) which became effective on the same day. This New Law is very high-level in its nature covering a wide range …
Written by Carol Umhoefer Between May 12 and May 15, 2015, as part of the annual Internet Sweep Days, nearly 30 Data Protection Authorities (“DPAs”) audited child-oriented websites and mobile apps to check compliance with data privacy rules. Results are expected in Q3 2015. The Global Privacy Enforcement Network (“GPEN”), which brings together numerous countries’ …
Written by Tara Swaminatha and Sydney White, et al. The new sanctions in President Barack Obama’s Executive Order 13694 of April 1, 2015, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” target individuals and organizations overseas who engage in cyberattacks or commercial espionage outside the US that are likely to result in a …
New US sanctions program to combat cybercrimes – 3 action steps for tech companies Read More »
By DLA Piper This week the FTC Bureau of Consumer Protection announced a new office to bolster the technological expertise of the Bureau and the FTC regional offices handling law enforcement investigations. The Office of Technology Research and Investigation (OTRI) replaces the Mobile Technology Unit (MTU) and will take on new technology in addition to …
FTC Announces Office of Technology Research and Investigation Read More »
By Patrick Van Eecke and Julie De Bruyn Today the Schrems v. Irish Data Protection Commission case was brought before the Court of Justice of the European Union (‘CJEU’) for an oral hearing, following referral by the Irish High Court. While the final ruling by the CJEU is to be awaited until June 24, it …
EUROPE: EU-US data flows at risk? European Court of Justice today heard Facebook case Read More »
